Rollout of controversial healthcare data scheme postponed amid privacy concerns

Australia’s Senate has passed a motion to give people more time to opt out of the controversial My Health Record scheme, which was originally due to come into effect tomorrow.

From November 15, the Australian Digital Health Agency (ADHA) was due to start compiling electronic summaries of residents’ healthcare information, unless they chose to opt out.

Around 17 million people were expected to be automatically enrolled.

The My Health Record scheme aims to make it easier for doctors to access their patients’ information online, but detractors have previously highlighted a myriad of privacy issues – leading to reports that ADHA president Nicole Hunt resigned because her concerns weren’t being addressed.

11th-hour extension

Earlier today, Australian Health Minister Greg Hunt confirmed that the government would extend the opt-out period for the scheme until January 31, 2019.

Hunt’s comments came as reports emerged that the My Health Record website was down for the second time this month, meaning Australians could not successfully opt out of the scheme.

The Labour government has been pushing to extend the opt-out period for 12 months.

Among those voicing their concerns was the Australian Rail Tram and Bus Industry Union (RTBU), which said it was worried that the system would make it easier for employers, as they have in the past, to demand access to health records.

In a wholehearted rebuttal of the scheme, the RTBU said: “Operators seeking to cut legal entitlements to sick leave may discriminate against prospective workers with prior or chronic health conditions that are not relevant to the role being applied for.

“Our primary concern is that under the My Health Record scheme, workers may be vulnerable to incremental and intrusive requests by employers seeking access to such personal information.”

Mental health charities have also warned that the system could lead to increased discrimination, while the possibility of family members or abusive individuals being given access health records is also a concern.

Irene Gallagher, CEO of campaign group Being, commented: “My Health Record makes it too easy for potential abusers to access health records, or even change them, if the person is deemed to ‘lack capacity’.”

Added to this uneasiness is the fact that these records could potentially be accessed by any number of healthcare professionals.

“This means you won’t be able to tell who has seen your personal information,” said privacy lawyer Travis Schultz.

“For example, you could have a podiatrist or a physiotherapist viewing sensitive information about your mental or sexual health.”

And on top of privacy issues, there are also questions over the security of the system, particularly as it is centralised, deeming it a huge incentive for hackers.

“To my knowledge, there is currently no public disclosure of the precise security controls and technologies deployed for My Health Record, nor have audits been published or even their summaries,” Ralph Holz, an expert in cybersecurity from the University of Sydney, tells The Daily Swig.

“I’d be interested to see how risk is allocated and liability concerns addressed. What is the public’s redress if this system is breached, indeed?”

The Senate is now due to discuss a number of changes, including steeper penalties for misuse of the system and greater privacy protections.

Abusive former partners would be banned from accessing the data, giving better protection to victims of domestic abuse.

There would also be a ban on sharing data with employers, however, these amendments won’t be considered until November 26.