Table of Contents
Conservative estimates put the cost to the Australian taxpayer of My Health Record at over $2 billion with annual costs now running at about $500 million.
The My Health Record is being sold to Australians as a personal aid to be used by individuals in managing their healthcare. The reality is that it contains far more information than is appropriate for a concerned and engaged individual who is interested in improving their health and healthcare experiences.
In spite of what the government says about the system, My Health Record is a massive Federal Government database system that stores a few types of health summaries put there by GPs and patients, and also has the capability and capacity to store or provide access to every piece of health data on every Australian.
The only thing stopping the My Health Record from achieving complete coverage is the reluctance of patients to register and health care professionals not putting data into the system. In many cases, such as registering babies born in hospitals, hospital discharge summaries, Medicare and PBS data and some pathology and imaging data, this has already been automated.
Initiatives by the government to achieve full coverage include the opt-out trials (which added 1 million registrations), an intention to make it opt-out for all Australians – subject to a consultants report – probably only a formality – and an apparent plan by the Australian Digital Health Agency to make My Health Record compulsory in a couple of years.
A fully populated national health database would also be a potential target or “honeypot”. The more clinical data in the system the greater the value to everyone but the patient – it is information the patient cannot understand but might misinterpret.
If we look at the three primary stakeholders in the My Health Record System we can get a sense of who will benefit most from the system
The patient could use a brief, targeted, up-to-date summary of their health status and future desires should they be in difficult or life threatening situations.
What the government doesn’t make clear is that Shared Health Summaries and Personal Healthh Summaries are created by the GP and the patient them self, respectively. The government says that My Health Record is an online summary health information, a statement that gives the impression that this will be provided by the government. It won’t. It’s just a place for a patient’s to put their own summary.
Considering that creating summaries takes a reasonable amount of time and effort, it is quite likely that there will not be many useful, well maintained summary documents. The value to most Australians of the My Health Record, as a personal aid to helping them manage their own health is probably very low. On the other hand, the risk to privacy will be very high. The government’s aim of putting everyone’s health data into one place and making access easier becomes a very uneven value/risk proposition. Low value; high risk.
GPs have no use for the system as a health record – they have their own specialist and much more functional systems – and the government says quite openly that it is not for them when providing healthcare. The involvement of most health care professionals is in entering data. This is an expensive overhead with no return for most.
Have a look at the overheads it is claimed that electronic health records are imposing. These overheads will apply to their existing systems, never mind additional workloads to deal with My Health Record.
GP’s and medical practices are getting some value from My Health Record, but not as a health record. It is being used as a document transfer system. The supposed eHealth infrastructure promised by NEHTA has failed to address the problem of transferring documents such as hospital discharge summaries to their intended recipient. Instead. they are uploaded into a big government database and then GPs can download them into their own system. An expensive, privacy risky solution to a real problem. And the documents stay in the database.
The healthcare value to most GPs is very low, the overheads to them will be significant and they will run the risk of running foul of privacy laws (which the government is intending to make stricter). Once again a very uneven value/risk proposition. Low value; high risk.
It should be noted that the government its paying GPs to upload health summaries, so maybe there is some financial return on the use of their time.
Here is a media report about the ePIP scheme:
$50k for 200 keystrokes per quarter on ePIP? Get typing!
The Federal Government pays for and has access to the system. It is operated by others – The Australian Digital Health Agency is the system operator and the technology is run by Accenture, an American company.
Until the My Health Record system was created, the government had no direct, reliable or comprehensive access to Australian’s health care data. It had Medicare data and PBS/prescription data but it did not have access to underlying information i.e. what health conditions people had, what specific treatment was being prescribed, details of hospital visits or services that patients were making use of but which were not covered by Medicare.
The My Health Record, if high levels of coverage are achieved will be a goldmine for the Federal Government. The ABS has already said it intends linking census data with health data. The government is examining ways it can make use of health data – it is consulting with various parties about what is called “secondary use” of the data.
In terms of the value/risk proposition, the government is in a very different position. They own the system so are in a position to mitigate and manage whatever risks there are. Even if something unfortunate happens, they are the government and taking on the government is never easy.
On the other hand, the value to the government of having access to such a wealth of health data that it has never had before is immense. There are potentially a lot of valid uses such as medical research, health policy development and population studies.
There is potential dark side to this system. We don’t know if it is deliberate or unintended consequences. But the system is what the system is – it has certain inherent capabilities.
These capabilities include:
- Linking with telecommunications meta data
- Surveillance of individuals
- Selling “de-identified” data to third party companie
- Monitoring of Australian’s behaviour and potentially linking to welfare payments
The legislation that underpins My Health Record also gives an indication of areas of the government that may well find value in the contents of the system. These agencies include research organistions, law enforcement bodies and revenue collection agencies. This is explained here. The access controls set by patients are little or no defence against the privileged user.
The value to the Federal government of access to Australian health data increases significantly when it links to other data it holds on Australians and it appears to be on course to do just that.
- The Australian Bureau of Statistics, on its website, says “The combination of Census data and health data can help improve Australia’s understanding and support of people who require mental health services and assist with the design of better programs of support and prevention.”, and
- The Australian Tax Office has stated it wants “increased sharing and use of personal data held by Government”. It has made this recommendation 1.1, which gives an indication of the importance of the matter.
- And then there’s the reality of the retention of telecommunications metadata. The report says that twenty government agencies have access to metadata.
Information on a person’s health is highly personal and can be used to help in their healthcare but also against the person. There are examples in the section on why you may consider opt-ing out of My Health Record, Health data is highly attractive to hackers who may be able to use the data to steal someone’s identity, blackmail them or invade their privacy for all sorts of reasons.
Here is an example of a media report on the value of health data to hackers:
“Electronic health records are 100 times more valuable than stolen credit cards,” said James Scott, co-founder and senior fellow at the Institute for Critical Infrastructure Technology (ICIT).
Hacking Health Care Records Reaches Epidemic Proportions
Here’s a suggestion. Instead of building an expensive, dangerous, privacy risky, Federal Government owned Patient Health Record System with hidden extras, why not just make parts of GP electronic Medical Record systems accessible by the GP’s patients?
Like they have done in the UK.
The government should concentrate on real infrastructure functions like
- a proper health authentication capability – the existing one is a pale shadow of what was intended. Individual health professionals cannot be identified, institutions are not necessarily uniquely identified – an institution can be a whole group of hospitals, or even a whole state.
- a secure health messaging system,
- and an indexing system that records where health data is, but doesn’t take copies of it all.
The big questions are these:
- What is the medical justification of the Federal Government holding such large amounts of health data on every Australian? The Federal Government plays very little part in te delivery of health service – this is a state matter.
- Why does the patient oriented health record contain vast amounts of clinical data that is no interest or use to the patient?
- Why is the Federal government being deceptive in selling My Health Record as a patient oriented system when it is obviously far more than that.