This article is from the source 'guardian' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at https://www.theguardian.com/australia-news/2018/jul/30/my-health-record-former-privacy-head-warned-of-dangers-six-years-ago
The article has changed 4 times. There is an RSS feed of changes available.
| Version 1 | Version 2 |
|---|---|
| My Health Record: former privacy head warned of dangers six years ago | My Health Record: former privacy head warned of dangers six years ago |
| (4 months later) | |
| Australia’s former privacy commissioner warned government officials about the dangers of an opt-out My Health Record system six years ago, but said his cautions were ignored. | Australia’s former privacy commissioner warned government officials about the dangers of an opt-out My Health Record system six years ago, but said his cautions were ignored. |
| Malcolm Crompton, now an adviser at one of Australia’s leading information privacy consultancies, has also warned digital health records will not be secure unless a widespread audit of every GP clinic in Australia is conducted. | Malcolm Crompton, now an adviser at one of Australia’s leading information privacy consultancies, has also warned digital health records will not be secure unless a widespread audit of every GP clinic in Australia is conducted. |
| “It may well be military-grade [security] on the central servers of the My Health Record system,” Crompton told Guardian Australia. “It’s demonstrably not military-grade for all of those 900,000 practitioners. | “It may well be military-grade [security] on the central servers of the My Health Record system,” Crompton told Guardian Australia. “It’s demonstrably not military-grade for all of those 900,000 practitioners. |
| Patients trust their doctors with secrets, not the government or the tax office | Ranjana Srivastava | |
| “Literally because nobody knows. Nobody has actually audited those 900,000 practitioners to make any statement of any sort on how secure they are.” | “Literally because nobody knows. Nobody has actually audited those 900,000 practitioners to make any statement of any sort on how secure they are.” |
| Last week Malcolm Turnbull pledged to address privacy concerns raised about the government’s My Health Record system. Healthcare and social security groups have expressed significant concern about the lack of privacy safeguards in the legislation governing the system, which could allow warrantless access by a broad range of government departments, including Centrelink, Medicare or the Australian Tax Office. | Last week Malcolm Turnbull pledged to address privacy concerns raised about the government’s My Health Record system. Healthcare and social security groups have expressed significant concern about the lack of privacy safeguards in the legislation governing the system, which could allow warrantless access by a broad range of government departments, including Centrelink, Medicare or the Australian Tax Office. |
| IT experts also say the system is prone to cyber threats, particularly because the records will be accessible by a vast range of people in the medical workforce, many of whom will have weak cyber security. | IT experts also say the system is prone to cyber threats, particularly because the records will be accessible by a vast range of people in the medical workforce, many of whom will have weak cyber security. |
| Health minister Greg Hunt has repeatedly stated the data will be secure and no access will be allowed without a court order. | Health minister Greg Hunt has repeatedly stated the data will be secure and no access will be allowed without a court order. |
| Crompton, the privacy commissioner between 1999 and 2004, said the government had been repeatedly warned about the security risks now being canvassed. In 2012, Crompton addressed health department officials directly about the dangers of an opt-out system during a roundtable on digital health records. | Crompton, the privacy commissioner between 1999 and 2004, said the government had been repeatedly warned about the security risks now being canvassed. In 2012, Crompton addressed health department officials directly about the dangers of an opt-out system during a roundtable on digital health records. |
| “I said ‘the change from opt-in to opt-out is inevitable, and these are the risks of doing so and some of the actions necessary to redress the imbalance’. Department of Health people were present,” he said. | “I said ‘the change from opt-in to opt-out is inevitable, and these are the risks of doing so and some of the actions necessary to redress the imbalance’. Department of Health people were present,” he said. |
| “Others have issued similar warnings. So there are no surprises about any of these issues now being raised. The difference is that they were dismissed or not dealt with properly. They are still being raised and are being taken seriously, or at least seriously enough for Mr Hunt to be talking to the doctors.” | “Others have issued similar warnings. So there are no surprises about any of these issues now being raised. The difference is that they were dismissed or not dealt with properly. They are still being raised and are being taken seriously, or at least seriously enough for Mr Hunt to be talking to the doctors.” |
| The Deeble Institute for Health Policy Research is among those who have also warned of the privacy and security risks of moving to an opt-out system. | The Deeble Institute for Health Policy Research is among those who have also warned of the privacy and security risks of moving to an opt-out system. |
| In 2015, the institute published a report calling for a “comprehensive system security and privacy safeguard review” before the implementation of the opt-out system. | In 2015, the institute published a report calling for a “comprehensive system security and privacy safeguard review” before the implementation of the opt-out system. |
| GPs and social service providers demand My Health Record protections | |
| Following this review, the government would need to “implement a mix of technology, policy and process mechanisms aimed at strengthening security and privacy controls”, the report said. | Following this review, the government would need to “implement a mix of technology, policy and process mechanisms aimed at strengthening security and privacy controls”, the report said. |
| It also recommended a major public education campaign before moving to opt-out, to demonstrate the privacy and security safeguards of the system. | It also recommended a major public education campaign before moving to opt-out, to demonstrate the privacy and security safeguards of the system. |
| A spokesman for Hunt said he would meet this week with the presidents of the Australian Medical Association and the Royal Australian College for General Practitioners to “work constructively” with them about their concerns. | A spokesman for Hunt said he would meet this week with the presidents of the Australian Medical Association and the Royal Australian College for General Practitioners to “work constructively” with them about their concerns. |
| He said Australians had a choice to opt-out if they wished, and could decide how their medical information was controlled. | He said Australians had a choice to opt-out if they wished, and could decide how their medical information was controlled. |
| “Labor brought in this legislation in 2012 and it has been operating for six years and just under six million Australians are already on the system,” the spokesman said. | “Labor brought in this legislation in 2012 and it has been operating for six years and just under six million Australians are already on the system,” the spokesman said. |
| There is no social license for My Health Record. Australians should reject it | Julia Powles | |
| “My Health Record is subject to some of the strongest legislation in the world to prevent unauthorised use and backed up by a world-leading cyber security team.” | “My Health Record is subject to some of the strongest legislation in the world to prevent unauthorised use and backed up by a world-leading cyber security team.” |
| Crompton, who has himself opted out, said he had little faith in the government’s ability to resolve the myriad of privacy and security issues. | Crompton, who has himself opted out, said he had little faith in the government’s ability to resolve the myriad of privacy and security issues. |
| “They will be pushed to make minimal change amid extreme noise,” he said. | “They will be pushed to make minimal change amid extreme noise,” he said. |
| Crompton said the Office of the Australian Information Commissioner is under-resourced to cope with such a vast scheme. He compared OAIC’s resourcing for audits with the kind of money corporations spent on financial auditing. | Crompton said the Office of the Australian Information Commissioner is under-resourced to cope with such a vast scheme. He compared OAIC’s resourcing for audits with the kind of money corporations spent on financial auditing. |
| “The privacy commissioner is doing the commissioner’s darnedest to be as effective as possible with the budget they’ve been given,” he said. | “The privacy commissioner is doing the commissioner’s darnedest to be as effective as possible with the budget they’ve been given,” he said. |
| “But somebody in the department of finance keeps on leaving off a couple of zeros before the decimal point. It’s not just under-resourced ... it’s criminally under-resourced.” | “But somebody in the department of finance keeps on leaving off a couple of zeros before the decimal point. It’s not just under-resourced ... it’s criminally under-resourced.” |
| My Health Record | My Health Record |
| Health | Health |
| Data protection | Data protection |
| Share on Facebook | Share on Facebook |
| Share on Twitter | Share on Twitter |
| Share via Email | Share via Email |
| Share on LinkedIn | Share on LinkedIn |
| Share on Pinterest | Share on Pinterest |
| Share on Google+ | Share on Google+ |
| Share on WhatsApp | Share on WhatsApp |
| Share on Messenger | Share on Messenger |
| Reuse this content | Reuse this content |