Privacy Forum
Experts Tackle Health Privacy Futures
Top Health and IT professionals have voiced their concerns over current developments regarding privacy of e-health records.
At a sometimes highly charged meeting hosted by HISA in Sydney on Monday February 17, the HIPS (Health and IT professionals) group identified 4 areas that need urgent attention. These are: i) problems inherent in wide-reaching data access; ii) the need for special provisions for health information; iii) the use of national identifiers, and iv) awareness of IT risk factors.
Recognising that this is a time when privacy concerns are receiving notable political attention, particularly as privacy law reforms are currently being debated during an election year, the HIPS group identified the top 2 priorities for 2007.
For immediate action HIPS plans to work towards ensuring that health data gets recognised as needing ‘special provisions’. In addition, determining how the many proposed national identifiers could operate congenially towards improved service provision remains a major challenge.
Prof Peter Croll, who chaired this HISA privacy forum, highlighted the need to recognise the differences between the risk considerations that apply in normal commercial and financial services and those in the healthcare sector. He pointed out that "Whereas security and privacy violations involving money can be compensated for and recovery is possible, it should be recognised that incidents involving the revealing of sensitive health information is irreversible – disclosure is damage for life".
He went on to emphasize that this sentiment was evident in a US press article of the previous day by Robert Pear of the "New York Times" entitled "Warnings Over Privacy of U.S. Health Network". In this article President George Bush is quoted as saying:
"One of the things I’ve insisted upon is that it’s got to be secure and private. There’s nothing more private than your own health records".
But the article claims that to date "the administration had taken only rudimentary steps to safeguard sensitive personal data". Similar stories have been evident in a number of reports from the UK’s "Guardian" newspaper that highlight growing concerns for privacy in the UK’s integrated Nation Health record system, known as the "SPINE".
The consensus of the HIPS group was that:
"Trust is the most important aspect and we should not rush towards online solutions that will erode the public's trust through unnecessary incidents that have been evident with other public services of late".
This makes reference to recently reported Centrelink and Tax Office privacy audits that showed widespread disregard for privacy concerns from now dismissed staff. This real case is most pertinent as we enter a new dawn of the linked electronic health records.
Prof Bill Caelli AO, who gave a presentation to the meeting, said:
"it is not just about building walls and fences to keep intruders out, since many privacy violations involves insider attacks".
As a world renowned security expert, Prof Caelli further informed the meeting of the dangers from commercial level commodity software and systems in widespread use by our doctors and clinics. He went on to comment that:
"The companies that supply this software openly admit that they have only just recently started to build security into their systems from the ground up and that nearly all current systems in use have simply tried to bolt security on".
The thorny issue of generating national identifiers for each patient was debated passionately by the HIPS participants who come from a cross-section of industry, health service providers and academia.
The group identified the urgent need to allocate time to carefully consider these privacy requirements in contrast to current trends to undertake a hurried approach to system implementation on a national basis. The censuses was that while HISA members endorsed the concept and use of electronic health records, the potential ‘show stoppers’ of privacy and identity concerns needed immediate action if Australia is to avoid blindly following the now defensive US and UK routes.
The HIPS group, derived from over 400 professional members of HISA, pledged to compile some broad guidelines based on ‘best practice’ to address these pertinent and sensitive developments.
|
ITAC 08 - IT in Aged Care
The second Information Technology in Aged Care National Conference ITAC 08 will take place in Melbourne on September 4, 2008. The conference will focus on IT developments and their impact on aged care service delivery and systems improvement. We welcome managers, operators, CEOs & Directors of Nursing to this unique opportunity to participate in this exciting event. Visit ITAC 08 website http://www.itac08.com.au/ for more details. |
Health Privacy Futures 2008
The Health Informatics Society of Australia (HISA) would like to invite you to the inaugural national conference, Health Privacy Futures - HPF'08, in Brisbane on the 10th and 11th of November. Health privacy is a key foundation of Australia's transition to a safer and more efficient health system. This conference looks to bring together healthcare providers, consumers and Australia's leading privacy experts, to bring clarity and definition to this critical issue. To find out more go to the health privacy website at http://www.healthprivacy.org.au/ |
I hereby give notice that the Annual General Meeting of the members of the Health Informatics Society of Australia Ltd. will be held on Monday 1st September 2008 at the Melbourne Convention Centre, Melbourne, commencing at 5 p.m. 
