HealthEngine has been paid almost $4 million for the GP booking platform component of the federal government’s Covid-19 vaccination information and booking service.
The platform will be used by GPs clinics, as well as other approved health service providers like pharmacies, that don’t already have a booking system.
It is one part of the end-to-end vaccination information and booking service that citizens can use to book a jab at the more than 4500 GPs enlisted to administer vaccinations.
The contract, which will run until March 2022, was awarded by the department using a limited tender, specifically paragraph 2.6 of the Commonwealth procurement rules.
Under the paragraph, a company can be chosen to supply goods and services to "protect human health" when there is no reasonable alternative or substitute.
HealthEngine scored the deal despite being fined $2.9 million last year for sharing the non-clinical personal information of over 135,000 patients without adequate disclosure.
The practice earned the company $1.8 million from third-party private health insurance brokers over a four-year period between April 2014 and June 2018.
The company also admitted to not publishing around 17,000 reviews and editing another 3000 reviews to remove negative aspects or to embellish.
Addressing the concerns in a senate committee last month, associate secretary Caroline Edwards said that while “any issue… in relation to a provider” were a concern, the issues were “historical”.
“The issues associated with the ACCC proceedings are historical in nature, weren’t intentional and did not involve the sharing of clinical or medical related information,” she said.
“Following the ACCC recommendations, HealthEngine has strengthened its privacy and security processes and authentications.”
“This includes the introduction of additional levels of authentication in the latest version of its popular iOS and Android apps to increase data security and further protect personal information.”
Edwards added that the department had “very carefully conducted an assessment to check that those issues were not going to affect the current contract”.
“The privacy and security of HealthEngine’s solution were thoroughly evaluated by the department prior to making its final decision to offer them a contract to provide the system,” she said.
“In addition, the data available to HealthEngine through what it’s been contracted to do does not include any clinical information or any personal information over what’s required for people to book.”