The My Health Record (MHR) opt-out deadline – postponed twice in 2018 due to community pressure – is just 24 hours away. But this time around, there is a major difference.
Participants are now able to permanently delete their record if they change their mind and choose to opt out. The rule change, says the Consumers Health Forum, should strengthen public trust in the system.
It was lack of trust and the fear that sensitive data may be hacked or used for purposes other than intended that prompted a major public outcry ahead of the first two opt-out deadlines.
To date, 1.1 million Australians have opted out, with 6.5 million already registered and 17 million poised to be included.
Consumers Health Forum (CHF) chief executive Leanne Wells says: “The Australian Digital Health Agency says that a function has been activated in the My Health Record system that allows a person to permanently delete their record at any time, including any back-ups and that all records previously cancelled will also be permanently deleted from the system.”
She says the CHF accepts that there had been serious concerns about privacy and security issues.
“We believe the changes introduced by the Government should resolve these concerns. The doubts and criticisms about security must be weighed against the long-term benefits of information technology that will bring to healthcare the advances in services and access already taken for granted in other parts of modern life.”
In a further tightening of protocols, insurers and employers have been legally barred from accessing the database, and law enforcement agencies cannot gain access without a warrant or court order. Patients and doctors can also manage and limit the information that is recorded with official guidelines advising that not all information has to be uploaded.
Security concerns are still likely to be the trigger for more Australians opting out, with news yesterday of a major leak of medical records in Singapore. Authorities admitted that confidential medical records of more than 14,000 people with HIV had been released online. Foreigners who have tested positive are not allowed to work in the city.
And while MHR says there have been “no significant breaches of privacy” since it began in 2016, it concedes there have been dozens of minor breaches over the past two years. In 2016-2017, MHR reported 35 data breaches.
The deadline nears as doctors in Australia seek legal advice as to whether they may be held liable for mishaps that occur if patient data has been entered incorrectly.
However, Australian Medical Association (AMA) medical ethics committee chair Chris Moy said doctors would treat the records with “professional scepticism” and expect them to be just as unreliable as hospital discharge notes, “which have a 10 per cent margin of error”.
And reports suggest that it will be at least 12 months before the system is fully operational across Australia, with many hospitals and surgeries requiring major technology upgrades before they can connect to the system.
Fairfax Media reports that one-quarter of hospital beds in Australia are yet to be linked to MHR, and the Victorian health system will not be fully connected until at least 2020.
Steve Hambleton, deputy chair of the MHR expansion committee and a former AMA president told ABC radio yesterday he was confident Australians will see the benefits of the system.
As an example, he says the “summary page” gives health professionals rapid access to medications information – an area of concern with about 230,000 Australians admitted to hospital every year due to “medication misadventure”, according to reports from the Australian Commission on Safety and Quality in Health Care.
Information relating to allergies, current medication, GP and hospital discharge summaries will all be collated in the one place, Mr Hambleton says.
The legislative changes to privacy and security safeguards introduced by the Federal Government late last year include:
- Cancelled records will be fully deleted from the system and all back-ups. The Australian Digital Health Agency (ADHA) says this feature will be active by 31 January.
- MHR data can’t be used for insurance or employment purposes.
- Improved protections for those at risk of domestic violence.
- Making it clear that the only government agencies that can access the MHR system are the ADHA, the Department of Health and the chief executive of Medicare.
- Ensuring the system cannot be privatised.
- Enshrining in legislation the principles and governance structure in the Framework to guide the secondary uses of My Health data.
- Increasing the penalties incurred for inappropriate or unauthorised use.
Are you reassured by the changes to My Health Record? Are you happy to stay in or will you adopt a wait-and-see approach? Go here to opt out.