Why Opt Out of Online My Health Record
An informed decision can only be made based on the knowledge of facts from both sides: pros and cons. We all heard the big promises and seen the glossy posters produced by the peddlers of the new Australian online medical record initiative giving the public vague reasons why they should subscribe to the scheme. It is only fair that someone should mention at least a few reasons to opt out of it or delete it while it is still possible:
Why opt out
The laws and legislation governing and protecting My Health Record can be changed at any time to suit the political agenda of the day.
It already happened once: the parliament passed a bill specifically to enable the creation of trial online health records for one million people who never asked for it. Back then the need to obtain consent was a big legal obstacle — so this was removed. Now the law does not require your consent for your health data to be collected and stored. At the moment, the e-Health scheme allows people to opt out, but there is no guarantee that opting out won't be stopped or made excessively difficult in the future. There is also no guarantee that one day some budget genius won't come up with an idea to start selling health record data to private corporations, insurance companies, pharmaceutical giants, marketing researches or anyone else. It can easily be just a matter of another bill hastily passed through.
Eventually, all health information may be stored in a large database where it can be used for purposes other than health care and matched against other databases. Australian Bureau of Statistics already announced its plans to link census data with medical records. The Australian Taxation Office is also pushing for increased sharing and use of Government-held personal data.
The patient control over My Health Record can be scrapped at any time.
At the moment, MyHR is being touted to Australians with the promise that they can control what goes into it, and who is allowed to access it. However, there is already a strong medical lobby that wants patient control over eHealth records revoked.
Sadly, despite the mounting evidence of positive outcomes of the opposite approach, Australian doctors don't have a good history of treating patients as equals, encouraging patient empowerment, allowing high patient involvement and control over their own healthcare, or letting the patients to access all the information necessary for a truly informed decision and consent. Most doctors prefer their relationship with patients to be that of a master and a serf, rather than of equal partners; and keep the medicine a close-ranks elite club, rather than a transparent service to the population that is paying for it. For example, there are numerous self-tests for various diseases available around the world, yet in Australia they are ether blocked, or locked behind doctor's referral or prescription. Australians cannot check anything about their own bodies without that being recorded and reported somewhere. This begs the question: is it about “finding a problem early” and “saving lives”, or is it about keeping Australian patients under surveillance and medical control?
You can't control or know who exactly has seen your record.
If you think that it will be just your doctor who has access to your digital health information, you are gravely mistaken. By default and by design of this system numerous people will have access: doctors, nurses, pharmacists, physios, admins and clerks of all flavours, and a myriad of other unidentified staff of various organisations and institutions. The Health Record access-logging system does not track individuals accessing your record, only institutions they work(ed) for. For example, a visit to a hospital with a thousand employees immediately gives this thousand of people potential for an anonymous, untrackable and unaccountable access to your health information. Add on top the sad fact that in many health organisations all staff use the same password for everything, and we have a situation where it is impossible to keep your information secure.
Personal and health data is at risk of being sold off to private corporations.
In 2016, despite a strong opposition in parliament, the Department of Health handed the National bowel cancer screening and the National cervical screening registers over to Telstra, thus giving a for-profit organisation access to the most intimate health information without people's consent.
Telstra is a strong proponent of big data, of open data. They're obviously a commercial operation — they're often seeking to use personal information for uses beyond what it was originally collected for and to push the limits of privacy and data protection law, commented David Vaile, the Executive Director of the UNSW Cyberspace Law and Policy Centre. After this alarming move, it is obvious that eHealth data can be — and most likely will be — transferred, sold, shared or outsourced in the future.
Update: in June 2018, it was discovered that the Health Engine online service, part-owned by Telstra and taken on by thousands of doctors and medical centres for managing bookings and appointments, was selling patient personal and medical information for tailored marketing and passing on daily lists of prospective clients to a law firm, thus not only violating patient privacy, but also cunningly targeting people at the most vulnerable time. They call this outrageous practice
delivering relevant and timely information from our many different advertising partners to our users. The most disturbing fact yet is that the HealthEngine also has a data-sharing arrangement with My Health Record!
Nobody can or will guarantee the safety, security and privacy of your online medical record.
When a system has so many users, most of whom, including medical practitioners, have only basic computer skills, and a massive amount of highly personal data, it will inevitably suffer from attacks, breaches and misuse. The 2016 Census hacking disaster was a perfect proof.
If your electronic health records are lost to an online criminal gang, will the government pay you the value of that loss? You can't compensate someone for the loss of their personal information, this is the distinction. Once your identity has been stolen it can never be returned, it's thieves' to use for perpetuity and a lot of people don't realise that... If you talk to people who have been the target of identity theft they will tell you what a miserable life they lead. The ability to access personal e-health records at anytime from anywhere is unnecessary and does not have enough advantages to make it worth the risk.
Graham Ingram, AusCERT general manager
Once the information is out there, you can't truly delete anything.
As data storage gets larger, faster and cheaper, nothing gets deleted. In modern databases, the deleted records are only marked as “deleted”, but all the data stays there for years, sometimes forever. If someone is saying that you can delete your electronic health record at any time, this only means it will appear hidden, but all your health information will still be kept, accessed by anyone who can get to the database, and used for any purpose the laws of the day allow.
The best way to maintain the highest level of privacy is to opt put before your record is created. The second best — to “delete” it before it harvests too much data, at least to stop it form accumulating more data. The Department of Human Services has previously revealed that a e-Health Record cannot be deleted once it has been created. It can only be deactivated and removed from view of some people and agencies who have access to the system, not all.
Your health record may be linked to census and other data.
Australian Bureau of Statistics announced its plans to link the census and household survey data to health information and other government databases. ABS recent decisions to retain personal information collected during census have already demonstrated an alarming mission creep and disrespect for privacy and safety of personal information. ABS has laws and power to force every Australian to hand over their private information during census and surveys. Why also give them access to deeply personal and sensitive health information when there is [still] a chance to opt out?
You may find yourself avoiding seeing a doctor if your health information is shared online.
Many people have valid concerns about their privacy in our digital age, and there already is a noticeable doctor avoidance trend, especially in such delicate matters as infections, mental and sexual health. With electronic health records, your heath concern discussions are no longer something that remains between you and your doctor: anything you say can be entered into the system and accessed by anyone anywhere in the world within seconds. If MyHR becomes ubiquitous and either makes it hard to opt out or will keep patient health data despite opting out, the society will be put at a greater risk of viral and communicable diseases and mental issues, because many people will avoid seeking treatment due to lack of privacy.
My Health Record will not enable patient access to the full information about their health.
Despite the illusion that with an online health record the patients will finally get to know all the details about their own health, it is not going to happen. MyHR will only contain the information already known to the patients, as its purpose is to make medical records available to other medical practitioners, institutions and the government, not to help the patients to understand their condition better. The doctors will continue keeping their notes to themselves, pass medical referrals in sealed envelopes or via medical commutation channels, and discuss their patients with other doctors behind their backs.
My Health Record will not make patient access to diagnostic test results any easier.
Many people were excited to hear that all their pathology test results and diagnosing imaging reports are going to be uploaded to MyHR. Many signed up for MyHR purely for the advantage of being able to see the results before the next appointment with their doctor. They thought they would finally be able to access the information about their body paid for out of their pocket/taxes, be informed about their own health in a timely manner, avoid unnecessary anxious waiting, be able to prepare questions for their doctor and make the most of their next appointment. Unfortunately, this is not going to happen.
The doctors already have and always had the ability to request for any results and reports to be forwarded to their patients as soon as they are available; no MyHR has ever been needed for that. The patients are kept in the dark only because the majority of doctors believe that patients should only obtain information about their own health under doctor's control and insisted on so-called “follow-up” appointments. With MyHR in place, the results and reports will be uploaded when the doctor sees fit. If a particular doctor wants the patient to waste more time and money on a follow-up, they will keep doing that with MyHR in place.
Doctors' favourite excuse is that patients are not qualified to understand the results, even though some results are as simple as yes/no, even though some patients, such as scientists, are often more knowledgeable in the area than the doctors, even though it should be the ultimate patient decision what and when they want to know about their own health. At the same time, some progressive doctors are happy to see their patient actively involved in their healthcare, happy to share all the information and respect patient decisions. Those patiens are no more “qualified” than others. So it is nothing to do with patient qualifications, and is all about power, paternalism and control that some doctors can't let go of.
Speaking of qualifications, the vast majority of doctors are not qualified in online safety and data security, yet they are using computers, and collect, keep and share highly sensitive information about their patients. According to Avant Group report,...
...92% of GPs don't understand My Health Record privacy requirements, potentially leading to the risk of privacy and security breaches.
Doctor's computer can easily be a zoo full of trojans, viruses, spyware and other malware, accessing and stealing patient identities and health information, while the doctor has no skills to detect and/or combat the problem. If however the doctor involves an IT professional to look after their computer, this means a stranger not bound by any medical ethics or privacy laws gets access to all your medical history.
There is no widely-accessible, safe and secure means of online communication in Australia.
Signing up for MyHR requires a MyGov account, and that, in turn, requires the user to have an email address. Australia does not have any free, widely accessible email services that are is fully hosted and maintained within Australian borders by trusted Australian personnel. Most Australians are resorting to using Gmail, Hotmail, Outlook and other free email services that are owned and operated by overseas companies not bound by Australian laws. With the ubiquitous mass surveillance, this means that highly personal communications are processed, stored and spied upon by overseas agencies. It also means that those overseas agencies can access MyHR data and all other information in MyGov accounts registered with those email addresses.
Your phone calls, text messages, emails, bank accounts, Internet browsing, purchases, travels and movements are under surveillance.
You can't opt out of that. But do you really want your medical records to be under surveillance too, especially when you still can stop this?
The only data that cannot be misused, leaked, hacked, sold or spied upon is the data that isn't out there. There can be no other guarantees, ever.
How to opt out
The Digital Health Agency wants everyone to use this opt-out page for opting out online, or call 1800 723 471. Deadline for opting out has been extended to 15 November 2018.
Note that the Digital Health Agency demands driver licence, passport or other forms of additional identification for opting out. A Medicare card number is suddenly not enough. The Digital Health uses this opportunity to obtain other personal ID and crosscheck it with the government databases that have absolutely nothing to do with healthcare. If this excessive data collection and linking is required for opting out of the record one never wanted in the first place, imagine the extent of privacy invasion, data linking and cross-agency surveillance awaiting those who don't opt out of this Health Record!
Government's “My Health Record”: No Consent Required? Opt-out withdrawal of consent deadline is 15 October 2018, Australian Privacy Foundation media release
My Health Record, Australian Privacy Foundation campaign
A Short Sharp Summary of My Health Record, Australian Privacy Foundation
For Sale — Your Privacy and Your Health Data, Australian Privacy Foundation