Top digital consultant says My Health Record could be the next tech wreck.
Some of the strongest objectors lining up to warn consumers about the risks of keeping a My Health Record (MHR) digital account are professionals with extensive IT experience.
Speaking on ABC Radio National, the former head of the Government’s Digital Transformation Office, Paul Shetler, said that if he was an Australian, he probably would opt out of the system designed to hold and share personal medical information.
“Just because 6 million have signed up for it over the past five years (when it was an opt in platform), doesn’t mean they are using it,” said the current partner in Digital Agency Accelerate HQ.
Mr Shetler said he believed fewer than one per cent of Australians were using it and that most medical practitioners also avoided MHR.
“When this was built, if the designers had asked ‘what are people looking for or what are the user needs?’, perhaps people would have been more willing to sign up and use it,” he said.
“Instead, they spent $2 billion developing a piece of software over a decade, without clearly defining what needs it meets, either for the practitioner or the patient, and as a result you now have to make it mandatory.
“It’s a nice idea that the data is available, that it can alert practitioners about allergies or medical conditions, but not in the way it has been presented.
“In the light of a whole series of tech wrecks, it doesn’t really inspire a lot of confidence,” Mr Shetler said, admitting that MHR could potentially become another tech wreck.
“In the UK, they did something similar (to the MHR platform). It failed and was stopped for very similar reasons. It was also introduced as an opt-out system and people were concerned about the privacy of their data. Ultimately the Government stopped it.”
He said the fact the system had no default security settings and that people had to add them manually was problematic and just one of the flaws.
“The rollout has been significantly flawed. There are a lot of similarities to what happened in the UK. This security model is unsuited for what they are doing here and the way people are being signed up seems to be symptomatic of the way this Government handles IT in these big projects,” Mr Shetler said.
“The fact that your data can be accessed for reasons of public revenue, things which have nothing to do with your health … and all of a sudden you find all these weird loopholes for how data can be shared.
“The digital health agency clearly hasn’t seen what’s worked in other countries … they didn’t learn from the history.”
Meanwhile, Dr David Glance, director of University of Western Australia’s Centre for Software Practice, said the opt-out clause did nothing to allay his fears.
“The move to opt out, in addition to being a major privacy risk for the public, ignores the persistent and significant issues with the implementation of My Health Record,” Dr Glance was reported as saying in The West Australian.
“After all this time and with the billions of dollars of investment, the majority of the records are largely empty and the majority of health professionals in Australia continue to refuse to support the system. This program gives the impression that this is a viable system, but it is not and nor will it ever be.”
Commenting in The Canberra Times, IT professional Judy Bamberger says she has opted out of MHR because no digital platform guarantees 100 per cent security.
“MHR integrates multiple systems and provides multiple access points: patients, doctors, pharmacists, specialists, hospitals,” says Ms Bamberger who claims to have experience in government systems, databases and security.
“System security is only as strong as the weakest link. Health records are gold to hackers; they're key to identity fraud.
“MHR inter-connects with multiple IT systems for identity verification. I've seen no guarantee these databases won't be correlated for other uses.
“The data can be accessed by various government agencies, based on suspicion, to: detect or prevent crime, ensure ‘the protection of the public revenue’, and more. Currently, doctors can demand a warrant before providing health records; not so with MHR,” she said.
Are you going to opt out of My Health Record? If so, what are your concerns? What would give you more confidence that your health records would be stored securely in the cloud?