Tighter privacy measures agreed for MHR

3 minute read

MyHealthRecord Technology TheHill

By

Julie Lambert

A senate committee has given a tick of approval to proposed added privacy measures for the MHR, but the wrangling is far from over

A senate committee has given a tick of approval to proposed added privacy measures for the My Health Record, but the wrangling is far from over.

The My Health Records Amendment (Strengthening Privacy) Bill 2018 was drafted amid an outcry over privacy issues, such as whether police would be able to demand access to patients’ health information.

In one key amendment, the bill removes the ability of the system operator (the Australian Digital Health Agency) to disclose a patient’s information to a law enforcement or other government agency without a court order or the patient’s consent.

In another safeguard, the system operator will be required to permanently delete information uploaded to the National Repositories Service when a patient cancels their MHR registration.

However, while supporting the Community Affairs Legislation Committee’s  recommendation that the bill be passed, Labor senators said the proposed changes were “woefully inadequate” and they would propose a raft of further amendments.

In remarks attached to the committee’s report, the three Labor members, Kristina Keneally, Murray Watt and Lisa Singh,  said the inquiry had revealed a number of flaws that the bill did not address.

“These flaws have been created by the government’s rushed implementation of an opt-out model,” they wrote.

“Legislation and settings that made sense in Labor’s opt-in model – when informed consent was assured – make no sense under the government’s opt-out model.”

The Labor senators repeated a demand that the opt-out period, due to expire next month, be extended indefinitely “until all remaining concerns are addressed and public confidence in this important reform is restored”.

The senators said Labor intended to introduce new amendments to ensure:

  • The My Health Record can never be privatised or commercialised;
  • Private health insurers can never access My Health Records, including de-identified data;
  • Employees’ privacy is protected in the context of employer-directed health care, by including a clause similar to s14(2) of the Healthcare Identifiers Act in the My Health Record Act;
  • Vulnerable children and parents such as those fleeing domestic violence are protected, by narrowing the definition of parental responsibility; and
  • The system operator cannot delegate access to My Health Records to other entities.

Additional privacy and security concerns over default My Health Record settings – for example, regarding automatic uploads and minors aged 14-18 – would be addressed in a separate report, the Labor senators said.

Greens Senators also stopped short of dissenting from the committee’s recommendations but said the proposed legislation “may represent only a minor improvement instead of the necessary solution”.

Subscribe
Notify of
2 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Tony Sangster
Tony Sangster
5 years ago

On a finer scale there is only one way for patients to deal a concern they have about the accuracy or lack of certainty about anything in the clinician’s record of their MHR document, and that is by deleting the whole document. There is insufficient room for the patient to list more than their medication details and reason for prescription in the patient history section. So anything a patient wishes to have emphasised or made more accurate in their clinical history has to be agreed to by the clinician and altered/amended by a clinician. Any difference of view between patient and clinician about, say the reaction to a medication and its severity or consequence, is not at the patient’s discretion to raise or have highlighted in MHR.. I contend that this can increase the risk of harm.
In one Australian hospital years ago a policy was amended to allow patients and patient representatives to not only read their clinical record contemporaneously but also to write in it. This change occurred as a result of a coroner’s recommendation. The rationale for this policy was due to the patient’s adverse reactions to a medication not being properly recorded or not being believed, and also not be corrected during the repeated checks on allergies and adverse reactions asked of the patient and patient representative during the patient’s stay. The patient drowned in his own vomit as a consequence of being administered the offending medication. If the patient/patient representative had been allowed to look at the record and write in it, the error leading to the patient’s death may have been corrected or at least queried and an alternative solution devised and patient’s life not threatened. If there is no legal impediment to patients and patient representatives reading writing in their notes why is this right denied to patient by the bureaucracy of MHR?

0
Sue McDonald
Sue McDonald
5 years ago

I am a GP at the end of my career. However I refuse to encourage any use of MHR until the patients data is protected from big brother and other prying eyes.
The confidentiality of medical records MUST be the most important issue.
I am happy to share edited updated data that is relevant with other health providers but will not be bullied into a drop box to suit bureaucrats. If Government doesn’t get it right it will have a useless costly white elephant on it’s hands

1

End of content

No more pages to load

Log In Register ×