Showing posts with label information technology. Show all posts
Showing posts with label information technology. Show all posts

Friday, 9 April 2021

One might almost believe that Australian Prime Minister Morrison is casting about for ways to drive his persistent critics from social media

 

Prime Minister Scott Morrison and those of his ilk are toying with the idea of creating a law which bans all anonymity on social media.


One which will force women who have accounts with Facebook, Twitter, Instagram and many other sites to publicly disclose their legal names when creating such accounts and not use a pseudonym when posting or tweeting.


Under scenarios being considered by the Liberal-Nationals Government, all Australians may have to submit 100 points of identification - such as a driver’s licence or passport - before creating a social media account.


Additionally, social media users would be liable for defamation or even subject to criminal prosecution for their activity online.


For some reason he and others in his government are professing to believe this will make the Internet safe for women and girls.


Create a hugh Australian database spread across multiple sites which contains the verifiable ID of tens of thousands of Australian females – including home and/or work addresses. What could possibly go wrong?


Another giant pot for gold every vengeful, misogynistic male who decides he wants to abuse, threaten and stalk in real life not just in cyberspace. 


At least one social media giant clearly demonstrates by way of repeated privacy breaches, just how easy it is to open databases.


This is the latest.......


The Guardian, 5 April 2021:


Australians are being urged to secure their social media accounts after the details of more than 500 million global Facebook users were found online in a massive data breach.


The details published freely online included names, phone numbers, email addresses, account IDs and bios.


In a statement, Facebook said the leaked information was old, and came from a problem it had resolved in 2019, but experts told Guardian Australia the data could still cause problems for users caught up in the breach.


So what might hackers do with your info? How can you check if your data was leaked? And what can you do to protect yourself?


How your information could be used


Dr Andrew Quodling, a researcher in governance of social media platforms at the Queensland University of Technology, said that the data could be used to gain access to people’s Facebook accounts but also emails and accounts with other social media sites.


Once a hacker has your email, they can try to login into your accounts by pairing your email with simple passwords.


People will take a sort of an easy run at simple hacks – try the top 100 most common passwords, and try to get in with brute force,” he said. “So anyone using the password 123 on that list would be in trouble.”


How to find out if your data was leaked


The quickest and easiest way to find out if your data has been leaked as part of a wider breach is to check on websites run by security researchers.


One of the most popular and effective of these sites is HaveIBeenPwned.com, a database maintained by security analyst Troy Hunt.


It only needs your email, which it cross-references with more than 10bn accounts that have been breached in the past to find if your details were leaked online.


It also has an option, for users to check if their password has been compromised.


Unfortunately, it does not yet track phone numbers, which were the most common user field in the recent Facebook leak.


What to do if your data was breached


In any data breach, it’s important to ensure identity documents, such as driver’s licence and passport details, haven’t been compromised. If they have, replace them immediately.


If your email address was exposed, change your password for that account, and set up two-factor authentication where possible…...


Monday, 22 March 2021

And the Abbott-Turnbull- Morrison Government's NBN copper saga continues......

 

One of Telstra's old pits being used by the NBN
IMAGE: Coast Community News, March 2016

Now that so many old Telstra copper-laden access pits which connect households with NBN fibre-to-the-node broadband technology are currently under flood water up and down the coast of New South Wales, it might be time to consider how all this water is impacting the integrity of the copper components in these concrete pits and the effect that this might have on current and future access to the Internet and modem-connected landlines.


Because it seems copper is still king for NBN Chair Ziggy Switkowski and his seven fellow directors.


The New Daily, 21 March 2021:


The NBN Co’s decision to continue to purchase and roll out ‘obsolete’ copper cabling over ‘future proof’ fibre-optic cables is costing Australia, telco experts say.


New figures show NBN Co has purchased 55,911 kilometres worth of copper cabling for use in the national broadband network’s footprint – enough to wrap around Australia twice.


The government-owned business has replaced 6,300 degraded copper lead-ins on fibre-to-the-kerb (FTTC) with brand new copper, it was revealed this week.


RMIT associate professor of network engineering Mark Gregory slammed NBN Co’s continued use of copper as “wasteful”.


The admission by NBN Co that it had purchased 55,911 km to boost “obsolete” copper-based connections including fibre-to-the-node (FTTN) and FTTC “is shocking and should be met with outrage by taxpayers who will have to pay again, in the form of higher broadband plan costs, to have the obsolete copper based technologies replaced over the next decade,” Dr Gregory said.


The Coalition’s NBN plan has become a national disgrace. The NBN rollout, which in reality has yet to be completed, is beset by cost and technology problems and the list of the government’s failed promises growing by the month.”


The copper figures were revealed in the Senate in response to Questions on Notice, and were 57 days overdue.


The Morrison government and NBN Co have faced criticism for being slow to answer Questions on Notice.


Last month, overdue responses to QoNs revealed that NBN Co had paid out more than $77 million in bonuses during the midst of the pandemic – nearly twice as much as the previous year…….


The NBN rollout was officially completed last year, but the Morrison government has already conceded that the many of the network’s copper-based connections already need to be upgraded.


In September, Communications Minister Paul Fletcher promised to pour more than $3 billion into upgrading millions of copper-based connections to fibre-to-the-premises by 2023.


This is on top of the cost of the rollout, which is estimated to have exceeded $57 billion…..


Labor’s shadow minister for communications, Michelle Rowland, accused Liberals of deceiving the public over the cost of fibre.


We now know the Liberals knew back in 2013 that deploying fibre was dramatically cheaper than what they claimed in public,” Ms Rowland said.


Malcolm Turnbull and Paul Fletcher kept this a secret and spent eight years knowingly misleading Australians to justify their copper mess.


With waste and dishonesty as far as the eye can see – is it any wonder the cost of their copper NBN has gone from $29 billion, to $41 billion, to $49 billion and now $57 billion?”…..



Friday, 5 March 2021

Saffin points out underspending by Deputy Premier & Minister for Regional New South Wales John Barilaro on the 2019 promise of faster mobile and internet coverage in regional areas

 

Office of NSW Labor MP for Lismore Janelle Saffin, media release, 3 March 2021:


Saffin applauds action group for tackling digital divide


A RECENT Parliamentary speech by Lismore MP Janelle Saffin on the digital divide in rural and regional New South Wales has put her in touch with an action group helping isolated communities to access suitable broadband.

During a public interest debate on regional mobile and digital connectivity, Ms Saffin took NSW Deputy Premier John Barilaro to task for only delivering $50 million of $400 million the Nationals promised in February 2019 for faster mobile and internet coverage in regional New South Wales.

Ms Saffin said health was one area where the digital divide can mean life or death, so for that reason we have to ensure good connections.

“How many times can the Deputy Premier announce this? We have heard announcement after announcement, but we want to see runs on the board. We want to see connectivity.

 “All members must work together to ensure that the people of rural and regional New South Wales have strong digital connectivity for jobs, business, health and safety.”

Coverage of the debate found its way into the Information Age as an article titled, "Rural MPs lambast Govt. broadband 'BS’”, prompting Jon Gough, of the Wamboin Communications Action Group (WCAG), to contact Ms Saffin.

WCAG has done a lot of good work over some four years and is now in the process of obtaining suitable broadband for their rural community,” Ms Saffin said.

Their particular focus has been on the Wamboin, Bywong and Sutton region around the ACT, which had a particular satellite NBN allocated to their area and which the local community stated was not fit for purpose for the residents of the area.

They have focused on obtaining a service that could traverse challenging terrain and how to deliver fibre connectivity to rural areas at a similar price point to that of city residents.

“Their website contains information about WCAG that I found very interesting:
https://sites.google.com/site/wamboincommunications/home

When I spoke with Jon Gough, he asked me if there any communities in our area which would be interested in receiving assistance from them.

The WCAG secured an Australian Communications Consumer Action Network (ACCAN) grant to help them document what they had done and success with the NSW Government.

The purpose of this is to help other, similar, rural communities get recognised by both government and non-government organisations to deliver suitable, robust, future-proof digital communications.

WCAG were successful in this endeavour and are now reaching out to find other communities that need assistance in raising their profile such that they are recognised as being in need of assistance.”

Ms Saffin said if there are any groups in the Electorate of Lismore who are interested and have the capacity to work on such a project, please contact her on 02 66 213 624 and she shall put them in touch with WCAG.


Sunday, 8 November 2020

Rural & regional NSW needs practical support with QR codes to accommodate customers without smart phones and businesses with poor mobile coverage

 

Office of Labor MP for Lismore, media release, 5 November 2020:



Lismore MP Janelle Saffin has called on the Berejiklian-Barilaro Government to do more to help small businesses establish Quick Response (QR) code check-in systems in country areas where telecommunications remain sketchy.



Ms Saffin said she agreed with the general policy of rolling out QR code check-in systems to support COVID safety plans, particularly in the hospitality industry, ahead of the busy Christmas-New Year holiday season.



However, I am fed up with city-centric policies that do not take account of the reality of life in the country, including the fact that the Federal Government has yet to provide full mobile phone coverage in parts of the Northern Rivers and Northern Tablelands,” Ms Saffin said.



Many residents don’t own a smart phone but they still like to get out and socialise with family and friends at their favourite café, restaurant or pub.



These people might require a manual sign-in system and any statewide policy should be flexible enough to make some kind of allowance for this demographic.



The fact that the current policy is not inclusive makes the long-standing digital divide between city and country cousins even worse.”



Ms Saffin said the NSW Government should work with business owners in towns and villages located away from the coast to assist them to comply rather than wave a big stick by threatening them with fines or closure.



I have made representations to NSW Minister for Customer Service Victor Dominello on behalf of affected businesses in the Electorate of Lismore,” Ms Saffin said.



Business are trying their best to do the right thing so the Government needs to provide them with clear instructions, and in some cases, more hands-on assistance for those who are less tech-savvy.


Sunday, 11 August 2019

Alleged data theft by HealthEngine leaves hundreds of thousands of Australians vulnerable


Perhaps now is the time for readers to check who owns the company they might use to make medical appointment online.

ABC News, 8 August 2019: 

Australia's biggest medical appointment booking app HealthEngine is facing multi-million-dollar penalties after an ABC investigation exposed its practice of funnelling patient information to law firms. 

The Australian Competition and Consumer Commission has launched legal action against the Perth-based company in the Federal Court, accusing it of misleading and deceptive conduct. 

In June last year, the ABC revealed HealthEngine was passing on users' personal information to law firms seeking clients for personal injury claims. 

The details of the deal were contained in secret internal Slater and Gordon documents that revealed HealthEngine was sending the firm a daily list of prospective clients at part of a pilot program in 2017.



The ACCC has also accused the company of passing the personal information of approximately 135,000 patients to insurance brokers in exchange for payments.


"Patients were misled into thinking their information would stay with HealthEngine but, instead, their information was sold off to insurance brokers," ACCC chairman Rod Sims said in a statement.

The information sold included names, phone numbers, dates of birth and email addresses.

The ACCC has not said how much money the company earned form the arrangement.

The ABC revealed last year that HealthEngine had also boasted to advertisers that it could target users based on their symptoms and medical conditions. 

HealthEngine has also been accused of misleading consumers by manipulating users' reviews of medical practices. 

"We allege that HealthEngine refused to publish negative reviews and altered feedback to remove negative aspects, or to embellish it, before publishing the reviews," Mr Sims said. 

Among a range of examples, the ACCC alleges that one patient review was initially submitted as: "The practice is good just disappointed with health engine. I will call the clinic next time instead of booking online." 

But when that review was made public, it was allegedly changed to simply read: "The practice is good." 

HealthEngine is facing a fine of $1.1 million for each breach of the law, but the ACCC has yet to determine how many breaches it will allege....

Wednesday, 22 May 2019

The Abbott-Turnbull-Morrison Federal Government still hasn't made personal health data secure


Since about 2014 it has been known that the personal details of Medicare cardholders has been for sale on the dark web.

Despite an April 2014 report by the Australian National Audit Office that the Consumer Directory - which contains all Medicare customer records - was not secure and that cardholder details were for sale, the federal Liberal-Nationals Coalition Government does not appear to have comprehensively acted act on the issue of database security.

It was not unknown that Medicare cardholder details were being used fraudulently.


When contacted by the mainstream media in July 2017 the Liberal MP for Aston and then Minister for Human Services Alan Tudge denied any prior knowledge of cardholder details being offered for sale.

It was not reported that at the time if he was asked about instances of Medicare cardholder details being used to commit fraud or identity theft.

In August 2017 eHealth Privacy Australia was telling the Senate Finance and Public Administration Committee that:

• There are fundamental weaknesses in both the HPOS (Medicare card data) and My Health Records systems, which make them vulnerable to illegal access.

• Those weaknesses mean that fraudulent users of the systems can assume the identity of legitimate users to gain illegal access.

• It is not sufficient to mitigate these weaknesses in the My Health Records system.

By 1 January 2019 IT News was reporting that Medicare cardholder details fraudulently obtained had been used to access an individual’s My Health Record:

The number of data breaches involving the My Health Record system rose from 35 to 42 in the past financial year, new figures show.

The Australian Digital Health Agency (ADHA) said in its annual report [pdf] that “42 data breaches (in 28 notifications) were reported to the Office of the Australian Information Commissioner” in 2017-18.

As with previous years, the agency said that “no purposeful or malicious attacks compromising the integrity or security of the My Health Record system” were reported in the period.

Of the 42 breaches, one was the result of “unauthorised access to a My Health Record as a result of an incorrect Parental Authorised Representative being assigned to a child”, the agency reported.

A further two breaches were from “suspected fraud against the Medicare program where the incorrect records appearing in the My Health Record of the affected individual were also viewed without authority by the individual undertaking the suspected fraudulent activity”, ADHA said.

In addition, 17 breaches were the result of “data integrity activity initiated by the Department of Human Services to identify intertwined Medicare records (that is, where a single Medicare record has been used interchangeably between two or more individuals)”, the agency said. [my yellow highlighting]

Despite this knowledge the Abbott-Turnbull-Morrison Government has still not grasped the nettle, because on 16 May 2019 The Guardian reported:

Australians’ Medicare details are still being illegally offered for sale on the darknet, almost two years after Guardian Australia revealed the serious privacy breach.

Screenshots of the Empire Market, provided to Guardian Australia, show the vendor Medicare Machine has rebranded as Medicare Madness, offering Medicare details for $US21.

Other vendors charge up to $US340 by offering fake Medicare cards alongside other fake forms of identification – such as a New South Wales licence.

The Medicare Madness listing suggests the Medicare details “of any living Australian citizen” have been available since September 2018.

Guardian Australia first reported patient details were on sale in July 2017, verifying the listing by requesting the data of a Guardian staff member and warning that Medicare card numbers could be used for identity theft and fraud.


The report did not identify the source of the Medicare data leak but suggested that people could use publicly available information about healthcare providers – including their provider number and practice location – to pass security checks and obtain a Medicare card number through the Department of Human Services provider hotline.

The review panel warned the “current security check for release of Medicare card information provides a much lower level of confidence than the security requirements” for Health Professional Online Services, the portal that allows providers to make rebate claims.

An IT industry source, who refused to be named, said the re-emergence of the data breach brings into question government assurances around the privacy of medical data “when those responsible cannot even manage the security of Medicare cards”.

The source said there is a “concerted effort at the moment by law enforcement to curtail darknet market activity”.

“In reality the darknet markets, while disrupted momentarily when their sites are brought down, easily relocate and continue business.”

Darknet markets can simply private message existing clients with a new link to resume business elsewhere. [my yellow highlighting]

Thus far the federal government has failed to recognise where Medicare cardholder details may be being accessed unlawfully, as this 2 August 2018 ABC online article indicates:

Privacy experts have warned that the system opens up health records to more people than ever before, thereby increasing the threat surface — the number of vulnerabilities in a system — dramatically.

Dr Bernard Robertson Dunn, who chairs the health committee at the foundation, says once the data is downloaded into the health system, the My Health record system cannot guarantee privacy.

"Once the data has been downloaded to, for instance, a hospital system, the protections of the hospital system apply, and then the audit logs apply to the hospital system — not to My Health record.

"So there is no way the Government would know who has accessed that data, and it is untraceable and untrackable that that access has occurred."

Wednesday, 1 May 2019

Facebook spends more than a decade expressing contrition for its actions and avowing its commitment to people’s privacy – but refuses constructive action



“It is untenable that organizations are allowed to reject my office’s legal findings as mere opinions. Facebook should not get to decide what Canadian privacy law does or does not require.[Canandian Privacy Commissioner  Daniel Therrien, 25 April 2019]

Facbook Inc. professes that it  has taken steps to ensure the intregrity of political discourse on its platform, but rather tellingly will not roll out transparency features in Australia that it has already rolled out in the US, UK, Eu, India, Israel and Ukraine.

The only measure it commits to taking during this federal election campaign is to temporarily ban people outside Australiabuying ads that Facebook determines are “political”.


So it should come as no surprise that Canada issued this three page news release…….

Office of the Privacy Commission of Canada, news release, 25 April 2019:

Facebook refuses to address serious privacy deficiencies despite public apologies for “breach of trust”

Joint investigation finds major shortcomings in the social media giant’s privacy practices, highlighting pressing need for legislative reform to adequately protect the rights of Canadians

OTTAWA, April 25, 2019 – Facebook committed serious contraventions of Canadian privacy laws and failed to take responsibility for protecting the personal information of Canadians, an investigation has found.

Despite its public acknowledgement of a “major breach of trust” in the Cambridge Analytica scandal, Facebook disputes the investigation findings of the Privacy Commissioner of Canada and the Information and Privacy Commissioner for British Columbia. The company also refuses to implement recommendations to address deficiencies.

“Facebook’s refusal to act responsibly is deeply troubling given the vast amount of sensitive personal information users have entrusted to this company,” says Privacy Commissioner of Canada Daniel Therrien. “Their privacy framework was empty, and their vague terms were so elastic that they were not meaningful for privacy protection.

“The stark contradiction between Facebook’s public promises to mend its ways on privacy and its refusal to address the serious problems we’ve identified – or even acknowledge that it broke the law – is extremely concerning.”

“Facebook has spent more than a decade expressing contrition for its actions and avowing its commitment to people’s privacy,” B.C. Information and Privacy Commissioner Michael McEvoy says, “but when it comes to taking concrete actions needed to fix transgressions they demonstrate disregard.”

Commissioner McEvoy says Facebook’s actions point to the need for giving provincial and federal privacy regulators stronger sanctioning power in order to protect the public’s interests. “The ability to levy meaningful fines would be an important starting point,” he says.

The findings and Facebook’s rejection of the report’s recommendations highlight critical weaknesses within the current Canadian privacy protection framework and underscore an urgent need for stronger privacy laws, according to both Commissioners.

“It is untenable that organizations are allowed to reject my office’s legal findings as mere opinions,” says Commissioner Therrien.

In addition to the power to levy financial penalties on companies, both Commissioners say they should also be given broader authority to inspect the practices of organizations to independently confirm privacy laws are being respected. This measure would be in alignment with the powers that exist in the U.K. and several other countries.

Giving the federal Commissioner order-making powers would also ensure that his findings and remedial measures are binding on organizations that refuse to comply with the law. 

The complaint that initiated the investigation followed media reports that Facebook had allowed an organization to use an app to access users’ personal information and that some of the data was then shared with other organizations, including Cambridge Analytica, which was involved in U.S. political campaigns.

The app, at one point called “This is Your Digital Life,” encouraged users to complete a personality quiz. It collected information about users who installed the app as well as their Facebook “friends.” Some 300,000 Facebook users worldwide added the app, leading to the potential disclosure of the personal information of approximately 87 million others, including more than 600,000 Canadians.

The investigation revealed Facebook violated federal and B.C. privacy laws in a number of respects. The specific deficiencies include:

Unauthorized access

Facebook’s superficial and ineffective safeguards and consent mechanisms resulted in a third-party app’s unauthorized access to the information of millions of Facebook users. Some of that information was subsequently used for political purposes.

Lack of meaningful consent from “friends of friends”

Facebook failed to obtain meaningful consent from both the users who installed the app as well as those users’ “friends,” whose personal information Facebook also disclosed.

No proper oversight over privacy practices of apps

Facebook did not exercise proper oversight with respect to the privacy practices of apps on its platform.  It relied on contractual terms with apps to protect against unauthorized access to user information; however, its approach to monitoring compliance with those terms was wholly inadequate.

Overall lack of responsibility for personal information

A basic principle of privacy laws is that organizations are responsible for the personal information under their control. Instead, Facebook attempted to shift responsibility for protecting personal information to the apps on its platform, as well as to users themselves.

The failures identified in the investigation are particularly concerning given that a 2009 investigation of Facebook by the federal Commissioner’s office also found contraventions with respect to seeking overly broad, uninformed consent for disclosures of personal information to third-party apps, as well as inadequate monitoring to protect against unauthorized access by those apps.

If Facebook had implemented the 2009 investigation’s recommendations meaningfully, the risk of unauthorized access and use of Canadians’ personal information by third party apps could have been avoided or significantly mitigated.

Facebook’s refusal to accept the Commissioners’ recommendations means there is a high risk that the personal information of Canadians could be used in ways that they do not know or suspect, exposing them to potential harms.

Given the extent and severity of the issues identified, the Commissioners sought to implement measures to ensure the company respects its accountability and other privacy obligations in the future. However, Facebook refused to voluntarily submit to audits of its privacy policies and practices over the next five years.

The Office of the Privacy Commissioner of Canada plans to take the matter to Federal Court to seek an order to force the company to correct its privacy practices.

The Office of the Information and Privacy Commissioner for B.C. reserves its right under the Personal Information Protection Act to consider future actions against Facebook.  

Related documents:

* Note: my yellow highlighting

Nor should this alleged 'mistake' made by Facebook cause surprise.......

The New York Times, 25 April 2019:

SAN FRANCISCO — The New York State attorney general’s office plans to open an investigation into Facebook’s unauthorized collection of more than 1.5 million users’ email address books, according to two people briefed on the matter.

The inquiry concerns a practice unearthed in April in which Facebook harvested the email contact lists of a portion of new users who signed up for the network after 2016, according to the two people, who spoke on condition of anonymity because the inquiry had not been officially announced.

Those lists were then used to improve Facebook’s ad-targeting algorithms and other friend connections across the network.

The investigation was confirmed late Thursday afternoon by the attorney general’s office.

“Facebook has repeatedly demonstrated a lack of respect for consumers’ information while at the same time profiting from mining that data,” said Letitia James, the attorney general of New York, in a statement. “It is time Facebook is held accountable for how it handles consumers’ personal information.”…

Users were not notified that their contact lists were being harvested at the time. Facebook shuttered the contact list collection mechanism shortly after the issue was discovered by the press…..

Facebook Inc's rapacious business practices has been the death of online privacy and now threatens the democratic process.

Friday, 24 August 2018

Australian Attorney-General releases a draft bill which will allow the gaoling of Australian citizens for 10 years if they refuse to reveal passwords or encryption codes



According to Crikey.com.au on 15 August 2018:

In addition to its village idiot approach to undermining end-to-end encryption in new surveillance laws, the government is also seeking a blunt-force trauma approach: it wants to jail people for a decade if they refuse to give up the password to their devices.

Under the draft Assistance and Access Bill 2018 unveiled yesterday, the government is giving police, spy agencies and regulators like the ATO the power to demand that tech companies help them plant malware on computers and phones to help it defeat end-to-end encryption.


Wednesday, 22 August 2018

And the warnings continue about My Health Record.....


Financial Review, 13 August 2018:

One of the world's leading experts in cyber security policy has warned the manipulation of health data is one of his biggest concerns facing society, as debate continues to rage about the long-term viability of the government's controversial opt-out My Health Record.

Former Pentagon chief strategy officer for cyber policy and newly appointed head of cyber security strategy for data centre security company Illumio, Jonathan Reiber, told The Australian Financial Review the health data of MPs and business leaders would be of particular interest to cyber criminals.

"If I'm a malicious actor wanting to cause discontent, I would be interested in that," he said.

"If you get access to the health information of key leaders, you can understand what they like, who they are and what their problems are. [Cyber criminals] would want to look at a segment of 50 to 100 key leaders in the country, figure out data for intelligence purposes and then manipulate the data for the negative."

Earlier this month Health Minister Greg Hunt announced that the government would redraft the legislation surrounding My Health Record to restrict police access and allow records to be deleted permanently. 

He had previously copped criticism for saying the digital health database had "military-grade security", despite not having two-factor authentication protocols.


The Sydney Morning Herald, 14 August 2018:

Labor's health spokeswoman Catherine King said the government's decision to switch to an opt-out model, which Labor originally supported, gave rise to "a whole range of significant privacy and security issues that we don't think were thought of in the original enabling legislation".

"Are they then able to opt-out when they become adults? What's happening in terms of survivors of domestic violence and the capacity through the creation of a record by an abusing partner, of a record for their children or agreement to a record for their children, what security is in place to ensure that they are not traced?"

Legal experts have warned that the system provides a loophole for a violent person to create a record for their child without their ex-partner's consent, potentially allowing them to track down their estranged family's location, as revealed by Fairfax Media last month.

Ms King also highlighted concerns raised about access to medical records by health insurers, including in relation to worker’s compensation claims, which the government has said will not occur.


"We want to make sure that's not the case and we want to make sure that's not the case under the law," she said.


Some people may find their My Health Record places them at risk of stigma and discrimination or may cause safety issues.

You may wish to carefully consider whether you want your health records held or shared if you:

* have a criminal record or are affected by the criminal justice system
* use or have used drugs
* live with a lifelong transmissible condition such as HIV or hepatitis B
* have or had hepatitis C
* are not on treatment after it was recommended
* are sexually active and test regularly for STIs
* are or have been a sex worker
* are transgender or intersex
* are bisexual, lesbian or gay
* have lived with mental health issues
* have been pregnant or terminated a pregnancy
* are a health care worker.