Published on the 01/06/2018 | Written by Jonathan Cotton
Forget AI, Industry 4.0 and the chatbot hordes, data privacy is the tech issue of the moment. But when does the privacy imperative slip into paranoia?...
The latest storm in a teacup – producing much wringing of hands and political haymaking in Australia – is the federal government’s latest data-grab, the opt-out only (and AU$1.2 billion taxpayer funded) My Health Record service.
Simply put, the My Health Record initiative aims to put certain citizen medical data – allergies, medical conditions, treatments, medicines, and test reports – into a format which can be securely shared between clinicians and their patients.
“The current system of medical records means that we may have incomplete information on a patient – especially if the patient has recently seen another specialist or has been discharged from a hospital,” says Australian Medical Association president Dr Michael Gannon.
“The My Health Record will result in doctors having access to better information, in a more timely fashion, via secure means. Less time chasing up paperwork means more time can be spent treating our patients.”
“The gung-ho attitude of technology specialists means that patient trust, patient choice and patient care are being put at major risk.”
So far so good. The efficiency of the health sector is a win for everyone.
Currently about 5.7 million Australian have an account, and the reasons for that number is an interesting one: They didn’t volunteer to join, and the programme is opt-out only.
That’s a fact failing to impress critics, and on this they’ve got a point: Going over the details from the recent one million-strong trial, less than two percent of those joined have opted out. But rather than an expression of overwhelming consent however, it’s far more likely a measure of ignorance, especially when considered next to the data point which shows less than 0.1 percent of users have engaged with the system’s privacy controls at all.
Digital privacy advocates have got the knives out, both at the seeming strong-arm tactics of this automatic opt-in policy and their own security concerns around the platform.
“Simplistic IT solutions that gather large amounts of raw, un-managed patient data, which can be matched with other data sources, which are onerous to use, and which are easily accessible over the internet can create far more insidious problems than they solve,” says the Australian Privacy Foundation.
“In our opinion the My Health Record falls into all these categories.”
“The gung-ho attitude of technology specialists and the politically driven decision to make the My Health Record opt-out means that patient trust, patient choice and patient care are being put at major risk.”
“The risks to your privacy, confidentiality and information security need to be balanced by the value of any of your health records. In our assessment, because it is not really your health record but a less-reliable copy, the My Health Record has little value for either your clinicians or you as a patient: you both need the real thing. This means the risks to you may be high enough to question whether My Health Record is worth it.”
Whistleblowing techies? Or reactionary Luddites?
Either way, there is a legitimate cause for concern here: Since the Notifiable Data Breaches scheme was launched in February, health service providers reported the highest number of breaches – about a third of all reported cases – and My Health Record itself has already been subject to unauthorised access by at least one third party, affecting about 100 users.
This tension between the benefits of open, easy data sharing and fundamental principles of privacy is very much the issue of the moment.
So what does the man-on-the-street think? The Consumer Attitudes to Privacy in Australia paper – while marketing focused – provides some insight here: “Just over a third of Australians agree (35 percent) that as long as data isn’t abused, privacy isn’t an issue.”
“This reveals that data sharing itself is not what is of primary concern to many consumers; it is the fear of data misuse. For organisations stringent data protection policies and data security practices are fundamental to allaying consumer concerns with the issue of data breaches.”
“According to segmentation analysis just under half of Australians are Data Pragmatists – those who will make trade-offs on a case-by-case basis as to whether the service or enhancement of service offered is worth the personal information/data requested.“
So where does the truth lie? With the progress-at-all-costs advance guard? Or the big data-worriers?
Probably neither. As with so many political hot-buttons, the further you move from the edges the more sense you start to see, and the way forward is without a doubt in the striking of a balance between what we’re willing to share and what we aren’t. And maybe the apparent indifference of the average citizen is actually an expression of just such a centrist approach.
By and large there seems little cause for immediate alarm. Yes, governments, business and practically every other organised group recognises the value that large swathes of citizen/consumer data offers them. But governments are also moving to represent and address concerns around data sharing, the most conspicuous being the inbox-filling-to-the-point-of-madness GDPR initiative currently underway.
Sure, the federal government’s implementation of an opt-out policy for such a data-hungry programme seems a little self-serving, but in 2018 that could almost be considered par for the course. We’re still finding where the happy middle ground lies, and until we find it, expect some broken eggs.
We stand of the precipice of a data revolution, and the time to make mistakes is now.
Speaking of government mandated privacy protocols, check out this deep dive on how the GDPR affects you (and trust us, it does), check out ‘What you need to know about GDPR’ .
Download the ADMA’s Consumer Attitudes to Privacy in Australia Report.