LawTalk Blog

My Health Record: Security Changes Expected

My Health Record: Security Changes Expected

The My Health Record System has been shrouded in controversy since its implementation in 2012 with concern expressed regarding the collection, use, disclosure and security of an individual’s health record.

Following significant criticism by healthcare recipients, privacy advocates and peak healthcare bodies, the My Health Records Amendment (Strengthening Privacy) Bill 2018 (Cth) (“the Bill”) was introduced by Australia’s Health Minister, Greg Hunt.

 The amendment Bill is set to specifically address two of the most controversial aspects of the current system. The Bill will:

  1. Remove the ability of the My Health Record System Operator to disclose health information to law enforcement agencies and government agencies without a court order or the healthcare recipient’s consent; and
  2. Require the System Operator to permanently delete health information stored in the National Repositories Service for an individual if they have cancelled their My Health Record.

Under the current system, an individual’s My Health Record isn’t deleted from the system permanently upon cancellation of their record. Maintaining the data on the system, it’s argued, makes it simple for an individual to reinstate their record should they later change their mind.

In addition to this, whether government or law enforcement agencies could access an individual’s my Health Record without a warrant or court order has been the subject of ambiguity under the current legislation.

The Bill has been referred to the Senate Community Affairs Legislation Committee for inquiry and report.

Calling into question the entire system?

The Bill comes as the Senate Community Affairs References Committee completes an inquiry into the entire My Health Record System with particular reference to:

  1. the expected benefits of the My Health Record system;
  2. the decision to shift from opt-in to opt-out;
  3. privacy and security, including concerns regarding: 
    1. the vulnerability of the system to unauthorised access, 
    2. the arrangements for third party access by law enforcement, government agencies, researchers and commercial interests, and; 
    3. arrangements to exclude third party access arrangements to include any other party, including health or life insurers;
  4. the Government’s administration of the My Health Record system roll-out, including:
    1. the public information campaign, and
    2. the prevalence of ‘informed consent’ amongst users;
  5. measures that are necessary to address community privacy concerns in the My Health Record system;
  6. how My Health Record compares to alternative systems of digitising health records internationally; and
  7. any other matters.

The Inquiry has received over 20 submissions from a number of vocal and diverse parties including the Australian Privacy Foundation, the Health Consumers Alliance SA, the National Council of Single Mothers and their Children and the Department of Health.

Both Committees are due to table their reports in Parliament on October 12 – just over a month before the end of the revised opt- out period on November 15.

Read the other blogs in our My Health Record Blog Series to find out what you need to know about My Health Record, and who will have access to your My Health Record

Julia 033.jpg

Get in touch with today's blog writer:
Julia Arena

Associate in Personal Injury

Please note, this Blog is posted in Adelaide, South Australia by Andersons Solicitors. It relates to Australian Federal legislation. Andersons Solicitors is a medium sized law firm servicing metropolitan Adelaide and regional South Australia across all areas of law for individuals and businesses.

Contact Us

For enquiries, please fill in the following contact form