The Government has acted swiftly in response to last week’s revelations that Medicare numbers were available for sale on the ‘darkweb’, announcing an immediate review into accessibility.
The review will investigate the system that allows health care professionals to access a Medicare number using the patient’s name and date of birth, if they are unable to provide a physical copy of their Medicare card and whether this is the source of the security breach.
The system has been in place since 2009 and is used about 45,000 times each day by hospitals, GPs and other health care professionals.
The review will consider the balance between access by health professionals to a patient’s Medicare number with the security of patient medical histories.
The effectiveness of a health provider’s controls over registration and authentication to access card numbers will also be scrutinised.
Organised crime groups use card details to produce fake Medicare cards with legitimate information that can be used for identity fraud.
Card details can also be used to defraud the Government of Medicare rebates. In 2015, a police strike force targeted a group that was using Medicare card details to direct rebate payments into fraudulent bank accounts.
The review will be led by former Secretary of the Department of the Prime Minister and Cabinet, Professor Peter Shergold, and will investigate the adequacy of compliance systems to identify any potential inappropriate access to a patient’s Medicare number.
The presidents of both the Australian Medical Association and the Royal Australian College of General Practitioners will be part of the review team.
Recommendations will be made for immediate improvements to the security of Medicare numbers, while continuing to ensure people have access to the health care they need in a timely manner. The review will release an interim report by 18 August and a final report by 30 September.