Oz e-health privacy: after a breach is too late

I wonder how many think that any information placed with government is safe?

And Australia's-peak-privacy-body damning report will be read by?

Absolutely no one in charge! What a world, what a world...............

The most sobering bit....

“Relying primarily on penalties overlooks the fact that they are totally ineffective against criminals and cyber-terrorists operating overseas. Once a breach has occurred, the data cannot be put back in the box. Once an identity is used fraudulently, the damage is done.”

.....At a time when the internet has never been more insecure, at a point when the exploitation of data has never held more uncertainty, bureaucrats and politicians go full steam ahead into the unknown.

.....Makes you wonder, what f*cking news they read every day, as every government and corporation gets hacked?

care.data on the horizon?

Timothy Kelsey will be riding into town in January, just in time to "monetise" the whole database!

Same in the UK

Your NHS record at your local surgery is linked to the "Spine". This central registry is checked and updated every time your record is accessed. It contains (amongst other things) your name, address, ethnicity, religion, telephone and contact details. This might be considered to have a use to the State? It can be searched for by almost all parts of the NHS to ensure that the right budget is charged for your treatment. No-one seems to care about this here!

"dangerously naïve" - "patently absurd"

I used to think the same thing. But politicians are more intelligent than we give them credit for. Its that their values are different than ours. The people outspoken about privacy are a very small minority and the people who want convenience above all else are the majority. The people outspoken about privacy don't buy the need for blanket surveillance to "fight" terrorism but the majority of does. The people outspoken about privacy are for the most part disorganized and have no lobbying power whereas corporations have an abundance of both. Corporations fund political campaigns and it takes a majority to vote politicians into office. So the politicians are not naive or absurd. They are acting in their own best interests.

couldn't handle names with apostrophes............

"the Accenture-built system couldn't handle names with apostrophes (O'Dwyer for example)."

Not able to handle apostrophes in 2012 ?

What amateur wrote that database?

And that's not all.

As primary author of the APF submission, I'd like to point out there was far more to what we said than the issue of Australian laws not stopping overseas criminals and cyber-terrorists.

The main gripe we have with the system is access to the data.

1. It's accessible from the internet. Just stupid.

2. The claim that it's personally controlled and that patients can see who has accessed their data. This is totally and absolutely untrue. As the government's own website says, patients can block certain institutions from accessing their record and can see which institutions have accessed it. That is a long long way from "who". The scenario we used to demonstrate the risk was

"... if a patient goes to see a dentist and there are potential health issues if undergoing dental treatment and the patient grants access, then the dentist, their nurses as well as ancillary and administrative staff all have full access to a patient’s health record. This can include aspects of the patient’s health care that have no relevance to the practice of dentistry, such a mental health issues."

3. That last bit refers to the fact that anyone who can see the record sees all of it.

4. In the enabling legislation is Section 70 which says, in part:

The System Operator is authorised to use or disclose health information included in a consumer’s PCEHR if the System Operator reasonably believes that the use or disclosure is reasonably necessary for one or more of the following things done by, or on behalf of, an enforcement body:

• the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law;

• the enforcement of laws relating to the confiscation of the proceeds of crime;

• the protection of the public revenue;

• the prevention, detection, investigation or remedying of seriously improper conduct or prescribed conduct;

• the preparation for, or conduct of, proceedings before any court or tribunal, or implementation of the orders of a court or tribunal.

These accesses are not logged for the patient to see.

So much for personally controlled.

The whole architecture of the system is a disaster. There are other issues such as data can leak out into other eHealth systems quite legitimately, but then the provisions of the legislation no longer apply. So much for "strong security and privacy controls" as claimed by te government.

I won't bore you with even more, but, IMHO, it's a train-wreck waiting to happen, unless they do something they have never done before - think it through and make changes.

Court or tribunal....

This seems unduly generous.

Potentially everything from a rent tribunal to an appeal against a parking fine or an overdue library book?

Do you want your medication for stress 5 years ago produced for the court (or tribunal) to show that you have mental health issues and so all your testimony should be disregarded?

Check out RIPA in the UK.

Pushed through as an essential tool in the fight against terrorists and mainly used to combat bin abuse, dog fouling, and people claiming to be in a better cachment area to get their kids into a better school.

Of course freely available information is of great benefit to corporates large and small, plus government local and national. Not so much benefit to the individual, unfortunately.

well I'm not surprised

I've worked on the edges of this, interfacing medical software to the ehealth/nash/pcehr disaster. seeing the request sent to the service over http instead of ssl, even sending the certificate public key via this to validate the requester, worried me no end. it didn't work so I don't know if it failed simply because it was using an unsecure channel, but seeing it do it at all was scary.

just as scary was the responses for support about it. noone knows whats going on or how to fix anything. I can say I don't know if its normally secure as all the support people involved didn't know, couldn't separate the need for a certificate pair with actually using it. oh, but the program needs it, doesn't mean its using it. going any deeper was a nightmare. the only reason practices use it is that they dangle incentives in front of them.

one thing though, I don't see why it being accessible over the internet is in itself a problem. medicare have PKI down reasonably well, its just the team doing pcehr tried to integrate and just failed the basics, now that is a problem.

yes but.....

Agree with all the concerns above.....but let's be very clear that there are very real tangible benefits to the individual from a properly designed and working system. The frustration of not having all the information in front of the hospital/specialist/GP you are currently taking to because it either on bits of paper or on a different system they cant access I know personally. Even when you think you have given permission - they still don't get access and still don't have the records. Also there are many cases every year where either the wrong/no treatment is given because a key bit of information wasn't known by the medical staff. So yes - this implementation sounds like a disaster - but please let's not throw the baby out with the bath water. The *idea* is not just good - it's essential to save lives and improve healthcare.

Now someone needs to build on that works :)