Reasons to opt out of My Health Record / e-Health
After the article “My Health Record gets one million more reasons to sign up” was published on health.gov.au, it seems only fair that someone should mention at least a few reasons to opt out.
By “one million”, the Department of Health means a million of Australians chosen to be Guinea pigs in the new e-Health trial where online heath records were created for each of them without them asking. The trial is touting its success saying that only 2% opted out of My Health Record (MyHR). However, the low opt out rate could easily be down to the fact that the trial participants were sent glossy brochures plastered with photos of smiling people and outlining only the benefits of having an online health record, without mentioning any risks, disadvantages and implications. Just like it is done in other medical “information” booklets: pick up any pro-screening brochure at your doctor's office and compare the length of text urging you to screen and the text honestly disclosing risks of misdiagnosis, over-treatment and other harms. The situation with MyHR can hardly be expected to be any different.
Every person needs to know all pros and cons before making an informed decision. We all heard about the promised benefits of having an online medical record. Here is a small list of reasons on
why opt out:
The laws and legislation governing and protecting My Health Record can be changed at any time to suit the agenda of the day.
It already happened once: the parliament passed a bill specifically to enable the creation of trial online health records for one million people who never asked for it. The big legal obstacle was the need to obtain consent — so this was removed. Now the law does not require you to give your consent to having your health data collected and stored, but you do still need to register. At the moment, it allows opting out, but there is no guarantee that opting out won't be stopped or made excessively difficult in the future. There is also no guarantee that one day some budget genius won't come up with an idea to start selling health record data to private corporations, insurance companies, pharmaceutical giants, marketing researches or anyone else. All it takes is another bill hastily passed through.
Eventually, all their health information may be stored in a large, Federal Government owned database where data can be used for purposes other than health care and can be matched against other government databases. Australian Bureau of Statistics already announced its plans to link census data with medical records. The Australian Taxation Office is also pushing for increased sharing and use of Government held personal data.
The patient control over My Health Record can be scrapped at any time.
At the moment, MyHR is being sold to Australians with the promise that they can control what goes into it, and who is allowed to access it. However, there is already a strong medical lobby that wants patient control over eHealth records revoked.
Sadly, despite the mounting evidence of positive outcomes of the opposite approach, Australian doctors don't have a good record of treating patients as equals, allowing patient empowerment and high patient involvement and control over their own healthcare, or letting the patients to know all the information necessary for a truly informed decision and consent. Most doctors prefer their relationship with patients to be that of a master and a serf, rather than of equal partners; and keep the medicine a closed-ranks elite club, rather than a transparent service to the population that is paying for it.
For example, there are numerous self-tests for various diseases available around the worlds, yet in Australia they are ether blocked or locked behind doctor's prescription. This begs the question: is it abut “finding a problem early” and “saving lives”, or is it about keeping Australian patiens under surveillance and medical control?
Personal and health data is at risk of being sold off to a private corporation.
In 2016, despite a strong opposition in parliament, the Department of Health handed the National bowel cancer screening and the National cervical screening registers over to Telstra, thus giving a for-profit organisation access to the most intimate health information without people's consent. “Telstra is a strong proponent of big data, of open data. They're obviously a commercial operation — they're often seeking to use personal information for uses beyond what it was originally collected for and to push the limits of privacy and data protection law”, commented David Vaile, the Executive Director of the UNSW Cyberspace Law and Policy Centre. After this alarming move, it is obvious that eHealth data can be — and most likely will be — transferred, sold, shared or outsourced in the future.
Our phone calls, text messages, emails, bank accounts, Internet browsing, travels, purchases and movements are under surveillance.
Do we want our medical records to be under surveillance too?
Nobody can guarantee safety, security and privacy of your online medical record.
When a system has so many users, most of whom, including medical practitioners, have only basic computer skills, and a massive amount of highly personal data, it will inevitably suffer from attacks, breaches and misuse. The Census 2016 disaster was a perfect proof.
If your electronic health records are lost to an online criminal gang, will the government pay you the value of that loss? You can't compensate someone for the loss of their personal information, this is the distinction. Once your identity has been stolen it can never be returned, it's thieves' to use for perpetuity and a lot of people don't realise that... If you talk to people who have been the target of identity theft they will tell you what a miserable life they lead. The ability to access personal e-health records at anytime from anywhere is unnecessary and does not have enough advantages to make it worth the risk. (Graham Ingram, AusCERT general manager)
You can't truly delete anything.
As data storage gets larger, faster and cheaper, nothing gets deleted. In modern databases, the deleted records are only marked as “deleted”, but all the data stays there for years, sometimes forever. If someone is saying that you can delete your electronic health record at any time, this only means it will appear hidden, but all your health information will still be kept, accessed by anyone who can get to the database and used for any purpose the laws of the day allow.
Some will avoid seeing a doctor if their health information is shared through e-Health.
Many people have valid concerns about their privacy in our digital age, and there already is a doctor avoidance trend, especially in delicate cases such as infections and sexual health. If MyHR becomes ubiquitous and either makes it hard to opt out or will keep patient health data despite opting out, the society will be put at a greater risk of viral and communicable diseases, because many infected people will avoid seeking treatment due to lack of privacy.
My Health Record will not allow patient access to the full information about their health.
Despite the illusion that with an online health record the patients will finally get to know all the details about their own health, it is not going to happen. MyHR will only contain the information already known to the patients, as its purpose is to make medical records available to other medical practitioners, institutions and the government, not to help the patient to understand their condition better. The doctors will continue keeping their notes to themselves, pass medical referrals in sealed envelopes and discuss their patients with other doctors behind their backs.
My Health Record will not make patient access to diagnostic test results any easier.
Many people were excited to hear that all their pathology test results and diagnosing imaging reports are going to be uploaded to MyHR. Many signed up for MyHR purely for the advantage of being able to see the results before the next appointment with their doctor. They thought they would finally be able to access what was taken from their body and paid out of their pocket/taxes, be informed about their own health in a timely manner, avoid unnecessary anxious waiting, be able to prepare questions for their doctor and make the most of their next appointment. Unfortunately, this is not going to happen.
The doctors already have and always had an ability to request for any results and reports to be forwarded to their patients as soon as they are available, and no MyHR has ever been needed for that. The patients are kept in the dark only because the majority of doctors believe that patients should only obtain information about their own health under doctor's control and insisted on so-called “follow-up” appointments. With MyHR in place, the results and reports will be uploaded when the doctor sees fit. If a particular doctor wants the patient to waste more time and money on a follow-up, they will keep doing that.
Doctors' favourite excuse is that patients are not qualified to understand the results, even though some results are as simple as yes/no, even though some patients, such as scientists, are often more knowledgeable in the area than the doctors, even though it should be the ultimate patient decision what and when they want to know about their own health. At the same time, some progressive doctors are happy to see their patient actively involved in their healthcare, happy to share all the information and respect patient decisions. Those patiens are no more “qualified” than the other. So it is nothing to do with patient's qualifications, and is all about power and control that some doctors can't let go.
Speaking of qualifications, the vast majority of doctors are not qualified in online safety and data security, yet they are using computers, and collect, keep and share highly sensitive information about their patients. According to Avant Group report,...
...92% of GPs don't understand My Health Record privacy requirements, potentially leading to the risk of privacy and security breaches.
Doctor's computer can easily be a zoo full of trojans, viruses, spyware and other malware, accessing and stealing patient's identities and health information, while the doctor would have no skills to detect and/or combat the problem. If however the doctor involves an IT professional to look after their computer, this means a stranger not bound by any medical ethics or privacy laws gets access to all your medical history.
There is no widely-accessible, safe and secure means of online communication in Australia.
Signing up for MyHR requires a MyGov account, and that, in turn, requires the user to have an email address. Australia does not have any free, accessible email services that are guaranteed to be fully hosted, maintained and supported within Australian by trusted personnel. Most Australian are resorting to using Gmail, Hotmail, Outlook or some other free email service that owned and operated by companies in USA or other foreign countries. With the ubiquitous mass surveillance, this means that highly personal communications are processed, stored and spied upon by overseas agencies. This is not only insecure and privacy-violating, but also contrary to Australian privacy laws.
The only data that cannot be misused, leaked, hacked, sold or spied upon is the data that is not there. There can be no other guarantees, ever.
If you have more reasons for avoiding MyHR / e-Health and would like to share them, you are welcome.
Published 21 December 2016