Initially, I was in two minds when I learnt about the My Health Record initiative to be introduced by the Federal Government.
The electronic record system, which will come into effect on October 15, on the surface seems like a convenient way to keep all your health records in the one place online.
Your health record can be accessed anywhere by a treating physician or health specialist. The idea is that the My Health Record will allow patients and health professionals to have a more informed consultation about your health.
The idea of online privacy has taken a hit over recent months. Revelations of data harvesting from people’s Facebook accounts, the hacking of elections and the militarisation of hacking efforts by nation states, made consumers become weary of what they put online. The ease of convenience to hand over your personal information to algorithm run mega-servers in faraway places has come back to bite many of us.
One of the last bastions of privacy, in modern life is your private health record. With very few exceptions, we assume that no matter what, our privacy will be maintained and the data within sacrosanct from prying eyes, whether they be commercial interests or the snoopy receptionist.
The privacy framework for My Health Record is identical to the care.data scheme in the United Kingdom, which has been subsequently scrapped after revelations patient data was sold to private insurers and pharmaceutical companies without the patient knowledge or permission. This wasn’t supposed to happen, as it’s not supposed to happen here, but it DID happen.
Of course no system, online or otherwise, is 100 per cent guaranteed to ensure your privacy. However, the difference with a centralised online system such My Health Record is that if there is a breach the consequences can be devastating to the individual, the consequences could range from embarrassment to identity theft.
Parliamentary library says the MyHealth Record law amounts to "a significant reduction in the legal threshold for the release of private medical information to law enforcement" #auspol #MyHealthRecord https://t.co/FlbsBo7hzn pic.twitter.com/lhqrpJ2bOJ
— Paul Karp (@Paul_Karp) July 24, 2018
Information on how information My Health Records are to be used are explained in the Implementing the Framework to guide the secondary use of My Health Record system data, one paragraph particularly caught my attention:
There are also other limited circumstances in which a consumer’s My Health Record information may be used under the My Health Records Act, including for court proceedings, coronial investigations and law enforcement purposes, and to enable the System Operator to run the My Health Record system effectively (such as to undertake investigations and audits).
Additionally, we learnt this week that police can access your records without the need of a court order. It is yet another intrusion on the rights of the individual to retain privacy. So at the very least, the sacred consultation between doctor and patient can now have data from that consultation mined by law enforcement agencies for “law enforcement purposes”.
Makes me wonder how many Aboriginal men and women will end up in prison as a result of visiting their GP. Many Aboriginal people already have a mistrust of major government systems. We want our mob to freely and regularly meet with health professions, attend health checks and receive any follow up care they may need. As it stands, the government is undermining any trust that remains.
The only way a centralised #MyHealhRecord could proceed is if law states:
-records can only be accessed by health professionals
-accessed only for the patient’s benefit
-all access visible to the patient
-no other external agencies can access the system for any reason
— Prof Kerryn Phelps AM (@drkerrynphelps) July 22, 2018
The question you need to ask yourself is whether or not you are comfortable with Peter Dutton having access to your health records? I myself am not.
We have no guarantees from any government agency that our data won’t be used or passed on without our consent. We need such assurances, enshrined in law. We need protection from those that are supposed to protect us.
We live in a time where power to access information about you, resides in the hands of only a few, a few that have shown increasing hostility against those that dissent.
The real betrayal is that many, in good will and for the right reasons, have long advocated for such a system, the fact the government has used this as another opportunity to further mine our data and breach our privacy is not something we should take lightly.
The very fact that it is an opt out approach puts thousands of people at the lower socio-economic end of society at a disadvantage as to how their personal data is used. I’m a university educated professional that has worked in the state government health bureaucracy and I struggle with the associated privacy concepts associated with this initiative.
What hope do people without access to a computer, who aren’t IT literate and may have English as a second or tertiary language have in making an informed choice on how their health data is used. That is but one reason why an opt out approach is unethical in the first instance.
I don’t understand My Health Record. If I opt to put a PIN on my record, what happens if I become incapacitated and can’t unlock the PIN? Also if I can edit my own data, wouldn’t that lead to potential abuse of the system?
— RosyRosy (@MookiMoohi) July 25, 2018
Apart from anything else, I never trust the first iteration of any new technology, especially when it comes to massive consumer faced government online systems, think the 2016 census night disaster. It’s part of the reason that we haven’t moved to online voting and probably never will in my lifetime. Before I hand my data over to a server and to faceless bureaucrats, I at least want to make sure the technology is reliable and as secure as it can be. This cannot be said of My Health Record at this stage.
I don’t have anything to hide, but I certainly don’t want any of my data used to further feed the government apparatus, which is increasingly attaining and using powers to slowly erode at our civil liberties.
The trade-off of privacy for the convenience of an easily accessible online record may be worth it. People who suffer chronic disease or have a range of comorbidities may make the decision to opt in. We can only hope they are given the opportunity to provide informed consent.
However for most of us, there is no need for anyone other than my healthcare team to access my info.
Better to have a regular GP, who will communicate with other providers when needed.
So why am I opting out?
I don’t trust the government to look after my health records, they haven’t earnt my trust maybe one day they will, it’s not too late to fix this.