What we and others think of My Health Record

__________________________________________________________________________________________

Latest:

Media Release 9 November 2018
The opt-out period should be extended and My Health Record properly evaluated

————————————————————————————————————

The Senate Inquiry

The Senate inquiry has issued its report

Senate Report, issued on 18 October 2018

The Recommendations from the Senate Inquiry:

Recommendation 1

The committee recommends that record access codes should be applied to each My Health Record as a default and that individuals should be required to choose to remove the code. The committee further recommends that the ability to override access codes in the case of an emergency should only be available to registered healthcare providers for use in extraordinary and urgent situations.

Recommendation 2

The committee recommends that the Australian Government amend the My Health Records Act 2012 to protect the privacy of children aged 14 to 17 years unless they expressly request that a parent be a nominated representative.

Recommendation 3

The committee recommends that the Minister for Health amend the My Health Record Rule 2016 to extend the period for which a My Health Record can be suspended in the case of serious risk to the healthcare recipient, such as in a domestic violence incident.

Recommendation 4

The committee recommends that data which is likely to be identifiable from an individual’s My Health Record not be made available for secondary use without the individual’s explicit consent.

Recommendation 5

The committee recommends that the current prohibition on secondary access to My Health Record data for commercial purposes be strengthened to ensure that My Health Record data cannot be used for commercial purposes.

Recommendation 6

The committee recommends that no third-party access to an individual’s My Health Record be permissible, without the explicit permission of the patient, except to maintain accurate contact information.

Recommendation 7

The committee recommends that the Australian Government amend the My Health Records Act 2012 and the Healthcare Identifiers Act 2010 to ensure that it is clear that an individual’s My Health Record cannot be accessed for employment or insurance purposes.

Recommendation 8

The committee recommends that access to My Health Records for the purposes of data matching between government departments be explicitly limited only to a person’s name, address, date of birth and contact information, and that no other information contained in a person’s My Health Record be made available.

Recommendation 9

The committee recommends that the legislation be amended to make explicit that a request for record deletion is to be interpreted as a right to be unlisted, and as such, that every record is protected from third-party access even after it is deleted, and that no cached or back-up version of a record can be accessed after a patient has requested its destruction.

Recommendation 10

The committee recommends that the Australian Digital Health Agency revise its media strategy to provide more targeted comprehensive education about My Health Record.

Recommendation 11

The committee recommends that the Australian Digital Health Agency identify, engage with and provide additional support to vulnerable groups to ensure that they have the means to decide whether to opt out, whether to adjust the access controls within their My Health Record and how to do this.

Recommendation 12

The committee recommends that the Australian Government commit additional funding for a broad-based education campaign regarding My Health Record, with particular regard to communicating with vulnerable and hard to reach communities.

Recommendation 13

The committee recommends that the Australian Government extend the opt-out period for the My Health Record system for a further twelve months.

Recommendation 14

The committee recommends that the My Health Record system’s operator, or operators, report regularly and comprehensively to Parliament on the management of the My Health Record system.

Comments on the Recommendations:

This is the first and only independent review of the My Health Record system. It has attracted a wide range of opinions, views and concerns.

Much of the report is political and has been phrased in a particular manner and sometimes it is necessary to read between the lines or look behind what has been said.

Recommendation #1 says that access to a patient’s health records is far too easy and that the default should be no access. Considering the aim of the systems was to make access to health data much easier, this is a damming criticism of the whole system.

It was observed by some before the report came out that making access codes the default would return the system to opt-in. In fact it goes far beyond that – it says that patients should have to actively decide who sees their data. This probably makes the system totally unworkable. It could well be that the committee is aware of this and that it is a politically acceptable way of saying – scrap the system.

Many of the other recommendations also concern issues around access.

Recommendations 10 through 12 are a savage criticism of the ADHA and its pathetic media strategy.

Minister Hunt’s immediate rejection of recommendation 13 “We will not be extending it further as it would not be appropriate to delay the benefits to patients” is completely in line with the government’s one sided view of the system. They can only see benefits (which have never been justified) and take no account of the costs and risks, many of which have been detailed in the Senate report.

The unintended consequences of the move to opt-out is that it has highlighted the flaws and risks in the system.

The Senate Inquiry (written prior to the report being issued)

The Senate is conducting an Inquiry into the My Health Record system. The APF has lodged a submission that has been accepted and which is available here:

Senate Inquiry Submissions

Links to coverage of the Inquiry are below.

The most worrying aspect of the Inquiry and the many postings on Social Media promoting the scheme, is the naive assumption that My Health Record is a comprehensive patient health record. It isn’t, it is a summary system and requires significant cost and effort by patients and their doctors to create and keep accurate and up-to-date.

It is also not an implementation of the original design which incorporated a network of health data repositories somewhat like the APF, Professor Phepls (ex president AMA) and Grahame Grieve are all recommending at the Inquiry. As Grahame says in the HealthIntersections submission
“The design of the system and the standards it is based on were state of the art in 2007. Although a more distributed design was initially planned, it is now, unfortunately, a centralised national database of static summary documents. This was an inevitable consequence of the technical standards used at the time, but now constrains the use, extensibility and therefore the value of the system.”
and
“Grieve also claims Australia is “clearly lagging behind other countries” that are prototyping innovative digital approaches to solve healthcare problems, and also risks stifling innovation here through the focus on its centralised data repository.

Successive governments have had a strong focus on building towards the success of the MyHR. The result of this is that all other health IT projects are forced into the strait jacket of the centralised document store with its limited consent model, or they are de-prioritised and/or unfunded by DOH or ADHA.

The industry expects that this narrow focus will become more intense after DOH makes another round of investment in the system (re-platforming).

An ongoing focus on a centralised document store with inflexible consent arrangements will ensure that the political controversy continues. Suppressing other options will continue to raise suspicions that the government is seeking to gather and use people’s healthcare data and/or restrict innovation in healthcare.”

We are not alone in our view that the My Health Record is seriously lacking in its benefits to patients and health care providers

————————————————————————————————————

Comments and Information on My Health Record

The Australian Privacy Foundation recognises that electronic records, carefully designed and implemented to support clinicians, can assist with health care.

These record systems need to enable health professionals to make better decisions, be intuitive to use, be adaptable and in no way make their jobs harder than they are already.

They should also make the lives of Australians better and safer, not increase the risk of harm, even suicide. A recent claim by Dr Bob Walker, a practicing GP, seriously suggests that by going to opt-out, My Health Record could have a negative impact on the health and well being of young Australians.

For the past ten years he has been running student clinics in his local Y11/Y12 State Co-Ed College in Tasmania. They have been highly successful by providing non judgmental, evidence based advice in strictly confidential surroundings.

The clinics are easy access/drop in and all students are bulk billed. The local path lab provide bulk billed tests and he records and prescribes using practice software. In this time they have clearly dropped the pregnancy rate, significantly limited the spread of sexually transmitted diseases and done a lot of good mental health work. Not one of the students who have engaged with the clinic in this time have taken their lives.

However, Dr Bob says the arrival of My Health Record is a total disaster as his clinics will be a lot harder to run. After a lot of soul searching he plans to close the clinics on 15 November – a very backward step for youth health. Read the full story here [8] and these reports [51] [109] [126]

There are two major problems with My Health Record that are insurmountable i.e. the basic design is flawed. The first is that it is government owned, the second is that governments of the future can change the laws regarding the use of My Health Record Data. See our media release [6]. This is a good article that describes these risks [46]

Unfortunately, simplistic IT solutions that gather large amounts of raw, un-managed patient data, which can be matched with other data sources, which are onerous to use, and which are easily accessible over the internet, potentially by hackers, can create far more insidious problems than they solve. In our opinion the My Health Record falls into all these categories.

It is also worth noting that My Health Record is a summary system, is not a real health record like the ones your GP and hospital might hold. It is like comparing a bicycle with a 4+4 SUV. Both will get you to the local shops and back for a paper, but the SUV does far more.

Furthermore, the gung-ho attitude of technology specialists and the politically driven decision to make the My Health Record opt-out means that patient trust, patient choice and patient care are being put at major risk.

The risks to your privacy, confidentiality and information security need to be balanced by the value of your health records to you and your health care providers. In our assessment, because it is not really your health record but a less-reliable copy, the My Health Record has little value for either your clinicians or you as a patient: you both need the real thing. This means the risks to you may be high enough to question whether My Health Record is worth it.

In an article in the Guardian, [21] Julia Powles currently visiting UWA Law School says “legal authority does not necessarily command social legitimacy,” as explained in a superb analysis in the Journal of Medical Ethics. “A parliamentary majority may allow legislation to be passed,” the authors state, “but that does not equate to a societal seal of approval or to securing the trust and confidence of patients, citizens, healthcare professionals and researchers.” In other words, the government has not earned the right or trust to implement such a privacy invasive system.

Most clinicians already use an electronic medical record system. These can be improved by better communication between existing systems, not by introducing another, less useful, less secure copy in a system that has some of the hallmarks of a scheme designed for surveillance and less-controlled disclosure, rather than your healthcare.

It is not generally known but the government has several mechanisms by which they they pay GPs to upload your health data. In other words, GPs are selling your health data to the government. They do this at the expense of time available to attend to your needs you during consultations.  Just watch your GP next time you see them and observe how much time they spend with their eyes on their computer screen and not you. Do you feel like a patient or a product being sold?

There are many other things the government is not being open and transparent about. If you look at their advertising material or the government’s website myhealthrecord.gov.au there are many claims about the alleged benefits of having a My Health Record. What you won’t find is anything about the costs and risks.

Neither will you see anything that tells you that you are responsible for your My Health Record – nobody else is. It is up to you to ensure that it is accurate, up-to-date and fit for purpose – i.e. it does what you want it to do. If you are not comfortable taking on this responsibility, or are not able because of a lack of internet access or skills and doing it for the rest of your life. Then you would be well advised to seriously consider opting-out.

Recommendations to the government regarding a move to opt-out

The government engaged Minter Ellison to develop a Privacy Impact Assessment Report on the proposed Opt-out Model. [102] The first recommendation was:

“ensuring that individuals are made aware (through communications and collection notices) how their personal information will be handled and by whom, and how to opt-out or adjust privacy control settings, so they can make informed decisions in relation to the management of their privacy;”

Reading this and the detailed recommendations in the PIA report, it is obvious that the government has totally ignored this advice and neglected t conduct an exhaustive campaign to inform all Australians of the move to opt-out.

One can only ask Why? Did they really think the Australian people would not notice that their privacy was being attacked?

How to opt-out of My Health Record.

Go to this website and follow the instructions

You will need:

Your Medicare card or a Department of Veterans’ Affairs (DVA) card; and

One of the following forms of current Australian identification:

  • your Driver licence, or
  • your Passport, or
  • your ImmiCard

If you don’t have these, but still want to stop a My Health Record from being automatically created, you can call the Help line on 1800 723 471.

Why you might consider opting out:

The government is giving every impression of only being interested in getting its registration numbers up so it can claim it is a success. It is not concerned with the My Health Record being useful or being given to people who should really think carefully before allowing their details to be included.

Nowhere does it discuss reasons why you may be better off not having one, or at least why you should think about not having one.

Here are some reason why you should think twice about becoming involved:

  1. You do not feel comfortable, or are not able to, take responsibility for ensuring your My Health Record is accurate, up-to-date and fit for purpose;
  2. If you have a medical condition that can lead to discrimination (STI, AIDS, Depression / Mental Illness, Diabetes etc);
  3. Where you wish to keep your contact details confidential.This might be from someone who might do you harm if they know where you live. e.g. an abusive partner, someone subject to an AVO etc.It could also be because of your employment – a policeman/woman a government official etc;
  4. If you have, or have had, a medical condition that could cause embarrassment;
  5. If you are being treated for an addiction that might cause law enforcement agencies to investigate you.
  6. If you are a public figure and do not want your health and/or personal details made available;
  7. If there is a risk that an insurance company may wish to obtain your complete medical history;
  8. Where you feel you cannot properly manage your health record because of age, ability or economic circumstances; and
  9. If you believe that the government may link your health data, your census data and/or your telecommunication meta data.

The Flight Safety Group of VIPA, representing pilots from the Virgin Group (Virgin Australia Airlines, Tiger Airways and Virgin Australia Regional Airlines) has “issued a warning to all pilots to not participate in the My Health Record” [11]

Hepatitis NSW say [12]:

Some people may find their My Health Record places them at risk of stigma and discrimination or may cause safety issues.

You may wish to carefully consider whether you want your health records held or shared if you:

  • have a criminal record or are affected by the criminal justice system
  • use or have used drugs
  • live with a lifelong transmissible condition such as HIV or hepatitis B
  • have or had hepatitis C
  • are not on treatment after it was recommended
  • are sexually active and test regularly for STIs
  • are or have been a sex worker
  • are transgender or intersex
  • are bisexual, lesbian or gay
  • have lived with mental health issues
  • have been pregnant or terminated a pregnancy
  • are a health care worker.

Alternatives to Opting Out

Pseudonym

The government is not going out of its way to publicise this but it is available. You have to get a pseudonym IHI (Individual Health Identifier) from the Department of Human Service.

It is possible to have two My Health Records, one in your name and one with using a pseudonym.

Details are available on the government’s website. This is a link to the form you need to fill in

Control what is in the record

Register yourself for a My Health Record (or wait until you have been registered), go and see your GP and between you arrange to empty out the record of all except the data you want to remain visible.

You might want a simple Health Summary with basic but minimal information. That way you wouldn’t draw attention to yourself as wanting to opt-out and you would know what might go to the various bodies entitled to see data from your record.

Create and Carry your own Health Record

Why rely on government run technology with its dangerous privacy risks? All you have to do is write your own, or get your GP to do it for you.

For your GP to do it is probably no more effort than it would be to upload it to My Health Record, except it would have the added advantages of being highly focussed, it wouldn’t have all the extraneous data that clutters up the government’s database and there would be no risk of other documents being included to confuse  health specialists who need to assimilate the data quickly.

It would also mean that, unlike My Health Record, you do actually have full access control. If you are concerned that some information is private, you can have different documents for different purposes.

You can carry a printed copy; put it on a memory stick along with a password; include details of how to get hold of the password in an emergency and hang the memory stick around your neck; if you are into high tech, you can encrypt it and put it in a cloud somewhere; your family and/or partner can have a copy.

There is no need for the nanny state to be involved at all in collecting and making use of your health data.

Security

Not everyone believes the government’s claims regarding the security of My Health Record.

Media reports have the (Health) minister (Greg Hunt) assuring Australians that the national online health records database features “military-grade security”, but there’s no such thing as “military-grade security” [36]

Whatever the term might mean, it surely can’t take into account several aspects of My Health Record. Would the military countenance millions of potentially insecure end points? Who says every doctor observes good security practices? Or that all hospitals have state-of-the-art antivirus software? Or that Jane Public knows how to keep log-in credentials safe?

“Nigel Phair, Director of the UNSW’s Canberra Cyber told nine.com.au while the site itself might have the latest security, it’s the people using it who could be the problem.”

“The real issues come around things like, I go to my GP and there might be two receptionists and five or six doctors. The front desk isn’t always occupied – there might be a post-it note on the screen with log in details which I can look at,” he said.

“Hospitals is the next thing, particularly when you start looking a mobile devices, and lastly phishing where criminals spoof the website and get people to divulge their username and passwords.

“There’s nothing more sensitive in life than your health records.”

“You don’t want them falling into criminals’ hands but you also don’t want them to fall into the hands of insurance companies.” [6]

“The best security is to prevent it from accumulating information on you in the first place. Then there’s none to steal or to misuse. Opting out of My Health Record is the only sensible option.” [7] (Bernard Keene, Crikey)

Privacy

Controls

These are dubious at best. They are hard to set, especially if you are not familiar with technology. You can only put privacy controls on a document once it has been uploaded, so there may well be a gap between the document being uploaded and you discovering it and putting controls on it.

The controls cannot be applied to all documents. If your GP has uploaded a Shared Health Summary or you’ve filled in a Personal Health Summary, you cannot limit access to them. The government hides this gem in the Privacy Policy of its website

As soon as your data is downloaded to other systems, any privacy controls you may have set in My Health Record are no longer  in force.

Access by the Government

And then there is the government’s access to your health data: “there are a wide range of circumstances in which any privacy controls you set can be overridden without your consent, meaning that data can be disclosed without your knowledge. These include making information available to third parties for purposes that are unrelated to healthcare — such as law enforcement.”[8]

Information shared without your consent

The move to opt-out has meant that the government no longer has to get your informed consent to register you and to acquire and share your health data.

“(Consumers of Mental Health WA) has found My Health Record may not benefit everyone equally. There are a number of unresolved issues that raise concerns for people’s rights and may cause unintended consequences including people’s information being shared without their knowledge and consent.” [9]

The legal basis of My Health Record

It may be surprising to some that, in Australia at least, there is no fundamental right to privacy. There are laws that protect aspects of your confidential information, including the Privacy Act 1988 (Cth) and associated Privacy Principles, that impose sanctions on those who fail to properly deal with private data. Common law remedies also exist in theory, however there is no readily accessible statutory cause of action that allows a privacy breach victim to claim their emotional distress and other damages. This gap in our law was the subject of a 2014 Australian Law Reform Commission Report, to which the Australian government has never formally responded.

Instead, since late February 2018 we now have a mandatory requirement for various entities including government and larger businesses, to report breaches of privacy. If your data is compromised (accessed by those who are not authorised), you must be notified and suggestions offered on ways to mitigate any impact. If your credit card details are leaked, for example, a suggestion might be to cancel those cards to prevent unauthorised use.

Under this new law, you will know exactly when your privacy was compromised. Cold comfort perhaps, however the intent is that a process of reporting will ultimately lead to better protections.

Of course, not all private information is the same. It is hard to imagine what should be done to mitigate the impact of a breach of personal medical information. Once disclosed, such information cannot simply be cancelled – it remains true, sensitive and open to abuse no matter what is done in response.

One thing is clear: the law is not able to physically protect your private information. It can only respond to breaches that have already occurred. Allowing your private information to exist outside of your direct personal control then becomes a question of risk versus benefit.”

For more information about the legal issues of My Health Record see here: The law and My Health Record


Links to resources that you may use to decide if you wish to opt-out

The government is only giving you one side of My Health Record – what they think the benefits are. Have a look at what they tell you about the costs, risks and potential disadvantages to minority communities in Australia. Can you find anything? No. There isn’t anything.

To help you make an informed choice, here is more information to balance out the government’s spin.

Australian Privacy Foundation Material

  1. A summary of My Health Record APF
  2. For Sale – Your Privacy and Your Health Data APF Media Release
  3. The law and My Health Record APF
  4. The truth about My Health Record APF
  5. My Health Record: on a path to nowhere? APF
  6. My Health Record: information about your options Hepatitis NSW
  7. What patients want from Digital Health APF
  8. The biggest risk to My Health Record – the government  APF Media Release
  9. Privacy, Trust and My Health Record, or The Spy in The Consulting Room APF
  10. Could Opt-out My Health Record kill people? APF
  11. Senate Inquiry Submissions APF
  12. The opt-out period should be extended and My Health Record properly evaluated APF Media Release

Coverage of the Senate Inquiry

  1. Phelps warns of hidden landmines in MHR legislation , The Medical Republic
  2. My Health Record needs to be compared to fax-based reality: AMA Chris Duckett, ZDNet
  3. “Not fit for this purpose”: FHIR creator on My Health Record as the Senate inquiry gets underway Lynne Minion, HealthCareIT.com.au
  4. Paul Shetler at the MHR inquiry Denham Sadler, InnovationAus.com
  5. Almost a million opt out of My Health Record Jenny Noyes, SMH
  6. 900,000 Australians opt out of My Health Record Stilgherrian ZDNet
  7. My Health Record: 900,000 Australians have opted out of database, Senate inquiry told Ariel Bogle ABC News
  8. My Health Record: big pharma can apply to access data Ben Smee, The Guardian
  9. MHR caught in glare of Senate spotlight Julie Lambert, The Medical Republic
  10. My Health and privacy Ben Grubb, The Saturday Paper
  11. Labor vows to redraft My Health Record legislation Dana McCauley, SMH
  12. Senate Inquiry into My Health Record Julia Arena, Andersons Solicitors

Comments on the Report from the Senate Inquiry

  1. Major changes to My Health Record laws needed to safeguard Australians, Senate inquiry finds Dana McCauley, SMH
  2. Senate inquiry recommends locking down My Health Record by default Stilgherrian, ZDNet
  3. Senate MHR report echoes doctors’ concerns Julie Lambert, The Medical Republic
  4. Government Rejects Senate Inquiry Recommendation To Extend My Health Record Opt-Out Period By 12 Months  Joseph Brookes, Which-50
  5. Report recommends overhaul of My Health Record, but key changes not supported by Coalition Robert Merkel, The Conversation
  6. Opt-out to pass before MHR change Denham Sadler, InnovationAus
  7. Senate inquiry calls for My Health Record changes including default PIN codes and year-long opt out extension Lynne Minion< HealthcareIT
  8. Morrison government under pressure to rewrite My Health Record legislation Dana McCauley, SMH

Other Media

  1. My Health Record an ‘abuse of trust’ InnovationAus
  2. Privacy in digital health: Matters of trust in a scandal-plagued era HealthCareIT
  3. ‘You can’t undo that damage’: How safe is your health data? SMH
  4. Important Overview Of The Pros, Cons And Questions About My Health Record Croakey
  5. PLHIV & My Health Record Positive Life NSW (an HIV support group) 
  6. Cyber security experts warn patients over online medical record plan for all Aussies 9news
  7. My Health Record could be our worst government data breach yet Crikey
  8. My Health Record National Association of People with HIV Australia
  9. Message from the CEO of Consumers of Mental Health WA COMHWA
  10. My Health Record Information Brief for Sex Workers Scarlet Alliance
  11. Virgin Australia Pilot’s Unions Concerned Over Data Breach medianet
  12. The security controls behind My Health Record Justin Hendry, iTNews
  13. If in doubt, opt OUT. My Health Record warning issued by leading mental health peak bodies
  14. The latest health data breach is one reason why I’ll be opting out of MyHealthRecord
  15. Union may urge e-health system withdrawal SBS
  16. Why I’m opting out of the government’s digital health record and you should too SMH
  17. My Health Record – Opting out  counterAct
  18. Top 10 most awkward questions about the MHR Medical Republic
  19. My Health Record opt-out debate is getting silly but government is at fault
  20. There is no social licence for My Health Record. Australians should reject it The Guardian
  21. ‘Once You’re On The System, You’re On There For Good’: My Health Record 101 an LGBTI on-line publication
  22. An Attempt At Nuance Regarding MyHealthRecord Justin Warren’s blog
  23. A digest of Trent Yarwood’s Twitter activity and articles (some overlap with links, above)
  24. ‘Errors and incompetence’: Australians split over government’s opt-out digital health records
  25. Why I am opting out of MyHealthRecord – for now. Kangaroo Island doctor blogging about Rural Medicine in Australia
  26. People Keep Finding They Have Online Health Records They Never Signed Up For BuzzFeed News
  27. My Health Record ‘identical’ to failed UK scheme, privacy expert says The Guardian
  28. ‘Zero confidence’: Labor MP in push for opt-in digital health records SMH
  29. Opt out of the national My Health Record database or face the consequences. Greg Barnes (Lawyer) The Mercury
  30. As a doctor, here’s why My Health Record worries me Dr Kerryn Phelps, ex president AMA
  31. Liberal Tim Wilson opts out of My Health Record and says it should be opt-in The Guardian
  32. The My Health Record story no politician should miss ZDNet
  33. My Health Record bombed by Singapore hack Medical Republic
  34. When nudge comes to shove: making e-health opt-out was always a risky venture The Manderin
  35. Why My Health Record can’t have ‘military-grade’ security Australian Financial Review
  36. MHR legislation contradicts agency InnovationAus
  37. Blind and low vision community neglected in My Health Record opt-out process Vision Australia
  38. ‘Significant privacy concerns’ over myHealth Record system  Parliamentary joint committee on human rights (2015)
  39. Australian Women’s Abortion Data At Risk Whimn
  40. ‘Serious’ risks of domestic violence in new online health system Brisbane Times
  41. Turnbull Government misinformation on My Health Record data. Independent Australia
  42. Privacy concerns on My Health Record need to be addressed. The Manderin
  43. Shetler: How to fix the MHR InnovationAus
  44. What could a My Health Record data breach look like? The Conversation
  45. My Health Record: it’s worse than you think Liberty Works
  46. My Health Record: Greg Hunt’s warrant claims contradicted by police union The Guardian
  47. GPs and social service providers demand My Health Record protections The Guardian
  48. My Health Record needs privacy improvements to restore public confidence: Human Rights Commissioner, Edward Santow
  49. My Health Record – Do the Risks Outweigh the Advantages? Matthew Setter. Security Researcher
  50. Freezing out the folks: default My Health Record settings don’t protect teens’ privacy The Conversation
  51. My Health Record – An Ethical Quagmire The Philososphere blog. Carley Tonoli
  52. My Health Record – More time, better information Inclusion Australia. The voice of those with an intellectual disability.
  53. The Data Sharing and Release Act is coming for your data Rosie Williams, investigative/data journalist
  54. To stay in or to opt out? That is the question! Grey Nomads
  55. A surgeon’s very real concerns about My Health Record Women’s Agenda
  56. My Health Record: former privacy head warned of dangers six years ago The Guardian
  57. Poor patching, lack of guidance leaving Australian healthcare data exposed CSO Magazine
  58. Canberra still in denial over My Health Record concerns ZDNet (Stilgherrian)
  59. Patients trust their secrets to doctors, not the government or the tax office The Guardian
  60. Majority of doctors say they won’t use My Health Record for their own care: survey Australian Doctor
  61. Don’t fall for My Health Record data binge Eureka Street
  62. Health Minister backs down on My Health Record SMH
  63. My Health Record a new battleground in family disputes SMH
  64. My Health Record: Deleting personal information from databases is harder than it sounds The Conversation
  65. E-health records opt out period extended news.com.au
  66. My Health concessions ‘woefully inadequate’, says former AMA president Kerryn Phelps. SMH
  67. The My Health Record debacle and the need for trust in communications Mumbrella
  68. Thriving on Dark Web: The My Health Record and Data Insecurity Dr Binoy Kampmark
  69. Alarming new My Health Record privacy flaw Daily Telegraph
  70. Doctor-patient privilege dies with My Health Record News Weekly
  71. My Health Record: Canberra is still missing the point ZDNet (Stilgherrian)
  72. Chronic care patients forced to have My Health Records to access government’s Health Care Homes program HealthcareIT
  73. The positives and perils of My Health Record The Saturday Paper
  74. My Health Record can store genomic data but critics say it’s not ready SMH
  75. We need new ways to protect people in the digital era SMH
  76. My Health Privacy Changes ‘Just A Few Band-Aids’, More Needed Ten Daily
  77. Security fears are still too high, so I’m opting out of My Health Record Australian Financial Review
  78. ‘At Risk’ Australians Blocked From My Health Opt-Out Ten Daily
  79. The troubling implications of My Health’s genetic info plans SMH
  80. Turning your health data into a “wellness score” might not be good for you The Conversation
  81. My Health Record – a flawed initiative Information Technology Professionals Association
  82. MyHealthRecord raises data privacy bar The Warren Centre
  83. Healthcare IT Security Worst of Any Sector With External Threats Health IT Security
  84. Cyber Insurance Recommended for All Physician Practices Physicians briefing
  85. The healthcare industry is in a world of cybersecurity hurt TechCrunch
  86. My Health Record: A further erosion of civil liberties? The Big Smoke Australia
  87. GP fed up with health record says ‘bring in a USB’ Gladstone Observer
  88. Patients And The Data Breach Notification Maze Dr Megan Prictor, University of Melbourne
  89. Former Pentagon cyber chief says hackers will exploit My Health Record flaws The Financial Review
  90. ​Labor promises inquiry into My Health Record ZDNet
  91. New data access bill shows we need to get serious about privacy with independent oversight of the law The Conversation
  92. Tell me again why the Turnbull Government is insisting My Health Record will become mandatory by the end of October 2018? North Coast Voices
  93. Five lessons from the #MyHealthRecord discussion for #PrecisionMedicine Declan Kuch. Medium
  94. Privacy concerns go beyond just My Health Record Medical Republic
  95. Firearms Registries, External data storage & MyHealthRecord Law Abiding Firearm Owners Inc
  96. My Health Record expansion: Why citizens’ data must be protected Australian Business Review
  97. MHR now set to face a Senate inquiry Medical Republic
  98. Warnings: My Health Record risking young people’s health Shauna Gaebler, CEO CoMHWA
  99. One in four Australians to opt out of My Health record, survey finds Canberra Times
  100. Health providers’ security flaws will leave My Health Record open for hacking The Strategist, Australian Strategic Policy Institute
  101. Privacy Impact Assessment Report – Personally Controlled Electronic Health Record (PCEHR) System Opt-Out Model Minter Ellison
  102. Is Consent a moral dilemma or a mere medicolegal formality? Dr Thinus’ musings
  103. Why My Health Record is flawedA politically-designed or influenced centralised database with widespread access is problematic. CIO
  104. Lax security culture in hospitals could affect My Health Record privacy, insiders fear ABC News
  105. Australians’ trust in government at an all-time low Government News (February 2018)
  106. A content analysis of the consumer-facing online information about My Health Record Louisa Walsh et al. La Trobe University
  107. The E-health Literacy Demands of Australia’s My Health Record: A Heuristic Evaluation of Usability. Louisa Walsh et al. La Trobe University
  108. Default MHR settings don’t protect teens’ privacy The Medical Republic
  109. Want to hack the WA government? Try ‘Password123’ Computerworld
  110. Individuals’ use of online medical records is on the rise Health Data Management
  111. My Health Record: debate rages but there are gems Mukesh Haikerwal, Medical Journal of Australia, Insight
  112. How fake data led me to dump My Health Record Dr Pam Rachootin, The Medical Observer
  113. Exclusive: Leaked ADHA document shows the agency grappling with My Health Record concerns Healthcare IT
  114. Australian government moves to improve My Health Record privacy Stilgherrian, ZDNet
  115. Down With My Health Record Mike Godwin, Slate
  116. Trust is good for the body as well as the soul Dr Leon Piterman, Medical Republic
  117. Open data and privacy tensions Denham Sadler, InnovationAus.com
  118. My Health Record’s invisible marketing strategy Fraser Gordon, Engaging.io
  119. ‘Big data’ says you’re a cancer risk. Do you want your insurer to know? Do you want to know? Ariel Bogle ABC Science
  120. So Doctor, do you know what your duties and responsibilities are when using the My Health Record System? Dr Thinus’ musings
  121. Snooping Perth hospital staff caught in 40 patient privacy breaches Perth Now
  122. 58% Of All Healthcare Breaches Are Initiated By Insiders Forbes
  123. My Health Record access controls used only 214 times in million record trial ZDNet
  124. Dealing with a query about access to the My Health Record System Dr Thinus’ Musings
  125. My Health Record undermines teens’ right to medical privacy, critics fear ABC Science
  126. My Health Record lets down the patients who could use it the most Mike McRae The Guardian
  127. Mums hiding from violent exes fear they’ll be found via My Health Record Kidspot
  128. My Health Record: think about the status quo before opting out Chris Bain, Lens
  129. CSIRO lays out action plan for Australia’s digital health future Lynne Minion, HealthCareIT
  130. Future of Health, CSIRO Research Report (4MB)
  131. GP-run school clinic to close due to teens’ data privacy fears RACGP
  132. Australian Health Records and Notifiable Data Breaches Gordon Draper Fort Safe
  133. Privacy advocates have failed to engage on My Health Record Stilgherrian, ZDNet
  134. If privacy is increasing for My Health Record data, it should apply to all medical records The Conversation
  135. Top 5 confusing MHR senate inquiry numbers Jeremy Nibbs, The Medical Republic
  136. Three out of five GPs report benefits from My Health Record: ADHA chief  RACGP
  137. Medicare Rebates Could Be Linked To My Health Record Australian Data Privacy Certification Register
  138. “My Health Record” – are your children at risk? Family Law-Team, Clinch, Long, Woodbridge, Lawyers
  139. Concern over restrained people tracking which pharmacy their child uses Pharmacy News
  140. Australians still concerned as My Health Record row continues Pharmaphorum
  141. Digitising social services could further exclude people already on the margins Siobhan O’Sullivan and Christopher Walker, University of New South Wales
  142. Our bodies and minds are not datasets Roz Bellamy, Festival of Dangerous Ideas
  143. My Health Record justifications ‘kind of lame’: Godwin Stilgherrian, ZDNet
  144. How to corrode your social licence in nine easy steps Anna Johnston, Salinger Privacy
  145. ADHA’s non-process for releasing My Health Record data revealed Stilgherrian , ZDNet
  146. Fi FOI Fo Fum Trent Yarwood
  147. Moving My Health Record forward Consumers Health Forum
  148. Lawyer warns to check your medical privacy rights Grace Ormsby, Lawyers Weekly
  149. My Health Record: A Huge Threat to Patient Privacy With Little Benefit Dr Tim Woodruff, President, Doctors Reform Society
  150. No plans to pay GPs for uploading to My Health Record: Senate Estimates Doug Hendrie, RACGP
  151. Last Chance To Opt Out Of #MyHealthRecord, Australians! Mike Godwin, techdirt
  152. My Health Record opt-outs now sit at over 1.1 million Chris Duckett, ZDNet
  153. My Health Record initiative polarises community Chris Bath, The Northern Daily Leader
  154. Ownership challenge for My Health record Bianca Phillips, MJA (2016)
  155. The My Health Record debate: ethical and cultural issues, Paul A. Komesaroff Ian Kerridge, Internal Medicine Journal
  156. My Health Record – it’s not over yet, Lesley Russell, Coakey
  157. It’s not My Health Record, it’s Yours Blog of Dr Sam Heard, a GP in the NT.
  158. 17 million Australians to be automatically enrolled in My Health Record Dana McCauley, SMH
  159. My Health Record system crashes as Australians rush to opt out Dana McCauley, SMH
  160. Australia Struggles with Rollout of National Electronic Health Record System  Andrea Downing Peck, Dark Daily
  161. A Stronger My Health Record Greg Hunt, Health Minister
  162. Tougher penalties for misuse of My Health Record data, Hunt says Radio National Interview with Fran Kelly, Breakfast
  163. Transcript of RN Breakfast Interview
  164. My Health Record Rescue Plan Christine King, Shadow Health Minister
  165. Safety and Privacy of My Health Record Dr Tony Bartone, AMA
  166. My Health Record data misuse penalties raised Chris Duckett, ZDNet
  167. Rushed My Health Record changes still missing the point Stilgherrian, ZDNet
  168. Hunt bows to pressure over MHR safeguards Julie Lambert, The Medical Republic
  169. Insurers to be banned from accessing de-identified My Health Record data Rohan Pearce, Computerworld
  170. My Health Record must have bipartisan support Consumer Health Forum of Australia
  171. My Health Record Changes Welcomed But Opt-Out Period Must Be Extended, Media Release Dr Kerryn Phelps
  172. ANZ reckons people power will push My Health Record data to insurers
  173. Sydney Health Ethics considers the ‘ins and outs’ of My Health Record Julie Mooney-Somers, Sydney Health Ethics
  174. Fact Sheet on My Health Record People with Disability
  175. Greg Hunt refuses to give My Health Record update as MPs push to extend opt-out period, Paul Karp, Guardian Australia
  176. My Health Record’s privacy chief quits, amid claims agency ‘not listening’ Ben Grubb, SMH
  177. The director responsible for privacy at My Health Record has resigned Chris Pash, Business Insider
  178. Case study: What can we learn from Australia’s My Health Record experience? Stephen Duckett, Future Health Index
  179. Response to a bad article on My Health Record Karl Auer’s response to Stephen Druckett’s paper
  180. My Health Record part 1: the GP view Karen Price (GPDU), MJA
  181. My Health Record part 2: the ethicist’s view Paul Komesaroff, MJA
  182. Calling time on healthcare’s digital carpetbaggers Jeremy Knibbs, The Medical Republic
  183. ADHA privacy boss reportedly quits as My Health Record faces first big test Stilgherrian, ZDNet
  184. My Health Record ‘overlooked’ Australians without internet access, says a rural health worker Emily Jane Smith, ABC Kimberly\
  185. Practioner expresses concern over My Health Record
  186. Start-up investors slam roll out of ‘My Health Record’Carrie LaFrenz, Australian Financial Review
  187. The deadline to opt out of My Health Record is approaching — here’s what you need to know Jessica Yun, Yahoo Finance
  188. My Health Record opt-out difficult for remote communities Nakari Thorpe, NITV
  189. My Health Record: what is it, and the case for opting in – or out Illawara Mercury
  190. Labor turns up the heat on My Health with push to extend deadline Dana McCauley, SMH
  191. Final fight over My Health Record opt-out period Dana McCauley, SMH
  192. Greg Hunt vows to push forward with My Health system Samantha Maiden, The New Daily
  193. My Health Record Opt-Out Date Has Been Extended Tegan Jones, Gizmodo
  194. Hidden conflict: My Health chair’s private advisory role Esther Han, SMH
  195. My Health Record remains opt-out as Senate passes privacy amendments Stilgherrian, ZDNet
  196. Government backs down from MyHealthRecord Deadline (Again) CareNavigator.com
  197. An Australian Tale of Data Privacy and Health Data Gone Wrong Cate Lawrence, DZone

The Parliamentary Paper

  1. Law enforcement access to My Health Record data Parliamentary Library Paper Original Version
  2. Law enforcement access to My Health Record data Revised  Parliamentary Library Paper Revised Version
  3. Down The Memory Hole Trent Yarwood’s Comparison
  4. How Health officials muscled Parliamentary Library into deleting My Health Record analysis Harley Dennett, The Manderin
  5. Parliamentary Librarian ‘did not feel pressured’ to revise My Health Record post Stephen Easton, The Manderin 

Alternative Solutions/Approaches to My Health Record

  1. Apple says iOS Health Records has over 75 backers, uses open standards
  2. Sweden
  3. Sweden
  4. Patient-Online UK
  5. Coordinate My Care UK
  6. Patient Portals to GP systems New Zealand

Point of care, Clinical Decision Support rather than Health Records

  1. How providers can benefit from more study of CDS benefits  Health Data Management

The Chaser Team deserve their own section:

The Shovel

And we can’t forget the odd political cartoon

Opt out! Cassandra the Information Technology Wobbegong on My Health Record

Hacked – Matt Golding

Youtube

Honest Government Ad | My Police State! TheJuiceMedia

And from an earlier time, although the parallels are spooky, even the health ministers have the same names (Hunt) :
Tim Kelsey discovers that care.data is in trouble

Audio

Government accused of not doing enough to persuade people to remain on My Health Report
ABC Radio National Breakfast
Wednesday 18 July 2018 6:51AM

Government accused of encouraging doctors to “sell” confidential patient data
By George Roberts on ABC PM
Mon 16 Jul 2018, 5:02pm

Other Resources

For the best source of current, well informed opinions and information on Digital Health and My Health Record in particular, go to the blog of Dr David More: Australian Health Information Technology. The comments are particularly useful as they give a voice to people with deep knowledge but who are not in a position to express their opinions publicly.


Contacts

Dr Bernard Robertson-Dunn
Chair, Health Committee
Australian Privacy Foundation
Bernard.Robertson-Dunn@privacy.org.au
Mobile 0411 157 113