ADHA chief tries to allay My Health Record fears

Australian Digital Health Agency chief Tim Kelsey has sought to allay lingering privacy and security fears surrounding the My Health Record scheme.

ADHA CEO Tim Kelsey

Following an address to the National Press Club, Kelsey was repeatedly forced to defend the scheme's privacy and infosec credentials, as well as its limited window to opt out.

Individuals will only be able to opt out between July 16 and October 15 this year, after which time a record will be automatically created for every Australian.

Kelsey said that the agency would seek to publicise the opt-out window available to citizens, and that it would not try to maximise the number of records created by hiding opt-out options.

He said that records had built-in privacy protections, including the ability to set up an access code and to view a "real-time audit log of those who’ve viewed [the record]."

Kelsey said that customers could set an SMS or email alert that would tell them immediately if someone else viewed the contents of their health record.

He also said customers could choose what kinds of information is stored in the record, and set granular permissions.

“They can even withhold a document from the view of their clinician," he said.

"Imagine that you’d rather your health professional did not have knowledge of your mental health condition. My Health Record gives you that control.”

He said this could be done either at the time of consultation or after the record has been uploaded; "you will have ongoing requirements to consent to different documents [being stored in the record]."

Kelsey said outsider threats to the record data would be dealt with by the agency’s dedicated cyber security centre – established in July 2016.

He said that no breach had occurred since the system launched in 2012.

“My Health Record operates to the highest cyber security standards in Australia," Kelsey said.

If customers did not opt out within the three-month window, a record would be automatically created for them.

However, by default, it would be empty, Kelsey said.

“The actual truth is that ... after a record has been created for you, there will be no data in it until it’s activated,” he said.

“There is no big brother, and people may be surprised that when ... their records are created, there is literally nothing in the record until its activated, at which point two years of your MBS [Medicare Benefits Schedule] and PBS [Pharmaceutical Benefits Scheme] data – if you consent – will be uploaded.”

He said data older than two years would not be uploaded to the record. The record will mainly be used to store newer health treatment information.