Has Canberra learned the wrong lesson from Cambridge Analytica: abusing ‘informed consent’ gives you a plausible excuse? Exploiting ignorance, inaction and misplaced trust gets you the Big Data?

Our advice on My Health Record, like that of Dr Katherine Kemp, a specialist in data privacy [1], is to Opt-Out while you still can: we now know that your once-off chance to protect your medical confidentiality begins on 16 July and expires on 15 October 2018.

Just say “No” to this Clayton’s ‘consent’, this attack on the clinical relationship of trust. Tell the government: “Come back when you can ask nicely!”

The Health Minister, Greg Hunt’s recent announcement [2] of the closing date for your once-off chance to “Opt-Out” of the government’s My Health Record is remarkable not for what it says, but what it doesn’t say. There is no mention that:

My Health Record was first released in July 2012 as “opt-in” (like all other forms of proper consent in the medical area, you must be explicitly asked for your permission before it happens, and be told what it is, what the proven benefits are, and what your risks are).

When given a chance to Opt-In, few Australian did so, apparently not convinced of either any necessary benefit to them, or that it’s bypassing of medical confidentiality is trustworthy.

Although there are over 5.77 million registrations, only 1.7 million Shared Health Summaries have ever been uploaded, including updates. Those My Health Records that do exist have hardly, if ever, been used, perhaps because it is a mere grab bag of fragmentary extracts, not a usable or reliable clinical record.

To try to get around this rejection by those asked for proper consent they changed the “consent” procedure to a consumer-hostile “Opt-Out” approach, so you will be registered for a My Health Record without your express or active consent.

This is the ‘nanny state’ gone mad, a huge and risky invasion of your privacy. The government cannot persuade Australians and their GPs that creating a My Health Record is useful or safe (possibly because there is good reason to conclude it is neither), so they cheat by just giving themselves the right to do it anyway, unless you say no before the looming, newly announced date.

A major worry is that there is no mention of the costs or the risks to you of the government (and those to whom it is happy to disclose, whether in full or as easily re-identifiable ‘open data’) having bits of your health information. It’s like leaving out a full explanation of the possible side effects.

There is little evidence that an unreliable, incomplete, out of date summary health record system will be of any value to health professionals. The vast majority of doctors and clinicians already keep reliable electronic medical records for their patients – records they actually use daily to provide care, and can rely on for life and death decisions. The My Health Record is not for use as a medical record, it is designed for other purposes for third party users. In most clinical circumstances, the My Health Record creates an increased workload and a useless duplication, without solving the real problem of interoperable, highly secure, trustworthy clinical records. As a patient, watch your GP next time you have a consultation and observe just how much time the GP spends on their computer. My Health Record will just make this worse, without offering anything reliable or useful for clinical practice, and expose you to risk.

The Health minister doesn’t mention many key facts. This omission undermines the degree to which a decision to Opt Out by 15 October can be properly “informed”. For instance, he doesn’t mention:

The government advises health professionals not to rely on data in My Health Record; it is an adjunct to clinical systems, not a replacement. Its primary purpose is to enable those not in the clinical relationship of trust to access your medical information, not to help doctors and patients in the treatment setting. Once government has your health data, you cannot delete it. If you don’t Opt-Out now, you lose you chance forever. If you wish to change what you have added, a new copy is uploaded, but the old data stays in the system. If you want to cancel your My Health Record, all that will happen is that your record is deactivated (and perhaps hidden from you), but will still exist. This is social media’s idea of pseudo-deletion, not a proper right to withdraw your data from them. Data put into My Health Record by health providers may be incorrect or inaccurate, but the author of the documents is the only one who can alter it. It is up to you to check the accuracy of the data (how could most people do this?), and chase up those who uploaded it and ask politely if they will correct it. They are under no obligation to do so. In other words, any idea you own or control your data in My Health Record is an exaggeration. You control anything you add yourself, but that’s about it. It is not YOUR health record, the record belongs to the government, and the data is controlled by whoever entered it, and the government. Your GP will need to spend time summarising your health data, ensuring that it is consistent with what is already in your my health record before uploading it; time that could be better spent managing your health or the actual clinical record, not this unreliable duplicate. Some communities (e.g. those with mental health issues, drug abuse problems, the LGBTI community) have expressed concerns that there are risks of their health treatment information being readily available to a wide range of health care professionals. The My Health Record system does not deal with security, privacy, sensitivity or risk of excessive use. When Your health data are legally available from, or downloaded to, other systems they are not covered by the My Health Record legislation. And if they are abused, there is still no right to sue for breach of privacy in Australia. You can only see which institution has accessed your record, not which individual – a major flaw in auditing, security and accountability. The minister doesn’t mention that ‘the institution’ could be a medical centre, a large hospital group, a pathology company or a pharmacy chain, with potentially hundreds or thousands of people able to access your record under the one name of that organisation. You (and everyone else) have to keep your health data up to date, or it may become inaccurate or out of date and potentially unsafe. This is a major design flaw – the whole point of reliable electronic health records is that they should solve the currency problem. My Health Record hides it and makes it worse, so it is potentially unsafe. Your health information may be linked with data from other government agencies looking for evidence of fraud or malpractice, or as the legislation says “the protection of the public revenue”. What happens after the three month “Opt-Out” period for people who have been abroad – students, returning off-shore workers, new citizens, or people who have no idea this record process is happening because they aren’t currently living here? (They lose their one chance.) After the Opt-Out period, newborn babies will be given a My Health Record unless their parents opt them out. That child will then have a My Health Record for life, and will never have been given the opportunity not to have one. Any large-scale database of health information will be a highly attractive target to hackers. IT security can no longer be assumed to be able to repel a sufficiently motivated intruder. My Health Record creates a massive honeypot of duplicate data, a sitting duck. There are significant risks to patient privacy, and you need to assess that risk according to the benefits and costs or risks relevant to your specific circumstances. For most people, the breach of the clinical relationship of confidentiality and the lifelong loss of control of your data will not be worth any minor benefits – we believe this is why most people did not give consent when they were asked properly (the former Opt-In approach).

We have yet to see what information the government provides as part of its awareness-raising campaign so everyone knows the government will make a permanent My Health Record about them if they do no Opt Out by 15 October, and the full story so people can make a proper informed choice. The clock is already ticking, but the assumption is that they hope most people do not become aware of the looming deadline of your once-off chance to protect your medical information from a Cambridge Analytica-style data heist, or of the facts suggesting the limited benefit and clear risks of letting the moment pass. They will later be able to insist, like Google and Facebook (but with less cause) that it’s your problem now: silence means consent, so by doing nothing you have legally agreed to let them do it.

In the meantime, you should go to <https://www.myhealthrecord.gov.au> and register to be informed when and how to Opt-Out. The direct link is:

<https://www.myhealthrecord.gov.au/for-you-your-family/howtos/opt-out>

Contacts:

Dr Bernard Robertson-Dunn

(APF Health Committee Chair) 0411 157 113 Bernard.Robertson-Dunn@privacy.org.au

References: