There are “serious concerns” over the Victorian government’s “unprecedented plan” to establish a centralised health data sharing system which would store information such as prescribed medications and hospital admissions, with no ability for individuals to opt-out.
The state government is planning to improve information sharing between health services through the creation of a new digital database and the involuntary collection of individual health data, in an effort to combat the currently fragmented patient health information system.
But the scheme has been criticised by the likes of the Australian Privacy Foundation, Liberty Victoria and the Australian Doctors Federation for its lack of consent required, potential for the database to become a “honeypot” for hackers, and that it could jeopardise doctor-patient confidentiality.
The Victorian budget in May included a commitment to reform and consolidate public pathology services in the state, including through improvements to laboratory information systems. This would include the creation of a health information exchange to be hosted and supported by the state health department – a centrally hosted solution in the cloud environment that is “highly available, scalable and reliable”.
The Victorian government has issued a tender notice for this work looking for an off-the-shelf solution from the private sector, closing on 20 December.
Legislation underpinning the new data-sharing scheme has already passed the lower house and is expected to be debated in the Legislative Council before the end of the year. The bill formalises the linkage of patient medical and health information into a single portal, which can be accessed by authorised users such as doctors or other clinicians.
Information collected in the database will span five years in the past of an individual’s health records.
If passed by the state Parliament, the scheme will come into effect in February 2023 in order to give time for the solution to be developed. It will include public hospitals and health services, metropolitan hospitals, ambulance services and forensic mental health units.
Information to be shared in the database and with authorised users includes prescribed medicines, allergies, admissions, discharge summaries and other alerts.
Unlike the highly controversial federal My Health Record scheme, there will be no ability for Victorians to opt out of this medical health sharing scheme.
The legislation also includes two new criminal offences to deal with the potential unauthorised access of data in the scheme, and for accessing it for unauthorised purposes, with two years imprisonment.
“The availability of complete and accurate health information at the right time and at the right place will save lives and is essential to providing the very best care for patients,” Labor MP Shaun Leane said in Parliament.
“We recognise that a consolidated picture of a patient’s medical and health history is essential to the provision of safe and high-quality care in our public hospitals. In Victoria, critical health information is currently spread across different health services, in separate systems and in paper records. This fragmentation of patient health information often means that clinicians manually gather patient health information, through fax or phone calls.”
The state government has argued that the new database will be more secure than the current system using fax and phone calls.
But the Australian Privacy Foundation has serious concerns with the proposal, and has sent a series of questions to the government and health department. The organisation is now in discussions with senior personnel from the Department of Health and Human Services over these issues.
The main concerns are over a lack of consent, independent oversight and a risk that it will get in the way of doctor-patient confidentiality, Australian Privacy Foundation health committee chair Juanita Fernando said.
“Given the proposed exponential expansion of the Victorian data collection, consent should be active, in the form of a clear, freely given, specific, informed and unambiguous indication of the individual’s agreement to the collection, holding, management and retention of personal information by health authorities,” Ms Fernando told InnovationAus.
“The bill erodes protection of the patient-doctor confidentiality, and so the high quality patient care that requires patient openness, trust and confidence in their clinicians. This may prove disastrous in the context of mental health concerns and other conditions linked to the social determinants of health.”
The Australian Doctors Federation (ADF) also shared concerns the scheme could impair trust between clinicians and patients.
“The ADF maintains that quality healthcare requires patient trust and confidence, and appropriate health informatics and high integrity data to aid clinical decision making,” the organisation said.
“Unfortunately, governments have a very poor track record at implementing trustworthy systems, which provide quality health information whilst maintaining the confidence of doctors and patients. The ADF recommends that the proposal not proceed until these and other key questions are publicly debated, carefully examined and resolved.”
Liberty Victoria has also said it is concerned about the privacy implications of the plan, and there needs to be better public consultation on this.
“This Victorian bill has no provisions for opt-in or opt-out, all patients are in and their consent is not required. There are no provisions for the de-identification of at-risk individuals. All data is open to all users of the system,” Liberty Victoria said.
“Liberty Victoria holds serious concerns for the potential of the suggested central database to become a vulnerable ‘honeypot’ for personal data. All patient data including the identifiers at each clinic and hospital are to be stored. The database would be a major target for exploitation by hackers and organised crime and there is insufficient focus on protecting this personal information.”
The Victorian government has released a statement of compatibility of the new law with human rights, finding that the right to privacy is not limited by the powers, and that it is proper that individuals will not be able to access or correct their own health information stored on the database.
“Information relating to a person that is held on the system may only capture part of their health information, whereas it is more likely that individual health services hold information that is complete and in context,” the statement of compatibility said.
“Should an individual wish to access or amend their health information, or have concerns about incorrect information being recorded, they can access and correct the information through their health service provider.”
But the government did not properly consider the need for privacy in this assessment, according to Liberty Victoria.
“The statement of compatibility does not demonstrate any balance with the competing need for protection of privacy and does not engage sufficiently with the issue of whether a person consents to their information being stored in a central database,” the organisation said.
There is also a risk that having a centralised database of highly sensitive health data will act as a “honeypot” and attract hackers, Ms Fernando said.
“Aggregated information is, almost by definition, a honeypot. APIs are needed to access all of these data and many of the APIs are inherently risky,” she said.
“Theft of health data is endemic globally, miscreants are finding it very financially worthwhile to steal or ransom health information. It is scary, and Australian governments don’t have a great track record here.”
More time is needed to consult on the plan and ensure there are better protections in place, the foundation has argued.
“The range of changes required are manifold and Victorians need to be consulted here. The scheme ought not be entirely scrapped but ought to be accountable to Victorians and be subject to independent oversight,” Ms Fernando said.
“Some information must be withheld from the collection enabled by the Bill, especially when there is no patient consent. Patient health and wellbeing, even lives, are at stake here. The bill is neither proportionate nor justified in its current form. Instead it fosters questions about what it enables into the future.”
Liberty Victoria backed the call for more consideration to be given to the plan.
“The speed with which this bill is being ushered through Parliament is of grave concern. Such fundamental long-term policy must be thoroughly vetted by concerned parties and by the Parliament. Liberty Victoria would be deeply concerned if this bill is not subject to the strongest scrutiny prior to being finalised in the Legislative Council,” it said.
Do you know more? Contact James Riley via Email.