[LINK] Your Medicare records online

Kim Holburn kim at holburn.net
Wed Mar 3 08:46:18 AEDT 2010 

This is rather scary.

http://www.abc.net.au/news/stories/2010/03/02/2834702.htm

> Medicare privacy breaches 'only the beginning'
> By Carly Laird for PM
>
> Medicare says it has implemented privacy controls to curb snooping.  
> (ABC News: Giulio Saggin, file photo)
>
> Revelations that Medicare employees are being investigated for  
> spying on customers' personal information have renewed fears from  
> privacy advocates that healthcare staff cannot be trusted.
> As the Federal Government works to bring in a national identity  
> scheme for patients, around 400 cases have emerged of unauthorised  
> snooping on people's private records over the past four years.
>
> Medicare says it has implemented privacy controls and that the  
> number of cases of snooping has been getting smaller, however it is  
> not known who or how far the information was allowed to spread.
>
> The agency has given few details of how the snooping was allowed to  
> occur and no one from Medicare was available to speak to PM this  
> afternoon.
>
> The privacy commissioner, Karen Curtis, insists Medicare is not  
> ignoring the issue.
>
> "Any privacy breach is a concern, but the fact that Medicare is  
> monitoring and investigating these potential breaches of personal  
> information and they've got systems in place, that's actually good  
> news," she said.
>
> Medicare says staff caught snooping in the past four years have been  
> disciplined but will not give details.
>
> Juanita Fernando, the chair of the health sub-committee at the  
> Australian Privacy Foundation, says Medicare's assurances may be of  
> little comfort to people whose privacy has been breached.
>
> "Wherever there is a whole range of information collected together,  
> regardless of people's ethics or how good they are, they're going to  
> look at it. And they do it basically out of curiosity," Dr Fernando  
> said.
>
> "I know anecdotally of ambulance officers during non-emergency cases  
> of patients who, because they've got nothing else to do, just read  
> patients' files while they're sitting and waiting.
>
> "And we already know that although Medicare staff are highly trusted  
> by Australian consumers and patients, Medicare workers are still  
> human and that's why the breaches occurred."
>
>
> Patient records
> Dr Fernando is concerned the privacy breaches at Medicare are a sign  
> of things to come.
>
> The Government has introduced bills into Parliament for what it  
> calls an "individual health identifier". They bills go to a Senate  
> inquiry next week.
>
> The ID number will be used to collate all patient records in one  
> place so health providers can gain access to relevant information at  
> the one time.
>
> It is the first stage of the Council of Australian Governments'  
> national electronic health plan.
>
> "It's of real concern to me and to many people who contact the  
> Australian Privacy Foundation," Dr Fernando said.
>
> "They're very concerned about it because if I'm a miscreant of some  
> sort, I can just use a single number and access people's records  
> from whatever health service I decide to go into."
>
> To stop this from happening, Dr Fernando says security controls must  
> be put in place to guard against the known ways people breach health  
> information.
>
> "You don't develop honey pots. You don't develop huge amassed files  
> with people's information, so that if security is breached it is  
> breached in one or two instances not for the entire population of  
> Australia," she said.
>
>
> Extra security
> Dr Mukesh Haikerwal, the former head of the Australian Medical  
> Association and the current head of the clinical unit at the  
> National E-Health Transition Authority, says the new system will  
> provide extra security for patients.
>
> "The way in which the system will be rolled out is far more secure  
> with these new arrangements than they are with a paper record," he  
> said.
>
> "With a paper record today you can potentially wander into a medical  
> record department, anybody can wander in and have a look at  
> somebody's notes without anybody knowing what's going on.
>
> "With the new arrangements, the [ID] number is only a number and  
> pertains to no medical information. So the number being generated by  
> Medicare actually has no medical information attached to it.
>
> "In order to get access to medical information the person has to be  
> an authorised healthcare provider."
>
> Dr Fernando says no one can say whether the new system will be more  
> secure because "nobody is actually looking at the facts".
>
> "For instance, notes about the Medicare data breach are tucked away  
> on the Australian Privacy Commission's website. We essentially don't  
> know what's going to happen," she said.
>
> "It's like taking a great big jump off into the unknown and being  
> comfortable that the Government is going to be trustworthy and  
> capable enough to take care of us all."
>
> If the legislation is passed it could only be a matter of months  
> before the ID numbers are used by healthcare professionals.
>
>
-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request

More information about the Link mailing list