In the wake of a series of healthcare data breaches, the Electrical Trades Union (ETU) of Australia has joined the chorus of critics pushing back against the government’s plans to mandate use of its My Health Record (MHR) scheme.
Designed to improve the flow of healthcare data between hospitals, doctors, pharmacists and other allied health practitioners, MHR was recently shifted from an opt-in to an opt-out model in order to boost its takeup.
Australians have until 15 October to opt out of the scheme or automatically have an MHR record created for them – and a growing tide of dissent is pushing many to take that option based on an uncertain cybersecurity environment and the privacy risks that a centralised digital healthcare record poses.
Warning that the public “has been kept in the dark about the monumental changes to their health records,” ETU national secretary Allen Hicks said in a statement that the MHR program has “the potential for privacy breaches that could negatively affect their private and professional lives.”
The concerns of the ETU – which called for “urgent ministerial intervention” to improve privacy controls – revolve around unfettered access to data, which it says could adversely affect workers attending pre-employment medicals or those undergoing workers’ compensation assessments.
But they are just some of the risks of MHR that have emerged as the push towards the opt-out program gains momentum.
Days ago, for example, Singapore suffered its worst-ever cyber attack as the personal details of 1.5m patients – including prime minister Lee Hsien Loong and several ministers – were exfiltrated from major healthcare operator SingHealth.
A top-level inquiry has been launched into the incident, with the government’s Smart Nation initiatives – including mandatory participation in the National Electronic Health Record (NEHR) project – paused for the moment.
Closer to home, last month it was revealed that medical bookings service HealthEngine was selling patient information to third parties such as law firms for targeted advertising purposes.
In 2016, Medicare was forced into an embarrassing backflip after a purportedly deanonymized data set was released, then rescinded, after it was found to be vulnerable to reverse engineering.
Earlier this month, New Zealand’s Privacy Commissioner was warned about a potential privacy breach involving identifiable medical records of up to 800,000 Auckland residents.
Yet even as the Australian government pushes ahead with its MHR program – the Australian Digital Health Agency recently distributed nearly 20,000 MHR education kits to health practitioners and Australia Post offices across the country – security specialists are warning that the program must have better controls over access to patient data, particularly during medical emergencies.
“There is no such thing as an organisation that can’t be breached,” One Identity vice president Bill Evans warned in a statement. “With that in mind, the main concern for Australians should be the security of their medical data.”
“Limiting damage after a breach of medical records is difficult. Unlike a credit card breach where you can simply turn-off the card and obtain a new one with a different number, medical records and specifically medical history cannot be changed. It is who you are and that is the real risk with this system: once breached, the ability to limit the damage is almost non-existent.”
Healthcare records are regularly found to be particularly vulnerable to compromise, with Verizon’s Data Breach Investigations Report 2018 finding that 56 percent of 750 analysed healthcare breaches were due to mistakes or abuse by internal staff. This gives the healthcare industry the “dubious distinction of being the only vertical that has a greater insider threat than it does an external threat,” the report noted.