The number of email complaints about My Health Record rose more than 400% during July 2018 and January 2019, according to The Australian Digital Health Agency’s (ADHA) latest annual report.
Released under the radar on Melbourne Cup day, the report highlights the number of complaints rose from 57 to 304.
ADHA attributed to the rise in email complaints to the extended opt-out period between July 2018 and January 2019, where 2.5 million people opted out of My Health Record.
ADHA told Information Age “the Agency has worked with healthcare providers and industry partners and will continue to support the health and wellbeing of the Australian community through improved access to digital services”.
Suspected data breaches
The report also showed only a minimal drop in the number of suspected data breaches, from 42 to 38 in the past financial year.
Most of the breaches were reported as not “purposeful or malicious attacks” and deemed not a “compromise of the integrity or security of the My Health Record System”.
The majority of the breaches were reported by Services Australia (formerly known as the Department of Human Services) – the ‘Registered Repository Operator’ on behalf of My Health Record.
Services Australia reported 34 of the data breaches to the Office of the Australian Information Commissioner (OAIC).
These include 27 breaches resulting from data integrity activity initiated by Services Australia to identify intertwined Medicare records (where a single Medicare record was used interchangeably between two or more individuals).
Seven breaches resulted from suspected fraud against the Medicare program involving unauthorised Medicare claims being submitted, with the incorrect Medicare data subsequently appearing in the My Health Record of the affected customers.
ADHA told Information Age of the 38 potential breaches reported most were attributed to administrative errors (such as cases of intertwined Medicare records; or processing errors when creating records for infants); and suspected fraud against the Medicare program involving unauthorised Medicare claims being submitted.
ADHA reported three of these matters to the OAIC because one breach was the result of an unauthorised access to a My Health Record, attributed to an incorrect parent being assigned to a child.
Another two breaches were suspected fraud against Medicare including incorrect records appearing in the My Health Record of an affected individual; and someone’s record being viewed without authority by the individual undertaking the suspected fraudulent activity.
Following SA’s lead
The Agency laid out ambitious plans to launch initiatives like the National Out of Hospital Care Collaborative, currently led by South Australia, nation-wide in 2020.
The initiative was developed to address gaps in existing interoperability standards for secure messaging.
Industry agreement on solution architecture for interoperable messaging and distributed directory has enabled the delivery of two proof-of-concept projects initiated with vendor-led consortiums to refine and implement standards.
Dr Nathan Pinskier, past chair of the Royal Australian College of General Practitioners Expert Committee on eHealth, said secure clinical messaging must have a comparable level of ease, transparency and interconnectivity.
“When I call someone on my mobile phone, I don’t need to know which service provider or which handset or which operating system they are using,” he said.
“The new community agreed and developed interoperable solutions architecture is a major step forward in resolving these issues. The focus now needs to shift to broad health sector implementation, adoption and usage”
With 22.6 million Australians on My Health Record (compared to less than six million in the period prior to opt out) 1.5 billion documents have been uploaded to My Health Record, with 523 million in the last seven months – ensuring interoperability is another key goal for ADHA.
Work ahead
Other works in the pipeline for the 2019-2020 financial year include:
· Co-design a national technology alignment program to place Australia at the forefront of digital health innovation.
· Launch the national goals of care collaborative to facilitate uploading of advance care planning documentation to My Health Record supporting end of life care.
· Trial and evaluate proofs-of-concept for the Child Digital Health Record, Digital Pregnancy Record and Child Digital Health Checks.
· Develop architecture and implement the National Provider Addressing Service and service registration assistant, for “seamless, safe and secure addressing”.
· Co-design a Digital Medicines Blueprint, for digital services to increase the safety, quality and efficiency of medicines use across health and care.