ADHA chief tries to allay My Health Record fears

By on
ADHA chief tries to allay My Health Record fears
ADHA CEO Tim Kelsey

'There is no big brother'.

Australian Digital Health Agency chief Tim Kelsey has sought to allay lingering privacy and security fears surrounding the My Health Record scheme.

Following an address to the National Press Club, Kelsey was repeatedly forced to defend the scheme's privacy and infosec credentials, as well as its limited window to opt out.

Individuals will only be able to opt out between July 16 and October 15 this year, after which time a record will be automatically created for every Australian.

Kelsey said that the agency would seek to publicise the opt-out window available to citizens, and that it would not try to maximise the number of records created by hiding opt-out options.

He said that records had built-in privacy protections, including the ability to set up an access code and to view a "real-time audit log of those who’ve viewed [the record]."

Kelsey said that customers could set an SMS or email alert that would tell them immediately if someone else viewed the contents of their health record.

He also said customers could choose what kinds of information is stored in the record, and set granular permissions.

“They can even withhold a document from the view of their clinician," he said.

"Imagine that you’d rather your health professional did not have knowledge of your mental health condition. My Health Record gives you that control.”

He said this could be done either at the time of consultation or after the record has been uploaded; "you will have ongoing requirements to consent to different documents [being stored in the record]."

Kelsey said outsider threats to the record data would be dealt with by the agency’s dedicated cyber security centre – established in July 2016.

He said that no breach had occurred since the system launched in 2012.

“My Health Record operates to the highest cyber security standards in Australia," Kelsey said.

If customers did not opt out within the three-month window, a record would be automatically created for them.

However, by default, it would be empty, Kelsey said.

“The actual truth is that ... after a record has been created for you, there will be no data in it until it’s activated,” he said.

“There is no big brother, and people may be surprised that when ... their records are created, there is literally nothing in the record until its activated, at which point two years of your MBS [Medicare Benefits Schedule] and PBS [Pharmaceutical Benefits Scheme] data – if you consent – will be uploaded.”

He said data older than two years would not be uploaded to the record. The record will mainly be used to store newer health treatment information.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
adha governmentit my health record privacy security software strategy tim kelsey
In Partnership With

Most Read Articles

NBN Co says fibre-to-the-curb build is more complex than it hoped

NBN Co says fibre-to-the-curb build is more complex than it hoped
US military weapons systems found to have vulnerabilities

US military weapons systems found to have vulnerabilities
NBN Co explores 'FTTN in a box' for emergency network fixes

NBN Co explores 'FTTN in a box' for emergency network fixes
AWS Sydney data centre locations leaked

AWS Sydney data centre locations leaked
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

Intro to AI for Security Professionals
Intro to AI for Security Professionals
Digital Transformation: Hope, or Hype?
Digital Transformation: Hope, or Hype?
How to choose a trusted IT provider
How to choose a trusted IT provider
Why Business Process Modelling Matters
Why Business Process Modelling Matters
Report: ANZ IT Decision Makers - Top Priorities for Endpoint Security 2018
Report: ANZ IT Decision Makers - Top Priorities for Endpoint Security 2018

Events

Log In

Username / Email:
Password:
  |  Forgot your password?