The automatic creation of digital health records will continue as planned for all Australians who haven't opted out by the new deadline of January 31. The laws controlling Australia's contentious centralised My Health Record system will get significantly improved privacy provisions, however. So-called "secondary use" of health data will get regulatory oversight from a new Data Governance Board. These changes were part of the My Health Records Amendment (Strengthening Privacy) Bill 2018, which was passed with amendments by the Senate on Thursday. A Greens amendment to return to a voluntary opt-in model, something the government has consistently and strongly rejected, was not discussed by the Senate.
Personal health records (PHRs), centralized places for consumers to electronically store, manage, and share their personal health information, offer new opportunities to help consumers manage their own health and health care. However, ensuring the privacy and confidentiality of health information contained within PHRs is challenging. This paper analyzes the major properties of existing PHR systems and identifies specific privacy and security issues with each type of PHR. It proposes a consumer-controlled privacy protection approach that includes high-minded privacy principles such as independent consent management, independent privacy and security audits, and regulatory compliance requirements. It further presents a consumer-controlled system architecture that embodies these principles in the web-based PHR system.
This potential of electronic health records to transform health care sparked federal policymakers in 2009 to create an incentive program offering up to 27 billion to encourage doctors and hospitals to switch to EHRs from paper charts. Since 2008, the proportion of medical practices using electronic health records has soared from around 15 percent to more than 80 percent. Nearly all Medicare-accepting hospitals have adopted their use, according to the Centers for Medicare and Medicaid Services, and those that don't face a substantial financial penalty.
Australians attempting to opt out of the government's new centralised health records system online have been met with an unreliable website. Those phoning in have faced horrendous wait times, sometimes more than two hours, often to find that call centre systems were down as well, and staff unable to help. The Australian Digital Health Agency (ADHA), which runs the My Health Record system, is reportedly telling callers that they weren't expecting the volume of opt-outs. "On hold with @MyHealthRec for over 1.5 HOURS to opt out without providing my drivers license/passport number. Turns out their entire backed system has crashed and they are telling support staff to just punch peoples details into the website.
The Australian government is set to increase the maximum penalties for improper use of My Health Record data, Health Minister Greg Hunt announced on Wednesday morning. Under the changes, the maximum jail term will increase from two to five years, the maximum fine for individuals will jump from AU$126,000 to AU$315,000, and private health insurers will not be able to access health or de-identified data. Employers will also not be able to use health information or de-identified data to discriminate against employees or potential employees. "Importantly, employers or insurers cannot simply avoid the prohibition by asking the individuals to share their My Health Record information with them," Hunt said. Parents who have restricted access to a child, or are a potential risk to a child or person associated with the child, will not be allowed to become an authorised representative.