The truth about My Health Record
Dr Bernard Robertson-Dunn
First Published by The Medical Republic
25 June 2018
From 16 July 2018 for three months, patients and GPs in Australia will be given the opportunity to opt out of the government’s My Health Record system.
Patients and GPs will need full and accurate information about My Health Record and its potential impact on their lives, healthcare and, in the case of GPs, their business practices to decide to opt out, or not.
At this stage we do not know what information the government will be telling consumers, patients and GPs regarding My Health Record and the opt-out process when the opt-out period commences.
When that information becomes available, we will need to trust that the government has been open and transparent in informing consumers and health providers about costs, benefits and risks of a system that will contain large amounts of very personal, private and sensitive data about our lives.
What is the government currently telling us?
This is an extract from a government email to people who have expressed a wish to be informed of the opt out dates:
“A My Health Record is a secure online summary of an individual’s key health information. One in five Australians already have one. It’s an individual’s choice who sees their My Health Record, what’s in it and who it is shared with. My Health Record has safeguards in place to protect an individuals’ information including encryption, firewalls and secure login.
How accurate are these claims?
Starting at the beginning:
“A My Health Record is a secure online summary of an individual’s key health information.”
Is this supported by the facts? On the government’s My Health Record website they tell us that:
“The first time you log into your My Health Record there may be little or no information in it. Information will be added after visiting a healthcare provider such as a GP, pharmacist or hospital. You can begin to add your personal health information and notes straight away.”
When the government says “A My Health Record is a secure online summary” it is stretching the truth. What they really mean is: “A My Health Record is a government-owned and run database into which patients and GPs can load summaries of their health and medical data.”
The same page says:
“Health information stored in your record can include information from you, your healthcare providers, and Medicare.”
Note the word “can”. This does not mean will or must, in this context “can” means “might”.
The page in question uses the word “can” multiple times and, in the context of the statement “A My Health Record is a secure online summary”, gives the unfounded impression that the government will be giving you a summary of your health data.
The reality is that a system has been created that allows you and your health providers to give your health data to the government.
The government will not be giving you a summary of your health data. The obvious question is why? Sharing your data among health providers is a normal and useful feature of the healthcare system, although it could well be improved.
Giving it to the federal government does not seem such a good idea.
Does the government make clear who is responsible for managing a patient’s My Health Record?
The responsibility for inputting much of the key health data is up to a patient and their GP. My Health Record will not fully populate itself or keep itself up to date. Patients will need to see their GP if there have been any significant changes to their health. Currently this advice is not included in the government’s publicity material or on its website.
Does a patient “own” the data in My Health Record?
The government says a number of things about the data in My Health Record including: you cannot delete your record, you can only deactivate it; the contents of documents in your record are owned by and can only be changed by the author; the government has multiple legal reasons to access and use data in your health record without consulting or informing you; your GP can upload a shared health summary without your permission or discussing with you the contents.
So it is difficult to see how a patient “owns” their data.
How many Australians have a My Health Record?
Is the statement “One in five Australians already have one,” true?
This statement is also stretching the truth. It is more accurate to say that more than 5.7 million Australians have been registered for a My Health Record. Being registered doesn’t mean they have a My Health Record with useful information in it.
The statistics the Australian Digital Health Agency (ADHA) publishes for My Health Record tell us that in the six-year life of the system, about 1.77 million Shared Health Summaries (SHS) have been uploaded. When a SHS is updated it replaces the old one, which stays on the system. It could be argued that a six-year old SHS has little use and is not exactly reliable.
If you assume that a SHS older than about six months is of doubtful value, then the statistics tell us that just over 400,000 summaries have been uploaded this year.
A more truthful statement would be “approximately 1.6% (i.e. one in 60) of Australians have a current Shared Health Summary”.
Is the system secure?
From a purely technical perspective, the statement from ADHA “My Health Record has safeguards in place to protect an individuals’ information including encryption, firewalls and secure login”, apart from the bad grammar, only refers to the technology, not the information in the system.
As in so many cases, the government is not telling the whole story. The information in the system is what is important, not the technology.
Does an individual have the ability, if they wish, to control who sees the information in My Health Record?
The government says: “It’s an individual’s choice who sees their My Health Record, what’s in it and who it is shared with”. This is partially true. An individual can put some restrictions on who can see their my health record (some documents such as the Shared Health Summary cannot be hidden). However, these restrictions apply only to institutions, not to individual health providers.
Furthermore, “choice who sees their My Health Record” is not the same as saying “choice who sees the data in My Health Record.”
In reality, the data in My Health Record is a copy of data that came from, is held in, or has been transferred to, other systems. That is how it has been designed to work. The legislation that supports My Health Record goes to great lengths to specify that the prohibitions and authorisations (i.e. the laws that govern the use of My Health Record data and the controls patients have over that data) do not apply to this data. The “prohibitions and authorisations” only apply to data collected specifically for My Health Record. This is what the legislation has to say:
“If health information included in a healthcare recipient’s My Health Record can also be obtained by means other than by using the My Health Record system, such a prohibition or authorisation does not apply to health information lawfully obtained by those other means, even if the health information was originally obtained by using the My Health Record system.”
If a GP downloads an event or discharge summary from My Health Record into their clinical system, then the “prohibitions and authorisations” of the My Health Record do not apply; once data has left My Health Record, only the restrictions that apply to normal health data apply.
Furthermore, there is absolutely no control via Mmy Health Record over who can see this data nor any form of audit trail.
As far as My Health Record and the patient are concerned, the data has left the My Health Record boundaries and all trace of it disappears.
This aspect of the system is rarely, if ever, mentioned by the government.
The government has multiple legal reasons to access and use data in your health record
Are patients’ privacy issues addressed?
Some people want to control who sees their health data because that data is viewed as being private. The government often confuses security with privacy. The reality of the lack of “choice who sees their My Health Record“ applies equally to that of privacy.
In spite of what the government claims, privacy, as an issue has not been fully addressed. It is far too easy for data to leak out of My Health Record (it is designed such that data can readily be transferred in and out), the threats to patient privacy come not from the system itself but its role in the wider ecosystem in which it operates.
Does the government have any advice for minority community groups or people who may be at risk and who have concerns about the privacy of their data? At the moment, there is no such information available.
What are the costs associated with My Health Record?
To the patient, financially, nothing, it’s free. However, there is a saying common on the internet these days: “If you are not paying for the product, you are the product.”
It takes time and effort for GPs to support My Health Record, a cost to the patient in a reduction in consultation time.
To the government and the taxpayer, over $1.7 billion has been spent so far with significant on going costs to support the system, fund ePIP and run the ADHA.
The government has never made public any data on how much has been saved through the use of My Health Record.
Neither has it released any information on the achievement or otherwise of the benefits it claims for the system.
Can you trust the information the government is making available?
We can get some idea of the trustworthiness of what the government has told us already from their websites:
In the disclaimer (it’s in the footer) on myhealthrecord.gov.au, it includes this statement:
The message from both these statements seems to be that you shouldn’t rely on anything the government tells you about My Health Record. These are the primary sources of information on My Health Record for patients, health providers and others working on the system itself.
Where you are supposed to go to for reliable, trusted information?
Are there alternatives?
The government is presenting My Health Record as the only option for people who are interested in better managing their healthcare and keeping track of the health data.
The government has a range of other solutions that have been available for a number of years, but is somewhat reticent to talk about these in the same context as My Health Record. These include:
- Medicare Express Plus from the Department of Human Services.
The website for this tells us that you can “Access your Medicare information and complete a range of services using your mobile device.” These include:
“View, download, print or email your Medicare claims history statements for the last three years (something you can’t do from My Health Record, which has no print capability at all); View, download, print or email immunisation history statements; Register or change your organ donation decision.”
- The Head to Health Initiatives from the Department of Health, which ironically has this statement:
“Australia has great mental health services and resources, but it can be tough finding the ones that suit you best. We’ve made your search easier by hand-picking resources from publicly funded providers.”
- The Medicine Wise app of the National Prescribing Service.
The National Prescribing Service website tells us that its mission is:
Making Australia more medicinewise, through digital health and data insights, health professional education and reliable health information for consumers.
The Medicine Wise app does far more than just list your medicines, which is all My Health Record does. For example it will “remind you how and when to take your medicines so you can get the most out of them”.
Is the My Health Record the best solution to patients’ need to see their healthcare data?
Australia has decided that a government-owned centralised database containing copies of summary and some test data is the best way forward.
Very few, if any other countries have adopted this approach. There are some countries such as the United Kingdom, Sweden and New Zealand where the move is towards providing access to data held local GP/medical centre systems.
This approach has the additional benefit that other capabilities such as appointments, prescription ordering, et cetera are available through the same access method.
This is a much more patient-centric approach than the My Health Record system which has been positioned well outside the patient’s normal interaction with their GP.
So far, the government has presented a very much one-sided argument based upon benefits that are somewhat nebulous, relevant to minority groups or only apply in limited circumstances. They do not identify costs to patients and GPs, nor potential risks.
If after reading all this, when 16 July comes round, have a close look at what the government is telling you. If any of the matters raised above matter to you, ask yourself: “Do I trust the government has told me everything of relevance and I now believe I know enough to make an informed decision?”
If you do, you need do nothing, your health data will end up in the government database.
If you don’t trust that the government has been fully open and transparent, take the advice of Positive Life NSW (an HIV support group): “If in doubt, opt out”.
Dr Bernard Robertson-Dunn is not a GP or healthcare professional. He trained as an electronic and automation engineer, has a PhD in modelling the electrical activity in the human small intestine and has had over 40 years modelling, architecting and designing large-scale information systems, mostly in government environments. Dr Robertson-Dunn has been following the progress of, and has contributed to, the debate on the My Health Record for more than 10 years. He has no association or affiliation with any vendor or government organisation. He is chair of the Health Committee of the Australian Privacy Foundation.