[LINK] MyHealthRecord opt-out Site

Karl Auer kauer at biplane.com.au
Mon Apr 4 12:13:30 AEST 2016


On Mon, 2016-04-04 at 11:39 +1000, Roger Clarke wrote:
> However, that isn't conclusive evidence that the contents are
> transmitted in clear.

It''s a bit complicated. The myhealtrecord site does seem to be doing
the right thing; the main page redirects to https and so on. But to opt
out you are shunted to the Medicate page, and Medicare is not doing the
right thing. Once there you can click on various links that are not
relative and that drop you back out to http.

I have a call in to MyHealthRecord trying to tell them about this. It
will be interesting to see if they do actually get back to me.

General note regarding web sites, and government sites in particular:
There used to be a convention that a link at the bottom of a page would
take you to the people responsible for the page, in a technical sense.
That seems to have gone now. It is actually quite difficult to get in
touch with anyone about a technical flaw in a government website.

I rang the Dept of Health on the main contact number. The person there
gave me the MyHealthRecord support line. I explained that I did not
need support, I had a report of a technical fault. That got me through
to someone called Jamie:

 Can you assist me with a technical issue?

 Yes.

 The MyHealthRecord opt-out page is only
 partly protected. The official link does
 not specify HTTPS and even if someone
 does get there with SSL, there are links
 within the site that bounce users back
 out to an unencrypted connection. This is
 a problem because you are collecting
 sensitive information via those pages.

 Just a minute, I'll try to find someone who
 can assist you.

Someone will call me back. So they say.

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389

GPG fingerprint: E00D 64ED 9C6A 8605 21E0 0ED0 EE64 2BEE CBCB C38B
Old fingerprint: 3C41 82BE A9E7 99A1 B931 5AE7 7638 0147 2C3C 2AC4






More information about the Link mailing list