Intelligence and Security Committee of the Australian Parliament declined to recommend passage of Minister for Home Affairs Dutton's identity matching services bill

The Guardian, 24 October 2019:

Mark Dreyfus, as the most senior Labor member on the committee, also commented on the bill: 

The Intelligence and Security Committee of the Parliament is declining to recommend the passage of the identity matching services bill. 

Instead, Labor and Liberal members of the committee are uniting to recommend that the identity matches services bill be completely redrafted and referred back to the Intelligence and Security Committee for further inquiry when it is reintroduced. 

In taking this step, I congratulate all members of the committee for putting the national interest first and sending a strong message about the value of this committee. 

The identity matching services bill purports to facilitate the exchange of identity information pursuant to the objective of an intergovernmental agreement reached by Coag [in] October 2017. 

But it includes none of the limitations or safeguards anticipated by that agreement. 

The bill includes almost no limitations or safeguards at all. 

As explained in the committee’s report, the identity matching services bill would authorise the Department of Home Affairs to create and maintain facilities for the sharing of facial images and other identity information between government agencies and in some cases, non government agencies entities. 

The bill would also authorised the Department of Home Affairs to develop and maintain to centralised facilities for the provision of what are called identity matching services. 

The first of these two facilities would be called an interoperability hub. 

The Hub would act as a router through which government agencies across Australia could request and transmit information as part of an identity matching service. 

The second would be a federated database of information contained in government identity documents. As discussed in the committee’s report, the potential implications of these two new facilities for the privacy of all Australians are profound. 

Those implications do not appear to have even been considered by the Minister for Home Affairs or by his department. 

While a bill provides for six different identity mentioned services, the service that elicited the most concerned from submitters to the committee’s inquiry is the face of identification service. 

That service would enable authorities across Australia to use huge databases of facial images to determine the identity of an unknown person. 

Using that service, a law enforcement agency could submit a facial image for matching against a database of facial images contained in a in government identification documents, such as a database containing every driver licence photo in Australia. 

In return, the agency would receive a small number of matching or near matching facial images from the database. The agency could then access biographical information associated with those images. 

The potential for such a service to be used for mass or blanket surveillance, such as CCTV being used to identify Australians going about their business in real time was raised by numerous submitters to the inquiry......

Mark Dreyfus: Like my colleagues on the committee, I do not believe that the government is proposing to engage in or to facilitate the mass surveillance of Australians. But I do accept that, given the near complete absence of legislated safeguards in the Identity-Matching Services Bill 2019, those concerns cannot simply be ignored. If there is no intention for the proposed identity-matching services to be used to engage in mass surveillance activities, the government should not object to amending the bill to ensure that those services cannot, as a matter of law, be used in that manner. 

Concerns were also raised about the proposed one-to-many identity-matching service being used to identify people who are engaging in protest activity. This does concern me. It was only this month that the Minister for Home Affairs, the minister responsible for this very bill, called for mandatory prison sentences for people who engage in protest activity; called for the same people to have their welfare payments cancelled; and also called for them to be photographed and publicly shamed. As presently drafted, this bill would not prohibit authorities from using the proposed face-matching services to identify individuals in a crowd who are engaging in lawful protest activity. That would be concerning in the best of times; it is particularly concerning in the light of the authoritarian disposition of the Minister for Home Affairs. 

A raft of other concerns was expressed about the Identity-Matching Services Bill, including in relation to this government’s abysmal record on cybersecurity. 

I do not propose to list all of the concerns here today, but I encourage everyone to read about them in the committee’s report. 

I would like to thank my colleagues on the committee, Labor and Liberal, for their work on this important report. It should not escape anyone watching these proceedings today that, by agreeing to the set of recommendations contained in this report, the Liberal members of the committee have placed the national interest first. For that, I would like to pay tribute to Senators Stoker, Fawcett and Abetz, and the members for Canning, Berowra and Goldstein. I would like to pay particular tribute and extend my thanks to the chair of the Intelligence and Security Committee, the member for Canning. I also thank the committee secretariat for their excellent work, both in this parliament and in the last parliament, which underpins this report.

Text of the Identity-matching Services Bill 2019 can be found here.

Parliamentary Joint Committee on Intelligence and Security, "Advisory report on the Identity-matching Services Bill 2019 and the Australian Passports Amendment (Identity-matching Services) Bill 2019" can be found here.

The relentless drive by Australian federal and state governments to create unsafe data collection and retention systems continues unabated

The Sydney Morning Herald, 26 January 2019:

More than 1 million Australians have had their name and address added to the electoral roll and then automatically passed to global marketing giants without their knowledge.

Direct enrolment laws passed by Parliament in 2012 meant Australians no longer had to register on the electoral roll to have their details entered, with information of workers and school students scanned from drivers licences, Centrelink and records from the Board of Studies in each state.

The electoral roll has since been handed over to credit-check operators for identification purposes designed to help financial services firms such as banks, Afterpay and Zip, to run fraud, anti-money laundering and anti-terrorism checks, but four of those identity firms are now running global marketing operations using data analytics.

No government body has been able to advise if anyone is monitoring the companies for breaches of the electoral act, which carries fines for using the data in commercial operations, or if they are monitoring the separation of data between the companies' identification and marketing arms.

The Sydney Morning Herald and The Age revealed this week that AXCIOM, Experian, Global Data and illion (formerly known as debt collectors Dun & Bradstreet) all have access to the electoral roll as "prescribed authorities". In their secondary businesses, each boasts of their ability to provide marketing data analytics on millions of Australians to their clients but maintain they are in full compliance with the privacy act and do not use the data for marketing purposes.

AXCIOM and Global Data have not responded to multiple requests for comment. An auto-reply email from AXCIOM said "data monetisation awaits!"

The only non-marketing firm among the group, US credit check giant Equifax, had the records of 145.5 million hacked in a breach in 2017 was fined $3.5 million by the Federal Court last year for misleading, deceptive and unconscionable conduct…..

….database that contains information on 16 million Australians. More than 1.5 million Australians who were eligible to vote - but not on the electoral roll - are likely to have been added since the laws passed.

School students as young as 16 have been caught up in the data transfer, with more than 18,846 people aged 16 and 17 provisionally on the electoral roll as of December 31.

Prime Minister Scott Morrion's bullying of single mothers increases

The Guardian, 28 January 2019:

Single mothers placed on a compulsory welfare program for disadvantaged parents allege they were pressured into allowing private job service providers to collect their “sensitive information”.

ParentsNext participants are asked to sign a privacy notification and consent form, which is similar to documentation provided to those on other welfare programs such as the employment scheme Jobactive.

The program is compulsory for those who want to receive parenting payments and are considered “disadvantaged”, but departmental guidelines state that participants may decline to sign the form and still take part.

Instead, some case workers have told participants that they would have their payments cut if they refused to sign the form.

The situation has meant women who did not want to give their consent have done so anyway. One of the five participants who spoke to Guardian Australia about their experience said they felt the situation represented “coercion”.

“She [my case worker] just said, flat out, ‘If you don’t sign it, you won’t get your parenting payment’,” one mother, who did not want to be named, told Guardian Australia. “It was simple as that.”

The women were concerned by the fact the privacy form states that providers “may collect sensitive information … [which] may include … medical information”. It is understood the form would allow providers to handle participants’ mental health information.

Parenting payment is the sole income for many women on the ParentsNext program, which is currently the subject of a Senate inquiry.

While is standard practice for welfare recipients to be asked to sign privacy consent and notification forms, the chairman of the Australian Privacy Foundation, David Vaile, noted that, in this case, the women felt they needed to sign the form in order to keep receiving their payments.

“It has all the characteristics of bad consent,” Vaile said.

Ella Buckland, who has been campaigning against ParentsNext since she was placed on the program, has asked her provider to destroy the consent form she signed last year. She was told she needed to sign the form to take part in the program – and therefore keep her payments.

“I felt humiliated and disempowered that I didn’t have a choice,” Buckland, a former Greens staffer, told Guardian Australia. “[I thought] if I didn’t sign it, I wouldn’t be able to feed my kids.”

The department has told Buckland in writing she may withdraw her consent at any time. Her provider, who did not reply to a request for comment, has been asked by the Department of Jobs and Small Business to respond to her claims.

Terese Edwards, the chief executive of the National Council of Single Mothers and their Children, said many women had legitimate reasons for refusing to sign the form, such as having left a violent relationship.

 “Providing this information reduces their sense of security,” she said. “It could be where the child is getting schooled, which then has the address of the parent. It could also have the name of the child.”

Among the women Guardian Australia has spoken is a mother of a transgender child who did not want to sign the form because she was concerned about the privacy of her daughter.

Eva* is eligible for an exemption from the program because she homeschools her daughter, but was told in a text message she would have to sign the consent form for this to be processed. She was also told she would have to attend a meeting with her provider, about two hours’ drive away, and to provide evidence that her daughter was homeschooled......

ParentsNext privacy notific... by on Scribd

Do you know whose hands have harvested your medical information?

The Medical Republic, 7 December 2018:

An investigation by The Medical Republic has revealed state, territory and federal police forces have sent around 2,600 requests a year for this sensitive health data to the Department of Human Services over the past two years. The department can legally disclose private health records to the police without a court order.

The department would not reveal how many of these requests were granted, but said the number of disclosures per year had remained stable over the past decade.

Once linked, Pharmaceutical Benefits Scheme (PBS) and Medicare Benefits Schedule (MBS) data, can paint a very detailed picture about a person’s medical history.

PBS data includes every rebatable medication purchased at a chemist. MBS records show which Medicare item numbers were billed for during each consultation, and what tests were ordered.

This information is as sensitive as MHR data, although it lacks the granularity of laboratory test results or GP notes, which can be included in a MHR. In November, the federal parliament passed legislation requiring police to produce a court order to access MHR data.

“This begs the question as to why similar protections are not being enacted in the MBS and PBS legislation,” Malcolm Crompton, a former privacy commissioner of Australia and founder and lead privacy advisor of Information Integrity Solutions, told The Medical Republic.

The legislative inconsistency was an “undeniable oddity” especially because most of the content of a MHR would, at least initially, simply be MBS and PBS data, he said.

Data sharing between the Department of Human Services and the police is shrouded in secrecy, with decisions being made behind closed doors by unnamed officials using an undisclosed set of public interest guidelines, which were issued by the secretary of the Department of Health in 2003.

The human services department has refused to make its 18-page privacy guidelines public under FOI laws, citing concerns that agencies might use their knowledge of the guidelines to trick the department.

“Specifically, with the benefit of having reviewed the document, requestors may construct their requests in a manner that undermines the department’s procedures (e.g. by misleading the delegate) in order to secure the disclosure of the requested information,” an FOI decision maker said…..

The department eventually provided a single case study for police use of private health data, four months after initially being asked about the purpose of disclosing this data, and only after The Medical Republic’s investigation exposed the scale of police requests.

The case study describes a scenario where the police are making an enquiry about a missing person whose safety is in question, and are using MBS and PBS claims information to determine whether the missing person had seen a doctor, obtained medications or updated their contact details.

The Medical Republic contacted each state, territory and federal police force for this investigation, but only the NT Police confirmed how many times the department had provided patient information.

The NT Police, Fire and Emergency Services made an average of 26 requests per year for private health data, including current contact details, next of kin, MBS or PBS records.

All of these requests were successful, and all were made without a court order. “Requests are not made under court order but rather must satisfy certain criteria,” Detective Acting Superintendent Peter Kennon said.

“That is it must be for a missing person or in relation to an offence with a penalty of two years or more imprisonment or 44 penalty units (about $6,000), and be in the public interest.”

The department is obliged to report the number of times it has disclosed linked PBS and MBS data to law enforcement authorities on an annual basis to the Office of Australian Information Commissioner (OAIC).

The Medical Republic obtained a copy of the OAIC reports, which showed that the DHS gave linked MBS and PBS data to police five times in 2016-17, but did not disclose data given to police in the previous three years.

“Most of the public interest disclosures the department makes to law enforcement agencies do not need to be included in our annual reports to the Privacy Commissioner,” a department spokesperson said.

The department only has to report the disclosure of “linked” MBS and PBS data to police. The word “linked” is not defined in the legislative instrument, so in practice, the department appears able to apply a definition that minimises its reporting obligations.

MBS and PBS data was only “linked” if the information was “combined, joined or merged”, a department spokesperson said. “The mere extraction of an individual’s MBS and PBS claims information into separate documents does not constitute linking for the purposes of the guidelines, even if those documents are sent to the same email address,” the spokesperson said.

“The department seems to be playing with semantics in order to avoid complying with the intention of the guidelines,” Dr Robertson-Dunn said.

Quotes of the Week

“in the Liberal Party, the problem is intellectual honesty, intellectual capacity, courage and integrity. Liberal Party politicians are not even game to attempt ideological coherence in their public pronouncements. They prefer simplistic slogans, message manipulation, outright lies, and varying levels of verbal bullying”  [Academic and blogger Ingrid Matthews writing in oecomuse, 27 November 2018]

“I note, and accept, advice that there is nothing in the bill that would abrogate parliamentary privilege. However, the main issue with covert access in relation to privilege … is that there would be no opportunity for a parliamentarian who considers that material is protected by privilege to raise such a claim.”  [ Speaker of the Australian Senate, Senator Scott Ryan, quoted in The Guardian, 29 November 2018]

Australian Digital Health Agency is considering adding DNA data to My Health Record

Crikey.com.au, 6 April 2018:

DNA DEBATE

The federal government’s controversial My Health Record program is capable of storing genomic data, such as cancer risks, using technology that both has huge research applications and highlights privacy and security concerns.

The Sydney Morning Herald reports that genome-sequencing company Genome.One, which can track genetic variations and therefore disease risks, has built “necessary infrastructure” for uploading sensitive genomic data into the opt-out system.

University of Canberra privacy expert Bruce Arnold has criticised the inherent risks of DNA-tracking technology and, just a week after the government backdown on police access to My Health Records, today’s news as again demonstrating a lack public consultation.

The Australian Digital Health Agency (ADHA) which is responsibe for My Health Record gave Genome.One, a wholly-owned subsidiary of The Garvan Institute, $40,000 in September 2017 to support the development of this software.

Its GoExplore™ software provides sequencing and analyses of patients’ DNA samples to assesses their risk of developing 52 hereditary conditions, including 31 cancers, 13 heart conditions, as well several other conditions where monitoring or intervention can be of benefit. 

In a change of focus, Genome.One and The Garvan Institute are reportedly no longer offering clinical reporting for genetic disease diagnosis or personal health genomics in Australia. This service was priced at $6,400 plus GST, with no Medicare rebate.

Staffing numbers in Genome.One have been severely cut, new capital is being sought and, Gavan has stated that it intends to spin off Genome.One software into a new company in which it will be a minority shareholder.

However, Genome.One still intends to pilot its genomics technology integrated into GP practice software and on !8 April 2018 its CEO stated; “We're working with some electronic medical record providers and we're hoping that we can get a trial underway at some point this year”.

Tell me again why the Turnbull Government is insisting My Health Record will become mandatory by the end of October 2018?

It is not just ordinary health care consumers who have concerns about the My Health Record database, system design, privacy issues and ethical considerations.

It is not just the Turnbull Government which has not sufficiently prepared public and private health care organisations for the nationwide rollout of mass personal and health information collection - the organisations themselves are not ready.

Lewis Ryan (Academic GP Registrar)

* 91 % of GP Registrars have never used My Health Record in a clinical context

* 65% of GP Registrars have never discussed My Health Record with a patient

* 78%  of GP Registrars have never received training in how to use My Health Record

* 73% of GP Registrars say lack of training is a barrier to using My Health Record

* 71% of  GP Registrars who have used the My Health Record system say that the user interface is a barrier

* Only 21% of  GP Registrars believe privacy is well protected in the My Health Record system

In fact Australia-wide only 6,510 general practice organisations to date have registered to use My Health Record and these would only represent a fraction of the 35,982 GPs practicing across the country in 2016-17.

UPDATE

Healthcare IT News, 3 August 2018:

The Federal Government’s Health Care Homes is forcing patients to have a My Health Record to receive chronic care management through the program, raising ethical questions and concerns about discrimination.

The government’s Health Care Homes trial provides coordinated care for those with chronic and complex diseases through more than 200 GP practices and Aboriginal Community Controlled Health Services nationally, and enrolment in the program requires patients to have a My Health Record or be willing to get one.

But GP and former AMA president Dr Kerryn Phelps claimed the demand for patients to sign up to the national health database to access Health Care Homes support is unethical.

“I have massive ethical concerns about that, particularly given the concerns around privacy and security of My Health Record. It is discriminatory and it should be removed,” Phelps told Healthcare IT News Australia.

Under a two-year trial beginning in late 2017, up to 65,000 people are eligible to become Health Care Homes patients as part of a government-funded initiative to improve care for those with long-term conditions including diabetes, arthritis, and heart and lung diseases.

Patients in the program receive coordinated care from a team including their GP, specialists and allied health professionals and according to the Department of Health: “All Health Care Homes’ patients need to have a My Health Record. If you don’t have a My Health Record, your care team will sign you up.”

Phelps said as such patients who don’t want a My Health Record have been unable to access a health service they would otherwise be entitled to.

“When you speak to doctors who are in involved in the Heath Care Homes trial, their experience is that some patients are refusing to sign up because they don’t want a My Health Record. So it is a discriminatory requirement.”

It has also raised concerns about possible future government efforts to compel Australians to have My Health Records.

“The general feedback I’m getting is that the Health Care Homes trial is very disappointing to say the least but, nonetheless, what this shows is that signing up to My Health Record could just be made a prerequisite to sign up for other things like Centrelink payments or workers compensation.”

Human rights lawyer and Digital Rights Watch board member Lizzie O’Shea claims patients should have a right to choose whether they are signed up to the government’s online medical record without it affecting their healthcare.

“It is deeply concerning to see health services force their patients to use what has clearly been shown to be a flawed and invasive system. My Health Record has had sustained criticism from privacy advocates, academics and health professionals, and questions still remain to be answered on the privacy and security of how individual's data will be stored, accessed and protected,” O’Shea said. [my yellow highlighting]

Turnbull Government prepares an end run around the Australian electorate?

In 1986 the Federal Government couldn’t get the national electorate to accept the Australia Card, a national identity card to be carried by all citizens.

Likewise in 2007 the wider electorate rejected the proposed Access Card, a national identity card with a unique personal identification number, which was to be linked to a centralised database expected to contain an unprecedented amount of personal and other information.

Federal Government also failed to have everyone embrace the idea of MyGov, a data sharing, one-stop digital portal for access to government services created in 2013. To date only 11.5 million people out of a population of over 24.9 million hold an account with MyGov.

When after three and a half years the populace did not register in sufficient numbers for the so-called Personally Controlled Electronic Health Record (PCEHR), an intrusive opt-in data retention system, government changed tack.

It relabelled PCEHR as My Health Record (MHR) in 2016 and broadened the number of agencies which could access an individual’s personal/health information. Decreeing it would become a mandatory data collection system applied to the entire Australian population, with only a short an opt-out period prior to full program implementation¹.

However, it seems that the Turnbull Federal Government expects around 1.9 million people to opt-out of or cancel their My Heath Record in the next two months. Possibly with more cancellations to occur in the future, as privacy and personal safety become issues due to the inevitable continuation of MHR data breaches and the occurrence of unanticipated software vulnerabilities/failures.

So Turnbull and his Liberal and Nationals cronies have a backup in place in 2018 called the Data Sharing and Release Bill, which Introduces legislation to improve the use and reuse of public sector data within government and with private corporations outside of government, as well as granting access to and the sharing of data on individuals and businesses that is currently otherwise prohibited.

The bill also allows for the sharing of transaction, usage and product data with service competitors and comparison services. An as yet unrealised  provision which is currently being wrapped up in a pretty bow and called a consumer right - but one that is likely to be abused by the banking, finance, insurance, electricity/gas industry sectors.

The bill appears to override the federal privacy act where provisions are incompatible.

This is a bill voters have yet to see, because the Turnbull Government has not seen fit to publish the bill’s full text. Only an issues paper is available at present.

Notes:

1. Federal Government may have succeeded in retaining the personal details of every person who filled in the 2016 Census by permanently retaining these details and linking this information to their future Census information in order to track people overtime for the rest of their lives, but this win for government as Big Brother was reliant on stealth in implementation and was limited in what it could achieve at the time. 

Because not everyone ended up with a genuine unique identification key as an unknown number of individual citizens and permanent residents (possibly well in excess of half a million souls) as acts of civil disobedience deliberately filled in the national survey forms with falsified information or managed to evade filling in a form altogether. 

When it comes to My Heath Record the words horse, stable, door, spring to mind

In January 2016 the Australian Digital Health Agency (ADHA) became a corporate Commonwealth established under the Public Governance, Performance and Accountability (Establishing the Australian Digital Health Agency) Rule.

It has a board appointed by the Minister for Health in whose portfolio it is situated and the board is the accountable body of the ADHA.

Currently Mr Jim Birch AM, Chair. Mr Rob Bransby, Dr Eleanor Chew, Dr Elizabeth Deven, Ms Lyn McGrath, Ms Stephanie Newell, Dr Bennie Ng,  Professor Johanna Westbrook and Michael Walsh sit on this board.

The executive team is headed by Tim Kelsey as CEO, with Professor Meredith Makeham as Chief Medical Adviser and Bettina McMahon, Ronan O’Connor, Terrance Seymour & Dr. Monica Trujillo as the four executive managers.

ADHA is also the designated Systems Operator for My Health Record which currently holds the personal health information of 5.98 million people across the country and will add the remaining 19 million after 15 October 2018 unless they opt out of being included in this national database.

Given the potential size of this database the question of cyber security springs to mind.

It seems that the Australian Digital Health Agency has not been independently audited for cyber resilience by the Australian National Audit Office (ANAO) ahead of beginning the mammoth task of collecting and collating the personal heath information of those19 million people.

Australian National Audit Office, Potential audit: 2018-19:

Management of cyber security risks in My Health Record

The audit would examine the effectiveness of the Australian Digital Health Agency’s management of cyber security risks associated with the implementation and ongoing maintenance of the My Health Record system.

My Health Record creates a record of Australians’ interactions with healthcare providers, and more than 5.5 million Australians have a My Health Record. The audit would focus on whether adequate controls are in place to protect the privacy and integrity of individual records.

It seems that the Australian general public still only has the honeypot's dubious word that it cannot be raided by unauthorised third parties.

Prime Minister Malcolm Turnbull has reacted to growing community concern about the number of agencies which can access My Health Records with a vague promise of "refinements" and with this outright lie; "The fact is that there have been no privacy complaints or breaches with My Health Record in six years and there are over 6 million people with My Health Records".

The Office of the Australian Information Commissioner has recorded complaints and at least 242 individual My Health Records have been part of mandatory data breach reports in 2015-16 to 2016-17, with nine of the 51 reported breach events involving "the unauthorised access of a healthcare recipient’s My Health Record by a third party".

BACKGROUND

Intermedium, 8 May 2018:

Re-platforming options for the My Health Record (MHR) system will soon be up for consideration, with an Australian Digital Health Agency (ADHA) spokesperson confirming that a request for information will be released in the next few months to inform plans to modernise the infrastructure underpinning Australia’s mammoth patient health database.

An open-source, cloud-based environment has already been flagged as a possibility for the MHR by Department of Health (DoH) Special Adviser for Strategic trategic Health Systems and Information Management Paul Madden at Senate Estimates in May last year. He also said that the re-platforming decision was one of many “variables” that needed to be squared away to accurately gauge how much the MHR system will cost beyond 2019-20.

“The variables in there include the re-platforming of the system to an open source environment, using cloud technology… which will be something we will not know the cost of until we hit the market to get a view on that”, Madden said last year. “Our commitment is to come back to the budget in 2019 to paint out those costs for the four years beyond.”

ADHA is scoping out MHR re-platforming options early, with the existing contract with the Accenture-led consortium not set to expire until 2020. As the “National Infrastructure Operator”, Accenture is tasked with running and maintaining MHR’s infrastructure. The prime contractor works with Oracle and Orion Health to provide the core systems and portals behind MHR.

Accenture was awarded the contract to design, build, integrate and test the then-personally controlled electronic health record system (PCEHR) back in 2011, and has signed 13 contracts worth a total of $709.53 million with DoH in relation to the MHR in that time. With the original infrastructure now over seven years old, ADHA recognise the importance of modernising the environment supporting the MHR....

The Sydney Morning Herald, Letter to the Editor, 26 July 2018. p20:

What happens to medical records when opting out?

Dr Kerryn Phelps reminds us that, if people don't opt out, the My Health Records Act allows disclosure of patients' health information to police, courts and the ATO without a warrant ("My Health Record backlash builds", July 25). This would be in addition to "health information such as allergies, medicines and immunisations" available for emergency staff.

How can the access be restricted to emergency staff? How can only certain categories of information be released when allergies and medication are part of general medical notes? I was not reassured by "serious penalties relating to the misuse of information do not apply to accidental misuse" on the website. I opted out.

My GP has told me that, nonetheless, she will be obliged to upload my records - which sounds credible since I have formally opted out with the government, not with my doctor's practice. So what happens - does my health record get kicked off "the cloud"? What exactly did I opt out of?

Denise De Vreeze [my yellow highlighting]

Australian Health Minister Greg Hunt is not being truthful about My Health Record and he knows it

On 16 July 2018 the Australian Minister for Health and Liberal MP for Flinders, Gregory Andrew 'Greg' Hunt, characterised My Health Record as a "secure summary" of an individual's key health information.

The Office of the Australian Information Commissioner (OAIC) tells a rather different story.

One where at least 242 individual My Health Records have been part of mandatory data breach reports in 2015-16 to 2016-17, with nine of the 51 reported breach events involving "the unauthorised access of a healthcare recipient’s My Health Record by a third party".

A story which also involves at least 96 instances of Medicare uploading data to the wrong digital health records and also uploading claim information to another 123 My Health Records apparently without the knowledge or consent of the persons in whose names these My Health Records had been created.

There were other instances where MyGov accounts held by healthcare recipients were incorrectly linked to the My Health Records of other healthcare recipients.

Prior to the database name change and system change from opt-in to opt-out there had been another 9 data breaches of an unspecified nature reported, involving an unknown number of what are now called My Health Records.

More instances are now being aired in mainstream and social media where My Health Records were created by DHS Medicare Repository Services or other agents/agencies without the knowledge or consent of the individual in whose name the record had been created.

Healthcare IT News 16 July 2018

If this is how the national e-health database was officially functioning malfunctioning by 30 June 2017, how on earth is the system going to cope when it attempts to create millions of new My Health Records after 15 October 2018?

On the first day of the 60 day opt-out period about 20,000 people refused to have a My Health Record automatically created for them and at least one Liberal MP has also opted out, the Member for Goldstein and member of the House of Representatives Standing Committee on Health, Aged Care and Sport Tim Wilson. 

Prime Minister Malcolm Bligh Turnbull has stated his view that mass withdrawals will not kill the national digital health records system - perhaps because he and his government are possibly contemplating adopting the following three coercive recommendations found amongst the thirty-one recommendations included in the Siggins Miller November 2016 Evaluation of the Participation Trials for the My Health Record: Final Report:

20. Use all mechanisms available in commissioning and funding health services as vehicles to require the use of the My Health Record to obtain funds where practical.

21. Consider ways to require the use of the My Health Record system by all healthcare providers and how to best use the Government’s purchasing power directly (e.g. in the aged care sector), via new initiatives as they arise (such the Health Care Home initiative) or via PHNs commissioning clinical services (e.g. require use of the My Health Record system in all clinical and aged care services that receive Commonwealth funds). Such requirements should have a timeframe within which healthcare providers need to become compliant.

22. Explore with health insurers how they could encourage preferred suppliers and clients to use the My Health Record system as part of their push for preventive care and cost containment.

That the My Health Record is not about improving health service delivery for individual patients is indicated by the fact that a My Health Record is retained by the National Repositories Service for between 30 and up to 130 years after death and, even during an individual's lifetime can be accessed by the courts, police, other government agencies and private corporations listed as research organisations requiring medical/lifestyle information for what is essentially commercial gain, at the discretion of the Secretary of the Department of Health or the Digital Health Agency Systems Operator. See: My Health Records Act 2012 (20 September 2017), Subdivision B - s63 to s70

To put it bluntly, this national database will allow federal government to monitor the personal lives of Australian citizens more closely, enforce civil & criminal law, monetise collated data for its own benefit  and, weaponize the personal information collected anytime it feels threatened by dissenting opinion.

NOTES

OAIC annual reports:

https://www.oaic.gov.au/resources/about-us/corporate-information/annual-reports/ehealth-and-hi-act-annual-reports/annual-report-of-the-australian-information-commissioner-s-activities-in-relation-to-digital-health-2015-16.pdf

https://www.oaic.gov.au/resources/about-us/corporate-information/annual-reports/ehealth-and-hi-act-annual-reports/annual-report-of-the-australian-information-commissioner-s-activities-in-relation-to-digital-health-2016-17.pdf

The Guardian, 22 July 2018:

Australia’s impending My Health Record system is “identical” to a failed system in England that was cancelled after it was found to be selling patient data to drug and insurance companies, a British privacy expert has said.

My Health Record is a digital medical record that stores medical data and shares it between medical providers. In the UK, a similar system called care.data was announced in 2014, but cancelled in 2016 after an investigation found that drug and insurance companies were able to buy information on patients’ mental health conditions, diseases and smoking habits.

The man in charge of implementing My Health Record in Australia, Tim Kelsey, was also in charge of setting up care.data. 

Phil Booth, the coordinator of British privacy group Medconfidential, said the similarities were “extraordinary” and he expected the same privacy breaches to occur.

“The parallels are incredible,” he said. “It looks like it is repeating itself, almost like a rewind or a replay. The context has changed but what is plainly obvious to us from the other side of the planet, is that this system seems to be the 2018 replica of the 2014 care.data.” [my yellow highlighting]

North Coast Voices , 22 July 2018, Former Murdoch journalist in charge of MyHealth records –what could possibly go wrong?

UPDATE

Australian Parliamentary Library, Flagpost, 23 July 2018:

Section 70 of the My Health Records Act 2012 enables the System Operator (ADHA) to ‘use or disclose health information’ contained in an individual’s My Health Record if the ADHA ‘reasonably believes that the use or disclosure is reasonably necessary’ to, among other things, prevent, detect, investigate or prosecute any criminal offence, breaches of a law imposing a penalty or sanction or breaches of a prescribed law; protect the public revenue; or prevent, detect, investigate or remedy ‘seriously improper conduct’. Although ‘protection of the public revenue’ is not explained, it is reasonable to assume that this might include investigations into potential fraud and other financial offences involving agencies such as Centrelink, Medicare, or the Australian Tax Office. The general wording of section 70 is a fairly standard formulation common to various legislation—such as the Telecommunications Act 1997—which appears to provide broad access to a wide range of agencies for a wide range of purposes. 

While this should mean that requests for data by police, Home Affairs and other authorities will be individually assessed, and that any disclosure will be limited to the minimum necessary to satisfy the request, it represents a significant reduction in the legal threshold for the release of private medical information to law enforcement. Currently, unless a patient consents to the release of their medical records, or disclosure is required to meet a doctor’s mandatory reporting obligations (e.g. in cases of suspected child sexual abuse), law enforcement agencies can only access a person’s records (via their doctor) with a warrant, subpoena or court order....

It seems unlikely that this level of protection and obligation afforded to medical records by the doctor-patient relationship will be maintained, or that a doctor’s judgement will be accommodated, once a patient’s medical record is uploaded to My Health Record and subject to section 70 of the My Health Records Act 2012. The AMA’s Guide to Medical Practitioners on the use of the Personally Controlled Electronic Health Record System (from 2012) does not clarify the situation.

Although it has been reported that the ADHA’s ‘operating policy is to release information only where the request is subject to judicial oversight’, the My Health Records Act 2012 does not mandate this and it does not appear that the ADHA’s operating policy is supported by any rule or regulation. As legislation would normally take precedence over an agency’s ‘operating policy’, this means that unless the ADHA has deemed a request unreasonable, it cannot routinely require a law enforcement body to get a warrant, and its operating policy can be ignored or changed at any time.

The Health Minister’s assertions that no one’s data can be used to ‘criminalise’ them and that ‘the Digital Health Agency has again reaffirmed today that material … can only be accessed with a court order’ seem at odds with the legislation which only requires a reasonable belief that disclosure of a person’s data is reasonably necessary to prevent, detect, investigate or prosecute a criminal offence…..

Although the disclosure provisions of different agencies may be more or less strict than those of the ADHA and the My Health Records Act 2012, the problem with the MHR system is the nature of the data itself. As the Law Council of Australia notes, ‘the information held on a healthcare recipient’s My Health Record is regarded by many individuals as highly sensitive and intimate’. The National Association of People with HIV Australia has suggested that ‘the department needs to ensure that an individual’s My Health Record is bound to similar privacy protections as existing laws relating to the privacy of health records’. Arguably, therefore, an alternative to the approach of the current scheme would be for medical records registered in the MHR system to be legally protected from access by law enforcement agencies to at least the same degree as records held by a doctor.