More concerns for the security of new systems. Photo: ITN
Australia’s controversial My Health Record program has once again come under scrutiny after it has been revealed data breaches of the system have increased in the last 12 months.
Over a 24 month period, My Health Record documents have revealed 77 data breaches reported to the Australian Information Commissioner, including 42 new breaches recorded since Australians began being automatically enrolled into the system last year.
A new report released by the Australian Digital Health Agency has revealed there has been 42 data breaches since Australians began to be enrolled on the new My Health Record system in July.
According to reports, records show data was breached by authorities for a number of reasons, including after a child was mistakenly given parental authorisation to view a record, 24 for suspected cases of Medicare fraud, and 17 due to “intertwined Medicare records”.
The numbers show an increase from the 2016-2017 report, where My Health Record authorities reported 35 data breaches, all of a similar nature to this year’s breaches.
This takes the total number to 77 data breaches in 24 months.
Authorities are currently authorised to “breach” your personal security settings to access information if required for a number of third-parties.
Australians currently have until January 31st to opt-out of the program before over 17 million digital identities are automatically created for medical access.
The program, since its inception as the failed E-Health system, has been the subject of years of controversy for issues such as data protection and digital security capabilities.
The Australian Digital Health Agency, which was established in July 2016, has a legal responsibility under the My Health Records Act 2012 to report notifiable data breaches to the Office of the Australian Information Commissioner (OAIC).
A spokesperson for the Australian Digital Health Agency emphasised that these breaches were “not intentional”:
“Errors of this type occur due to either alleged fraudulent Medicare claims or manual human processing errors, as was the case for breaches reported during the 2017-2018 financial year.”
Currently, six million Australians are in the My Health Record database. By the end of October, 1.1 million Australians had opted out of My Health Record out of concerns for privacy and data security.
This new development rounds off a controversial 12 months for My Health Record.
Critics fear sensitive information held by the system could be accessed by hackers, and are also concerned the records could be used for commercial gain.
It was revealed in November that Big Pharma will be able to access My Health Record systems, as long as it isn’t used for “solely commercial reasons”, raising many concerns with advocate groups.
Caroline Edwards, the Deputy Secretary of the Department of Health, told a Senate hearing recently that third-party access arrangements would allow medical and public health researchers access to “de-identified data”.
This also follows multiple deadline extensions and concerns over greater access by authorities, with critics now calling for another 12 month extension so Australians can be given more time to educate themselves on the system following public backlash.
Kerryn Phelps, independent MP and former president of the Australian Medical Association, spoke on the developments:
“We’ve been consistently reassured by the Minister that no such privacy breaches had occurred.
This was confirmation that there have been privacy breaches, some serious, and it shows the potential for further privacy breaches as this data base comes online and becomes more used.”
Labor’s health spokeswoman Catherine King said the breaches were more evidence of government mismanagement.
“The opposition has called for the system to be reviewed by the Privacy Commissioner before its final roll-out.”
The Australian Digital Health Agency annual report, which detailed the breaches, noted that there have been “no purposeful or malicious attacks compromising the integrity or security of the My Health Record system”.
LINK TO OPT-OUT
OPT-OUT BY JANUARY 31, 2019:
CALL 1800 723 471
Remember to leave as little detail as possible in the questionnaire to avoid similar profiles being created based on detailed answers.
For more TOTT News, SUBSCRIBE to the website for FREE and follow us on social media for more exclusive content:
Australian Digital Health Agency: Annual Report (2017-2018) (Page 59) | DigitalHealth.gov.au
Australian Digital Health Agency: Annual Report (2016-2017) (Page 56) | DigitalHealth.gov.au
Revealed: Big Pharma can access My Health Record | TOTT News