Legal, privacy and data security experts have seized on the Andrews government’s intention to quietly create digital medical records for millions of Victorians without their explicit knowledge or consent, accusing it of acting in bad faith and treating patients “with contempt”.
Earlier this month, the government reintroduced a bill to create a centralised database of the private medical information of every person who has used the state’s public health system in the past three years, resisting pressure to provide patients with an option to opt out of the scheme.
Few modifications have been made to the controversial bill, the first iteration of which was unveiled with little fanfare in late 2020 with a view to removing barriers to data sharing between health providers. Its stated aim was to improve efficiency measures across the public health system and, by extension, health outcomes.
While the proposed scheme is limited to current and historic medical data obtained from the public system, including public hospitals, the government has flagged an intention to expand its ambit to include private hospitals, GPs and the mental health system.
Describing the bill as “disproportionately intrusive”, Australian Privacy Foundation president David Vaile said the failure to seek patient consent via an opt-in or opt-out provision fundamentally undermined patient autonomy and risked setting a “dangerous precedent”.
“That you can’t even opt in or opt out demonstrates utter bad faith [on the part of government] and is a good reason not to trust it,” he said.
“It’s quite a different beast to the My Health Record, where the former federal government had to be dragged kicking and screaming to an opt-out version.
“Here, there’s been no attempt to get patient consent whatsoever and so there’s no incentive for government to explain the risks attached to [holding] the data. The fact they’re not willing to be open, transparent and accountable really sets alarm bells off. It’s treating people with contempt.”
Against the backdrop of recent high-profile data breaches, including the Medibank and Optus cyber-attacks, and a general rise in data insecurity, Vaile said it was particularly concerning the government has expressly decided against demarcating the types of health information which would be held.
As it stands, a person’s digital record wouldn’t necessarily be limited to laboratory and image results, prescribed medications, discharge summaries and medical conditions, but could — at the discretion of the secretary of the Health Department — conversely extend to their entire medical history.
“All around the world, the information contained in health records is recognised as a sensitive, special category of information,” Vaile said. “So one of the clearest problems with not confining the scope of information is it increases its vulnerability to hacking and unauthorised [internal] access.”
It’s a sentiment shared by Liberty Victoria and the Law Institute of Victoria (LIV), both of which have also pointed to the corresponding lack of embedded safeguards against misuse of or unlawful access to patients’ data.
Under the proposed model, criminal penalties would attach to deliberate or knowing breaches, but the means by which such breaches can readily be brought to light are limited given the decision to exempt the scheme from the state’s freedom of information laws and overarching audit controls.
In practical terms, critics say the bill both makes a mockery of data security and deprives patients of a right to ascertain who and in what circumstances their data has been accessed.
LIV president Tania Wolff told Crikey that in such circumstances it was unlikely criminal prosecutions would follow.
“Clearly it’s going to be very difficult [for patients] to trace who has accessed their information in an inappropriate way,” she said, adding that the utility of criminal penalties to individuals was, in any case, questionable once “the horse has bolted”.
In this connection, the bill’s failure to embed proper safeguards has attracted particular criticism for its potential to compromise patient-doctor confidentiality which, in turn, could dissuade some from seeking treatment for certain health conditions — particularly those that carry real or perceived stigma.
“It’s not for [the government] to second-guess the valid and reasonable concerns Victorians might have about the use of their private and confidential information,” Wolff said. “There are some occasions where principles are more important than efficiency, and I think this is one of them.”
Opposition health spokesperson Georgie Crozier was of a similar view, telling Crikey the Liberal Party’s concerns with the proposal remain unchanged: “We have very serious concerns around a number of aspects of the bill which, like the first iteration, go to privacy, the inability of Victorians to opt out and lack of patient autonomy.”
It’s understood the opposition will press for an opt-out provision and to have the bill referred to the legal and social issues committee for review.
Meanwhile, Greens health spokesperson Tim Read said that although he understood and supported the bill’s purpose, he was surprised the government had not accommodated some of the privacy concerns.
He said the Greens would seek amendments centred on audit controls, enabling patient access to their records and providing patients with an ability to nominate certain data as requiring more protection. He added that the Greens would not, at this stage, rule out any proposed amendments which include an opt-out provision.
“We’ve needed something like this bill for decades,” he said. “But I am genuinely puzzled as to why the bill has barely changed.
“We’re also concerned about the security of the data, not just from hackers, but from within the Health Department and the government itself. We don’t want anyone having access to it that shouldn’t or doesn’t need to.”
A Victorian government spokesperson denied the bill runs contrary to patient autonomy or privacy, claiming the government had consulted widely on the proposal.
“We take our responsibility in privacy matters and data security very seriously,” the spokesperson said.
“This health information sharing system will be a secure way to ensure that health services have the information they need to give patients the best care they can.”
They added that the database would only hold the most “relevant clinical data”, as opposed to a complete medical record, and that full audit trails would be created.
The government is yet to respond to questions regarding the ability of patients to access or control the data shared on the database, why they cannot opt-out, why limits on the information to be stored are not expressly defined in the bill, why audit controls are not embedded in the bill, and whether patients can request an audit.
Would you be OK with your data being collected in this way? Let us know by writing to letters@crikey.com.au. Please include your full name to be considered for publication. We reserve the right to edit for length and clarity.
