My Health Record: former privacy head warned of dangers six years ago

Extract from The Guardian

My Health Record

Malcolm Crompton says his cautions about an opt-out system were ignored by the government

Christopher Knaus

@knausc

Mon 30 Jul 2018 14.37 AEST Last modified on Mon 30 Jul 2018 17.09 AEST

‘It may well be military-grade [security] on the central servers of the My Health Record system. It’s demonstrably not military-grade for all of those 900,000 practitioners.’ Photograph: Alamy

Australia’s former privacy commissioner warned government officials about the dangers of an opt-out My Health Record system six years ago, but said his cautions were ignored.
Malcolm Crompton, now an adviser at one of Australia’s leading information privacy consultancies, has also warned digital health records will not be secure unless a widespread audit of every GP clinic in Australia is conducted.
“It may well be military-grade [security] on the central servers of the My Health Record system,” Crompton told Guardian Australia. “It’s demonstrably not military-grade for all of those 900,000 practitioners.

“Literally because nobody knows. Nobody has actually audited those 900,000 practitioners to make any statement of any sort on how secure they are.”
Last week Malcolm Turnbull pledged to address privacy concerns raised about the government’s My Health Record system. Healthcare and social security groups have expressed significant concern about the lack of privacy safeguards in the legislation governing the system, which could allow warrantless access by a broad range of government departments, including Centrelink, Medicare or the Australian Tax Office.
IT experts also say the system is prone to cyber threats, particularly because the records will be accessible by a vast range of people in the medical workforce, many of whom will have weak cyber security.
Health minister Greg Hunt has repeatedly stated the data will be secure and no access will be allowed without a court order.

  What is My Health Record? – video explainer

Crompton, the privacy commissioner between 1999 and 2004, said the government had been repeatedly warned about the security risks now being canvassed. In 2012, Crompton addressed health department officials directly about the dangers of an opt-out system during a roundtable on digital health records.

“I said ‘the change from opt-in to opt-out is inevitable, and these are the risks of doing so and some of the actions necessary to redress the imbalance’. Department of Health people were present,” he said.
“Others have issued similar warnings. So there are no surprises about any of these issues now being raised. The difference is that they were dismissed or not dealt with properly. They are still being raised and are being taken seriously, or at least seriously enough for Mr Hunt to be talking to the doctors.”
The Deeble Institute for Health Policy Research is among those who have also warned of the privacy and security risks of moving to an opt-out system.
In 2015, the institute published a report calling for a “comprehensive system security and privacy safeguard review” before the implementation of the opt-out system.

Following this review, the government would need to “implement a mix of technology, policy and process mechanisms aimed at strengthening security and privacy controls”, the report said.
It also recommended a major public education campaign before moving to opt-out, to demonstrate the privacy and security safeguards of the system.
A spokesman for Hunt said he would meet this week with the presidents of the Australian Medical Association and the Royal Australian College for General Practitioners to “work constructively” with them about their concerns.
He said Australians had a choice to opt-out if they wished, and could decide how their medical information was controlled.
“Labor brought in this legislation in 2012 and it has been operating for six years and just under six million Australians are already on the system,” the spokesman said.

“My Health Record is subject to some of the strongest legislation in the world to prevent unauthorised use and backed up by a world-leading cyber security team.”
Crompton, who has himself opted out, said he had little faith in the government’s ability to resolve the myriad of privacy and security issues.
“They will be pushed to make minimal change amid extreme noise,” he said.
Crompton said the Office of the Australian Information Commissioner is under-resourced to cope with such a vast scheme. He compared OAIC’s resourcing for audits with the kind of money corporations spent on financial auditing.
“The privacy commissioner is doing the commissioner’s darnedest to be as effective as possible with the budget they’ve been given,” he said.

“But somebody in the department of finance keeps on leaving off a couple of zeros before the decimal point. It’s not just under-resourced ... it’s criminally under-resourced.”