Why you may want to opt out or delete Australian My Health Record
It is not ‘your’ Health Record. It's a government record of your health information.
Warning 2021:
Even if you opted out of My Health Record, pay attention to the forms you sign at doctor's office or in hospital as they may contain statements about disclosing your data for research, quality assurance, practice management, or other vague purposes, which can get your personal and health information uploaded to external databases accessible by third parties not involved in your health care. If you see anything you don't like, cross those statements out and explicitly write on the form that you do not agree to that.
An informed decision can only be made based on the knowledge of facts from both sides: pros and cons. We all heard the big promises and seen the glossy posters produced by the proponents of the new Australian online medical record initiative giving the public vague reasons why they should subscribe to the scheme. It is only fair that someone should mention at least a few reasons to opt out of it, or delete it while that is still possible:
Why opt out
The laws and legislation governing and protecting My Health Record can be changed at any time to suit the political agenda of the day.
It already happened once: the parliament passed a bill specifically to enable the creation of trial online health records for one million people who never asked for it. Back then, the need to obtain consent was a big legal obstacle — so this was removed. Now the law does not require your consent for your health data to be collected and stored. At the moment, the e-Health scheme allows people to opt out, but there is no guarantee that opting out won't be stopped or made excessively difficult in the future. There is also no guarantee that one day some budget genius won't come up with an idea to start selling health record data to private corporations, insurance companies, pharmaceutical giants, marketing researches or anyone else. It can easily be just a matter of another bill hastily passed through.
Eventually, all health information may be stored in a large database where it can be used for the purposes other than health care, and matched against other databases. The Australian Bureau of Statistics already announced its plans to link census data with medical records. The Australian Taxation Office is also pushing for increased sharing and use of Government-held personal data.
Privacy-safeguarding laws and regulations can change quickly and drastically during pandemics and other disasters.
The COVID-19 pandemic prompted the implementation of unprecedented surveillance regimes and several legislation changes that can severely affect privacy and civil rights. There is a real possibility that the new regime will allow, or even mandate, for My Health Record data to be disclosed, linked and used in the ways you neither agreed to, nor would find acceptable under any other circumstances.
The patient control over My Health Record can be scrapped at any time.
At the moment, MyHR is being touted to Australians with the promise that they can control what goes into it, and who is allowed to access it. However, there is already a strong medical lobby that wants see the patient control over their eHealth records revoked.
Sadly, despite the mounting evidence of positive outcomes of the contrary approach, Australian doctors don't have a good history of treating patients as equals, encouraging patient empowerment, allowing high patient involvement and control over their own healthcare, or letting the patients to access all the information necessary for a truly informed decision and consent. Most doctors prefer their relationship with patients to be that of a commanding master and an obedient serf, rather than of equal partners; and keep the medicine a close-ranks elite club rather than a transparent service to the population that is paying for it. For example, there are numerous self-tests for various diseases available around the world, yet in Australia they are ether blocked, or locked behind doctor's referral or prescription. Australians cannot check anything about their own bodies without that being recorded and reported somewhere. This begs the question: is it truly about “finding a problem early” and “saving lives”, or is it about keeping Australian patients under surveillance and medical control?
You can't control or know who exactly has seen your record.
If you think that it will be just your doctor who has access to your digital health information, you are gravely mistaken. By default and by design of this system numerous people will have access: doctors, nurses, pharmacists, physios, admins and clerks of all flavours, and a myriad of other unidentified staff of various organisations and institutions. The Health Record access-logging system does not track individuals accessing your record, only institutions they work(ed) for. For example, a visit to a hospital with a thousand employees immediately gives this thousand of people a potential for an anonymous, untrackable and unaccountable access to your health information. Add on top the sad fact that in many health organisations all staff use the same password for everything, and we have a situation where it is impossible to keep your information secure.
Personal and health data is at risk of being sold off to private corporations.
In 2016, despite a strong opposition in parliament, the Department of Health handed the National bowel cancer screening and the National cervical screening registers over to Telstra, thus giving a for-profit organisation access to the most intimate health information without people's consent. Telstra is a strong proponent of big data, of open data. They're obviously a commercial operation — they're often seeking to use personal information for uses beyond what it was originally collected for and to push the limits of privacy and data protection law
, commented David Vaile, the Executive Director of the UNSW Cyberspace Law and Policy Centre. After this alarming move, it is obvious that eHealth data can be — and most likely will be — transferred, sold, shared or have its management outsourced in the future.
Update: in June 2018, it was discovered that the Health Engine online service, part-owned by Telstra and taken on by thousands of doctors and medical centres for managing bookings and appointments, was selling patient personal and medical information for tailored marketing, and passing on daily lists of prospective clients to a law firm, thus not only violating patient privacy, but also cunningly targeting people at the most vulnerable time. They call this outrageous practice delivering relevant and timely information from our many different advertising partners to our users.
The most disturbing fact is that the HealthEngine also has a data-sharing arrangement with My Health Record!
Nobody can or will guarantee the safety, security and privacy of your online medical record.
When a system has so many users, most of whom, including medical practitioners, have only basic computer skills, and a massive amount of highly personal data, it will inevitably suffer from attacks, breaches and misuse. The 2016 Census hacking disaster was a perfect proof.
If your electronic health records are lost to an online criminal gang, will the government pay you the value of that loss? You can't compensate someone for the loss of their personal information, this is the distinction. Once your identity has been stolen it can never be returned, it's thieves' to use for perpetuity and a lot of people don't realise that... If you talk to people who have been the target of identity theft they will tell you what a miserable life they lead. The ability to access personal e-health records at anytime from anywhere is unnecessary and does not have enough advantages to make it worth the risk.
Graham Ingram, AusCERT general manager
Once the information is out there, you can't truly delete anything.
As data storage gets larger, faster and cheaper, nothing gets deleted. In modern databases, the deleted records are only marked as “deleted”, but the data can stay there for months, years, or forever. If someone is saying that you can delete your electronic health record at any time, this only means it will appear hidden, but all your health information may still be kept, accessed by anyone who can get to the database, and used for any purpose the laws of the day allow.
The best way to maintain the highest level of privacy is to opt put before your record is created. The second best — to “delete” it before it harvests too much data, at least to stop it form accumulating more data. The Department of Human Services has previously revealed that a e-Health Record cannot be deleted once it has been created. It can only be deactivated and removed from view of some people and agencies who have access to the system, not all.
Update: from 23 January 2019, the Cancel a My Health Record page claims that they started deleting the deleted records.
Your health record may be linked to census and other data.
The Australian Bureau of Statistics announced its plans to link the census and household survey data to health information and other government databases. The ABS's recent decision to retain personal information collected during census have already demonstrated an alarming mission creep and disrespect for privacy and safety of personal information. The ABS already claims the have the power to force every Australian to hand over their private information during census and surveys. Why also give them access to your deeply personal and sensitive health information when there is [still] a chance to opt out?
You may find yourself avoiding seeing a doctor if your health information is shared online.
Many people have valid concerns for their privacy in our digital age, and there already is a noticeable doctor avoidance trend, especially in such delicate matters as infections, mental and sexual health. With the electronic health records, your health concern discussions are no longer something that remains between you and your doctor: anything you say can be entered into the system and accessed by anyone anywhere in the world within seconds. If MyHR becomes ubiquitous and either makes it hard to opt out or will keep patient health data despite opting out, the society will be put at a greater risk of viral and communicable diseases and mental issues, because many people will avoid seeking treatment due to lack of privacy.
My Health Record will not enable patient access to the full information about their health.
Despite the illusion that with an online health record the patients will finally get to know all the details about their own health, it is not going to happen. MyHR will only contain the information already known to the patients, as its purpose is to make medical records available to other medical practitioners, institutions and the government, not to help the patients to understand their condition better. The doctors will continue keeping their notes to themselves, pass medical referrals in sealed envelopes or via medical commutation channels, and discuss their patients with other doctors behind their backs.
My Health Record may not make patient access to diagnostic test results any easier.
Many people were excited to hear that all their pathology test results and diagnosing imaging reports are going to be uploaded to MyHR. Some signed up for MyHR purely for the advantage of being able to see their results as soon as possible. They thought they would finally be able to access the information about their body paid for out of their pocket/taxes, be informed about their own health in a timely manner, avoid unnecessary anxious waiting, be able to prepare questions for their doctor and make the most of their next appointment. Unfortunately, this doesn't look like it's going to happen.
Doctors already have and always had the ability to request for any results and reports to be forwarded to their patients as soon as they are available; no MyHR has ever been needed for that. The patients are kept in the dark only because many laboratories will not copy the results to patients even when requested to do so by the doctor, and because many doctors believe that patients should only obtain information about their own health under doctor's control and insist on the so-called “follow-up” appointments. In MyHR, the results can be held hidden from the patient even after the lab uploads them. If a particular doctor wants the patient to waste more time and money on a follow-up, they will keep doing that with or without MyHR in place.
The favourite excuse of the medical establisment is that patients are not qualified to understand the results, even though some results are as simple as a ‘yes’ or ‘no’, even though some patients, such as scientists, are often more knowledgeable in the area than the doctors, even though it should be the ultimate patient decision what and when they want to know about their own health. At the same time, some progressive doctors are happy to see their patient actively involved in their healthcare, happy to share all the information they have, and respect patient decisions. Those patiens are no more “qualified” than others, they are just lucky to have a good doctor. So it is nothing to do with patient qualifications, and is all about power, paternalism and control that some doctors can't let go of.
Speaking of qualifications, the vast majority of doctors are not qualified in online safety and data security, yet they are using computers, and collect, keep and share highly sensitive information about their patients. According to Avant Group report,...
...92% of GPs don't understand My Health Record privacy requirements, potentially leading to the risk of privacy and security breaches.
Doctor's computer can easily be a zoo full of trojans, viruses, spyware and other malware, accessing and stealing patient identities and health information, while the doctor has no skills to detect and/or combat the problem. If however the doctor involves an IT professional to look after their computer, this means a stranger not bound by any medical ethics or privacy laws gets access to all your medical history.
There is no widely-accessible, safe and secure means of online communication in Australia.
Signing up for myHR requires a myGov account, and that, in turn, requires the user to have an email address. Australia does not have any free, widely accessible email services that are is fully hosted and maintained within Australian borders by trusted Australian personnel. Most Australians are resorting to using Gmail, Hotmail, Outlook and other free email services that are owned and operated by overseas companies not bound by Australian laws. With the ubiquitous mass surveillance, this means that highly personal communications are processed, stored and spied upon by overseas agencies. It also means that those overseas agencies may be able to access myHR data and all other information in myGov accounts registered with those email addresses.
Your phone calls, text messages, emails, bank accounts, Internet browsing, purchases, travels and movements are under surveillance.
You can't opt out of that. But do you really want your medical records to be under surveillance too, especially when you still have a chance to stop this?
The only data that cannot be misused, leaked, hacked, sold or spied upon is the data that isn't collected anywhere in the first place. There can be no other guarantees, ever.
How to opt out or delete
Before 15 November 2018, for opting out of being given a record, the Digital Health Agency offered to use the now defunct opt-out page on myhealthrecord.gov.au for opting out online, or to call 1800 723 471. The Digital Health Agency required driver licence, passport or other forms of additional identification for opting out. A Medicare card number was suddenly not enough. It appeared the Digital Health used the opportunity to obtain additional personal ID details and cross-check them with the government databases that have absolutely nothing to do with healthcare. If this excessive data collection and linking was required for opting out of the record one never wanted in the first place, imagine the extent of privacy invasion, data linking and cross-agency surveillance awaiting those who don't opt out of this Health Record.
If you didn't opt out before 15 November 2018 and eneded up with a record you do not want, you can use the Cancel a My Health Record page for deleting the record.
Further reading:
Government's “My Health Record”: No Consent Required? Opt-out withdrawal of consent deadline is 15 October 2018, Australian Privacy Foundation media release
My Health Record, Australian Privacy Foundation campaign
A Short Sharp Summary of My Health Record, Australian Privacy Foundation
For Sale — Your Privacy and Your Health Data, Australian Privacy Foundation
I found this page after googling in outrage at this f*ing 'my health record' bullshit. Good list of reasons, but I'd also like to mention the so-called 'emergency access' provisions... They effectively mean that behind closed doors, extrajudicially, arbitrarily, some malignant medicos can 'deem' something an 'emergency' and crack the file wide open, against your express wishes... even after you've suspended the record.
Now of course, they love to use the example of 'if you are unconscious', or the 'harm to self or others' clause, which refers to the use of MHR in psychiatry settings and which can mean absolutely anything in this country. Anyone can be detained under the mental health act solely on the basis of some hearsay from an estranged family member, or rumours about 'suicidality', or some vague 'intended harm' pretext.
The older I get, the more alarmed I become looking at this privacy rape. Didn't we just lose the right to buy weak codeine over the counter three days ago? Is anyone taking a tally of the freedoms we lose every month of every year?
Anyway, I love the above list, and I would add that the number one reason for me to oppose MHR is that the record is kept for 130 years... I don't know about you, but when I die, I will be relieved that my time dealing with the police state is over. The idea of them raping my privacy for 130 years post mortem is just too much to bear. I'd like to rest in peace, not in a Canberra mainframe.
Joe, 3 January 2018
Excellent article. I agree with everything you say. With over 42 years of senior ICT experience I look in dismay at "single sign on" by hospital staff, i.e. all staff in a section like to use the same password, so fraud and data corruption can never be accurately tracked. Also as the recent EXA incident tells us, external agencies have very poor ICT security in place, i.e. at doctor surgeries, pathology labs, etc. This is a nightmare system that should be ended immediately.
Robert, 13 July 2018
Who would believe any privacy promises after what they did to the Census? They will just change the laws and the rules again and again.
Anonymous, 30 October 2018
I am a GP, and frequently hear patient concerns about their data being held somewhere else or accessed and shared without their knowledge, be it MHR, cancer screening registers, or prescription information. Many became hesitant to discuss sensitive health issues, and some avoid that altogether. It is very worrying and has detrimental effects on the quality of healthcare.
Dr. Young, 9 June 2019
Now that the ABS no longer even pretend to be careful about personal privacy, and, despite the public outcry, say that they will keep all our names and addresses and use them to link our Census responses and other Survey data to our private data held by other government services, there is a big fat reason for avoiding getting into any additional government systems like MyHR. There is just zero certainty on what they'll do next.
Anonymous, 17 November 2019
What's the point of any Law or Act in Australia anyway if it gets changed whenever it becomes an inconvenience for the system? It looks like a one-way road: the public must obey the law, but the government doesn't. They just tweak and change it how they like. The law didn't allow the creation of online health records without explicit consent, so it was changed. The law gave each person control over what data goes into their immunisation record, the system didn't like that with their covid data grab operation, so the Australian Immunisation Register Act got changed....
Basically, whenever you see this standard phrase in any privacy policy "your personal information can be used and disclosed as required or authorised by law", knowing that the law is made to suit the bureaucrats and political players of the day, it really means "your personal information can be used and disclosed as the government fancy". And nothing you can do about it! Electing the other side of politics won't fix the problem. They criticise each other while in opposition, but once they get to power, they continue doing the same things. Perhaps voting for independents who aren't a part of this vicious circle may help?
Greg, 20 July 2021
Fast FWD to Nov 2022 ..and just to calm the nerves of all good citizens Optus, Medibank, and online shop MyDeal have been raped, pillaged and $$ plundered.. what fun?!
Sea, 6 November 2022
Now, in 2023:
The Victorian health minister is trying to ram though parliament an extension to my health record. Granular health information, no opt out.
Anonymous, 12 March 2023