House debates

Monday, 17 September 2018

Bills

My Health Records Amendment (Strengthening Privacy) Bill 2018; Second Reading

5:26 pm

Photo of Ms Catherine KingMs Catherine King (Ballarat, Australian Labor Party, Shadow Minister for Health and Medicare) Share this | | Hansard source

When this House last considered the My Health Record, in 2015, I moved a second reading amendment on the government's bill. It called on the House to note 'the inadequacy of this bill in making real improvements to a national electronic health system'. The government voted that amendment down. Labor, alongside many health groups, was always agnostic about the government's decision to move to an opt-out system. We did not believe that this was the main area where improvements needed to be made. We raised very real concerns about implementation but were prepared to give the government and the new digital health agency a go, to get it right. But three years later it is clear that the government has botched the implementation of the My Health Record.

We should be very clear: the legislation before the House today is a clean-up exercise, and it is a job only partly done. We will use the processes available to us through the Senate to try to improve this legislation. But we will also use those processes to determine whether we need to go further if we are fortunate enough to form government at the next election. I want to be clear at the outset that Labor supports a national digital health record. We established the personally controlled electronic health record under the leadership of the member for Sydney. We knew that the personally controlled electronic health record could improve coordination between GPs, specialists and hospitals and cut down on duplication and errors in diagnosis, prescription and treatments. It's an important healthcare reform.

We continue to believe that the My Health Record could save money and lives if implemented by a competent government. But that is a very big 'if', because this is not a competent government when it comes to digital service delivery. This is the government that gave us census fail and robodebt. In health, this is the government that saw Medicare and PBS data leaked and that spent millions of dollars outsourcing the National Cancer Screening Register to Telstra in a contract that still has not delivered a functioning cancer register. Now we can add the implementation of the My Health Record to that very sorry list, because in mid-July, when the opt-out period for the My Health Record began, it became clear that the government had bungled this vital program in two fundamental ways.

First the government failed—and it seems even to have refused—to communicate with Australians about the risks and benefits of the My Health Record and what the opt-out system means in practice. The opt-out model is a very big change from Labor's opt-in system. Every Australian will now get a My Health Record unless they tell the government that they don't want one. It moves the system away from one of informed consent, a model that is a foundation principle of the way that health professionals work together with those in their care. Informed consent is based on a very strong relationship of trust and is embedded across the entire healthcare system.

The government in 2015 took the decision to move to a presumed consent model and to provide a period in which people could choose to opt out of the system altogether. It is a significant change in the healthcare relationship. Bringing both healthcare professionals and the Australian public along with these changes was essential for their success. That required properly and consistently explaining to the Australian public not just the how of the opt-out system but the why. Why was it necessary? The government has never made these explanations. The Digital Health Agency gave some money to primary health networks to promote the reform. Brochures have been produced, the information within which is pretty rudimentary. One brochure I have seen was factually wrong. Funds were given to a raft of different stakeholder groups who needed to communicate with their members, but that was it.

In the opt-out trial sites the government sent a letter to every person who would be registered for a My Health Record informing them of the reform, what was happening, what their rights were and what they might need to do about it. That's a common and effective way for governments to communicate significant policy changes, but the government has refused to send the same letter as part of the national rollout. It might be because the government sent letters to dead people in the trial sites, which was pretty embarrassing and hurtful, but in any case there has been no letter on the national shift to an opt-out system and the importance of the My Health Record.

As another example the government has refused to run television ads. It is not because they can't afford it—the Digital Health Agency spent $81 million on consultants last year alone—it is because this minister doesn't have the courage to back this reform that is supposedly so important. In July, as the opt-out period began, all of the criticisms that the government had hoped to keep quiet came tumbling out. In the process the government threw away any trust the Australian people had in its implementation of the My Health Record.

The government's second broad mistake is equally damaging. Put simply it is trying to implement an opt-out system on opt-in foundations. Other than minor changes in 2015 the legislation and policies that underpin the My Health Record were designed for the opt-in, personally controlled electronic health record. In that system the government could assume informed consent because every consumer with a record had actively chosen to create one. A number of the My Health Record features made sense in that context. For example, default settings that kept a record relatively open made sense if someone had deliberately creatively and actively created that record, but when every Australian gets a My Health Record, many of them without any real engagement, those settings may no longer be tenable.

Those two fundamental mistakes led to weeks of controversy on the My Health Record and finally forced the minister to announce the changes that this bill implements. In particular this bill makes two changes to the My Health Records Act. First this bill amends the act to require a court order or a consumer's express consent in order to disclose health information from their My Health Record to law enforcement agencies or other government bodies. Even groups that are generally supportive of the My Health Record like the Australian Medical Association and the Royal Australian College of General Practitioners have been alarmed by the government's previous insistence that a policy of the Australian Digital Health Agency would suffice. I commend the AMA, the Royal Australian College of GPs and others for advocating for that policy to be enshrined in legislation.

The bill sets out a range of conditions under which a judicial officer may make a court order to disclose health information, including that the disclosure is reasonable necessary and that the requested information is not available from any other source. It also exempts the Auditor-General, the Ombudsman and the Information Commissioner from the requirement for a court order. The government argues that this is necessary because these agencies have unique responsibilities to ensure the privacy and security of the My Health Record system. I want to foreshadow today that Labor will test that proposition in the Senate.

Second, this bill amends the act to require the permanent deletion of health information for all consumers who opt out of the My Health Record. The act currently requires the information that was held in the record to be locked down but retained until 30 years after the consumer's death. Again, that setting might have made sense when a consumer had previously opted into the My Health Record and might want to rejoin the record in the future. But it makes no sense in an opt out system.

Labor welcomes the changes in this bill, but the changes do not go nearly far enough. The former president of the AMA, Professor Kerryn Phelps, has described the government's changes as woefully inadequate and as minor concessions. Labor agrees. The government has stubbornly refused to address a range of privacy and security concerns beyond the two that are apparent in this bill. I want to touch on some of those concerns today, because they make clear that this bill does not fix the problems that will plague the My Health Record.

First, advocates are alarmed, as the government should be, that the current record could be used as a tool in family violence. That's because the default settings give access to a child's My Health Record to both parents and, in fact, they may even allow a non-custodial parent to create a record for a child that is no longer in their care. So, if a woman and her children are fleeing an abusive ex-partner, that partner could track their location by viewing the doctors and pharmacies that they visit. The National Council of Single Mothers and their Children says abusive ex-partners could use this to narrow down the locations of victims in hiding. That is, frankly, a chilling prospect. But the government says it isn't a problem because one parent will be able to terminate another's access. But it is ridiculous to place the burden of keeping a child's My Health Record private on a mother fleeing violence. And even if a mother does raise concerns, the government has installed the Digital Health Agency as the judge in family violence cases in these circumstances. The agency says it will investigate concerns and reinstate access to whichever parent it believes is appropriate. With due respect to the agency, it has no expertise—absolutely none—in family violence or in family law. That is not its job. It is simply not good enough for the government to say that women fleeing violence need to raise concerns which will then be investigated by digital health bureaucrats. By the time they even become aware that a record has been created it may be too late. But, in spite of advocates' concerns and media reports, the government has stubbornly refused to actually address this issue.

A second and related concern is about parental access to My Health Records for teenagers aged 14 to 18. The concern has been raised by GPs in particular, and I want to thank them for their advocacy on behalf of their patients. Teenagers may take control of their My Health Record at the age of 14, and we know that, for many teenagers, as they start to get into their adult life, there are controversial issues they might want to talk to their GPs about, particularly around contraception. Taking control of their My Health Record at the age of 15 also requires, unfortunately, the creation of a myGov account and an identification verification procedure. GPs fear, and I agree, that many a teenager does not have access to the documents needed to take control of their own record. Where that's the case, their authorised representatives—usually their parents—will maintain default access to their record until they are 18. That will mean that parents, even non-custodial parents, can view health information such as pathology reports, medicines information and other summary documents. There are many instances where this is not appropriate. But, again, it's not a problem that this bill even attempts to address.

A third serious concern has been raised by unions. The government is incapable of listening to unions when it comes to issues like this, and they need to. Their concerns are real and deserve to be addressed in this debate. In particular, the Australian Council of Trade Unions and its members point out that employers could gain access to employees' My Health Records via employer doctors.

For example, My Health Record data accessed through pre-employment medical checks or workers compensation assessments could be passed to employers and used to discriminate against workers, for example, on the basis of pre-existing medical conditions. To be fair, the government argues that this is prohibited both by the purpose of this act and by a separate piece of legislation, the Healthcare Identifiers Act, but lawyers have publicly challenged this claim. They say the current legislative framework is ambiguous at best and that protections should be built into the My Health Records Act itself. In the meantime, unions are rightly urging their tens of thousands of members to opt out of the My Health Record.

The government says it's important for as many Australians as possible to have a My Health Record. So why wouldn't the government address the ambiguity, build protections into this act and try to restore the confidence of workers and unions? That's what the government has done on court orders. It said they were unnecessary because of the policy of the Digital Health Agency, but ultimately it recognised that legislation could help to restore trust in the My Health Record—and it is now trying to legislate for that. It should do the same in this instance.

Concerns like these are why Labor referred the My Health Record to the Senate for inquiry. When I announced Labor's push for an inquiry, the minister called it a stunt. That's how little he cares about the risk that his My Health Record may contribute to family violence or discriminate against workers. But ultimately there was overwhelming support in the Senate for not one but two inquiries. One will examine this bill in the usual way. The other is a broader inquiry that will review all the laws, regulations and rules that underpin the My Health Record. It will examine the government's decision to shift from an opt-in system to an opt-out system and whether it adequately prepared for this fundamental change. It will examine a range of privacy and security concerns, including those that I have discussed today. And it will look at the potential that commercial interests, including health insurers, could be given access to My Health Record data. The inquiries have held their first hearings, and Labor thanks all the organisations and individuals that have already contributed to them. Unlike the government, we are committed to listening to all Australians on their national digital health record.

Witnesses at the inquiry have already raised a number of potential issues that haven't been previously raised. Professor Phelps, who I mentioned earlier, believes we need to better safeguard against any future moves to privatise or monetise this this system. I think it's pretty clear the Australian people have no appetite to see their health system sold off or commercialised. I think they sent that message pretty loudly and clearly in the 2016 election, when this government was actively involved in the idea of the private sector looking at the Medicare payments system. Professor Phelps has raised concerns about section 98 of the legislation, which gives the Australian Digital Health Agency the power to delegate any function to any other person with the consent of the minister. As she points out, this section could have very broad implications, and it's worth exploring this further.

It's also been pointed out that the My Health Record is something that, if successfully delivered, will be around for a long time, and we need to futureproof it. That means tightening the current legislation as much as we possibly can. We also need to make absolutely certain that the private health insurers are never given access to people's records. The government says that this won't happen, but there is the potential for that to change as part of a scheduled review in 2020. We need more explicit legislative guarantees that this will never happen under any circumstances.

The Royal Australian College of GPs warned the Senate committee last week that there was a real risk insurers may try and game the system. They suggested that the act should be strengthened so it specifically prohibits insurers from even making requests to healthcare providers to access such information. But, as the Australian Healthcare and Hospitals Association told the inquiry last week, even changes to more thoroughly lock out insurers may not be enough. The Australian Healthcare and Hospitals Association believe there should be consumer protections to prevent third parties from discriminating against individuals who do not agree to release their My Health Record data. They raised the prospect of businesses refusing to sell a product or service, or charging more, unless the individual provides access to their data. That is obviously not acceptable. We believe there may also be some merit in a review of the default privacy and security settings for a person's record. There is significant concern from IT and cybersecurity experts that the current settings are too relaxed.

At any rate, given the committee process underway, we will not oppose or amend this bill in the House. We will allow it to proceed to the Senate, where we may seek to amend the bill in light of the evidence of the two inquiries. In the meantime, we still firmly believe that the opt-out rollout should be suspended until all of these concerns are fully addressed and a new comprehensive public information campaign is launched. The government promised such a campaign six weeks ago, but so far we have seen absolutely no trace of it. Put simply, a one-month extension to the opt-out period that the government has introduced does not cut it. This reform should not go any further until public trust has been restored, and the only way to do that is to let the Senate do its job and to make sure that we actually get this legislation correct. We have always believed in the benefits of a national digital health record and what they could deliver and that it was worth some of the risks. But governments must do everything in their power to minimise the risks.

I think it is foolish of any government to say that this data won't leak at some point. The reality is that over recent days and recent months, and in other countries as well, we've seen significant sensitive health data enter the public domain. The issue is: what are the protections for people when that occurs? What are the protections for people when third parties use or publish that information in any way? We need to make sure that we have the regulatory framework in place to ensure that people's privacy is protected and that the security of their data is as strong as it possibly can be. But then what happens in the case of this information making it into the public domain and being republished in a newspaper or used adversely against someone in their employment or against someone seeking further insurance or in any other matter? I think those are debates that we need to have to make sure that we've got that right within the legislative framework.

More than that, the government must clearly demonstrate and explain to the public what they're doing to minimise the risks. Otherwise, the whole enterprise will be hobbled in distrust and scepticism. The reform needs public support to work, and that's where the government has failed. That is why it needs to suspend the opt-out period until it can get this right.

The changes in this bill are necessary but not sufficient. We need to respect the Senate inquiry process as an opportunity for all Australians to have their say. We need further protections for privacy and security in both legislation and policy, and we need a government that is committed to communicating with all Australians about the benefits and risks of the My Health Record so all Australians can make an informed choice about whether to participate. I therefore move the second reading amendment that has been circulated in my name:

That all words after "That" be omitted with a view to substituting the following words:

"whilst not declining to give the bill a second reading, the House calls on the Government to suspend the 'opt out' phase of the My Health Record rollout until other privacy and security concerns are addressed".

Photo of Ross VastaRoss Vasta (Bonner, Liberal Party) Share this | | Hansard source

Is the amendment seconded?

Photo of Clare O'NeilClare O'Neil (Hotham, Australian Labor Party, Shadow Minister for Justice) Share this | | Hansard source

I second the amendment and reserve my right to speak.

Photo of Ross VastaRoss Vasta (Bonner, Liberal Party) Share this | | Hansard source

The original question was that this bill be now read a second time. To this the honourable member for Ballarat has moved as an amendment that all words after 'That' be omitted with a view to substituting other words. If it suits the House, I will state the question in the form 'that the amendment be agreed to'. The question now is that the amendment be agreed to.

5:48 pm

Photo of Tim WilsonTim Wilson (Goldstein, Liberal Party) Share this | | Hansard source

Where do I begin? I'm probably about to make myself very unpopular in this chamber, but sometimes you've got to stand up, speak the truth and do what is right, and the simple reality is that I have not had any enthusiasm, ever, for the My Health Record system. It's a bad policy introduced by the Labor Party when they were last in government. Had I been elected to parliament at the time, I would have stood up, spoken against it and said: 'I don't think it's right. I don't like the idea of a centralised system recording people's health records—least of all when the law doesn't even put limitations or protections in the legislation around who can access it, so busybody bureaucrats, tax officials and people merely seeking information can access it.'

This is Labor's legacy to health: establishing My Health Record. And why? To solve, frankly, what I consider to be a nonproblem. These schemes are around the world. If you go and look at other countries everywhere, you'll see the My Health Record system or its equivalent. And you know what comes out? They're models proposed by technocrats and high-priced consultants in response to questionable problems in health record keeping. Funnily enough, they all seem to make a lot of money out of it, and over time they become lumbered with more and more information and obligations until basically they get to a point where nobody uses them anymore. In the end they become a massive waste of money, and they aren't used in the way that they were designed or for the purpose of solving the problem which they were trying to solve. That's the basis and the legacy of Labor's My Health Record system, and that's why I spoke out and said I opted out. I don't make any apology for that. You hear the hypocritical arguments being put forward by the member for Ballarat, amongst others. They get up and lecture the current government about My Health Record and how we haven't done enough, but we are fixing their problems. They're the ones who introduced the system that didn't put the security and safeguards in place. I welcome what the government is doing to fix up Labor's mess. Labor are responsible for the problems and the practises that sit at the heart of this law.

I've also said publicly that it's my belief that it should remain an opt-out system. That has not changed, and that will not change. I think that's called the tenets of liberalism, and, as I've said, that's one of the reasons why I opted out. But, if we're going to have such a system designed by the Australian Labor Party and legislated two parliaments ago, we should at least have these types of security mechanisms sitting at the heart of it. And what do we have? The Australian Digital Health Agency will have obligations put on it about how information is to be disclosed and to make sure that there are appropriate penalties should information be disclosed in an inappropriate way. The My Health Records Amendment (Strengthening Privacy) Bill 2018 will require the system operator to delete the health information it holds for any consumer who has ever cancelled their My Health Record. To support these amendments, we have an extension of the opt-out period. Very good. Congratulations to the minister for doing so, because your health records—the health records of the Australian people—should be private. They should be a matter for you and your doctor, not tax accountants, bureaucrats or police officers trying to find information without any just cause and without a warrant. This bill is so welcome, because it fixes the legacy that we inherited. So I say to the Minister for Health: congratulations for doing the right thing in fixing Labor's flawed My Health Record system.

5:53 pm

Photo of Mike FreelanderMike Freelander (Macarthur, Australian Labor Party) Share this | | Hansard source

The member for Goldstein has once again demonstrated why the Liberal Party knows nothing about public health policy. I rise to reiterate my support for the My Health Record system and to support the comments of the member for Ballarat.

As the minister has been quick to point out, the My Health Record was Labor's idea. Unfortunately, we're now in the situation where we have the multiplier effect of incompetence. We have the Liberal and National parties' inability to understand public health policy, as demonstrated time and time again—a perfect example is that, at the beginning of this parliament, they sold off the Australian cancer registry to a private enterprise, and there have still been no positive results—multiplied by this government's incompetence with electronic communication, as demonstrated by the poor NBN results, the robo-debt problem, the poor census results and the Medicare data breaches. Unfortunately, this multiplier effect has done enormous damage to the My Health Record system and to public confidence in it. In my view, we need to go back to square one and redesign the system with basic security at the heart and at the beginning of the system. The fact that the member for Ballarat has referred the legislation to a Senate inquiry is very good, but I would reiterate that we need to make sure that the Australian public has confidence in the system.

A brief period of reflection on the history of the system is warranted. After several years of operation of the scheme in a trial manner, the Abbott government decided that it would move from Labor's opt-in approach to an opt-out model, and that's when the problems began. What it didn't do was enhance the privacy and the data security features of the scheme to reflect its wider reach and increased vulnerabilities of the opt-out model. I'm probably a lot less agitated by privacy issues than are many critics of the government's proposed changes, but I do recognise that moving to an opt-out model introduces a level of quasi-compulsion into the scheme that did not exist in Labor's version. I have discussed this scheme at length with my colleagues, both in and out of the parliament.

Any member of this parliament who has an interest and has had a profession in health care, including the member for Chisholm, the member for Batman, the member for Dobell, the member for Bowman, Senator Di Natale, the member for Herbert and the member for Lyne, knows and supports the transition to electronic health records. It will have enormous benefits for the Australian healthcare system. It has real-world benefits already. For example, in my own field of paediatrics, complex—often genetic—disorders associated with multi-organ dysfunction can be benefited enormously by having a record of these rare disorders and the deficits that they can cause. One condition that springs to mind is something called velo-cardio-facial syndrome, which is a specific genetic disorder associated with multi-organ dysfunction, thyroid dysfunction, parathyroid dysfunction, congenital heart disease, intellectual disability, epilepsy and other organ systems, often very complex. Parents often don't completely understand the complexity of the disorder. When visiting doctors and hospital emergency departments, having a simple way of communicating the information about their child's disorder would be of enormous benefit.

Another example is in medication tracing for people who have substance abuse difficulties. It would be very, very helpful if we had electronic records and real-time monitoring of prescriptions. There would be much less repetition of pathology results and imaging techniques. I don't know how many times I've seen patients who've come along and said, 'I had a blood test a month ago', or three weeks ago, and you say: 'Where was it done? What pathology?' They don't know, and that often leads to repetition of results. This would stop if we had adequate electronic health records. Genetic disorders associated with complex difficulties and abnormalities that can be important to prescription of different medications would be on the electronic health record and would be of enormous benefit. Lastly, there would be a huge benefit in population based research using electronic health records that were de-identified—so, enormous real-world benefits of this scheme.

It should have been clear to the minister and to his advisers, however, that moving from an opt-in to an opt-out system might create some disquiet. But digital health records accessible from anywhere in Australia with access and content controlled by the health consumer are clearly a massive plus for patients, health providers and taxpayers. Unsurprisingly, despite the brewing controversy and continued in-principle support for the scheme, this was reaffirmed at the 3 August meeting of the Council of Australian Governments health ministers in Alice Springs. At that meeting health ministers, including those representing the Labor states and the two territories, unanimously reaffirmed their support for a national opt-out approach to the My Health Record. Jurisdictions noted clinical advice about the benefits of the My Health Record and expressed their strong support for My Health Record to support patients' health. Ministers acknowledged at that time some concerns in the community and noted that 'actions proposed to provide community confidence, including strengthening privacy and security and providing better education about My Health Record', was appropriate. My Health Record is almost unanimously supported by the medical profession, provided that we can get the security settings right. About six million Australians had a digital health record at the time this bill was introduced, and 13,000 health providers have participated in the scheme. The bill itself is about further guaranteeing the strength of health records and the privacy of those who choose to participate in the scheme.

Unfortunately, public confidence in the scheme has been shaken by a lack of education, a lack of support for medical professionals and for hospitals, both public and private, and a lack of support for consumers themselves. Public confidence has virtually been destroyed. We need to know that information that has been compulsorily collected under My Health Record cannot be accessed by not only law enforcement agencies without subpoena or judicial review but other agencies. In fact, my belief is that the question, 'Can we view your My Health Record?' which some employers or some insurance companies want to ask, should not be allowed to be asked, and provision should be made for that, otherwise people will lose confidence in the ability of the My Health Record to store their information securely and privately.

We must also require the My Health Record system to permanently delete from the relevant database any health information about a healthcare recipient who has cancelled their My Health Record. That is, if they've opted out of the system, they need to be guaranteed that that information will be permanently deleted. There must be an option for them to reconnect in the future if they want to, but that should be up to the consumer. What really is at issue is the way in which this government has singularly failed to reassure the Australian public and healthcare providers that the data held by healthcare providers won't be used for purposes outside the scope of the original scheme, which was to improve access to a patient's healthcare information for their benefit and no-one else's. You don't have to take Labor's or my word on that. The one thing that the member for Goldstein did say was that security needed to be improved.

The parliamentary process has the ability to restore some of the public's faith in the My Health Record that has been lost by the government's complete incompetence and bumbling. Regrettably, that's also now been put at risk because the government seems so hell-bent on rushing to debate on this bill. It seems less concerned with getting things right than it does with clearing the build-up of political barnacles and impedimenta it has acquired for itself over its five long and poorly productive years in office. The bill was presented to this House on 22 August and, on account of the elevated level of public disquiet—similar to what had happened with the NBN, the census and robo-debt—it was referred to the Senate Community Affairs Committee on 23 August. We know that submissions have been sought and that it's scheduled to report on 8 October. Why couldn't we wait until we get the Senate report? As of today, the Community Affairs Committee has not even begun its deliberations on the bill. I expect both the Senate Scrutiny of Bills Committee and the Parliamentary Joint Committee on Human Rights will want to examine the bills as well and will do so with their usual speed and expedition. So, to make a simple point, we really should not be having this debate now. We should be waiting until the relevant committees have discharged their respective duties and reported back to the parliament. None of that should take long. Given the vital importance of reinforcing public trust on this issue, we would be best advised to leave this debate until the mid-October settings. By then, even if we have not had time to digest the Community Affairs Committee's report, we will at least have had the opportunity to look over the submissions put to it by interested parties, community groups and the medical profession.

The government, unfortunately, didn't do its homework. It didn't take the public into its confidence and has not taken the medical profession into its confidence, and the government's decision to move from Labor's opt-in model to the opt-out model has been a very dangerous thing to do. It has now given a force of compulsion to joining, and I think that's something the government will regret. In fact, I think they should leave the opt-out time open ended, at least until the parliament has had proper time to scrutinise the Senate committee's report. The health benefits of the My Health Record outcomes are so substantial that the government should be keen to get as many health consumers as possible on board. The community concerns are by no means baseless. Some will recall the ABC 7.30 report on the significant number of data breaches by the big banks. We've already heard about Medicare data breaches, and this should raise awareness of the importance of keeping the data safe. The government has had a number of tactical withdrawals on this, again because of their poor homework and their lack of understanding of health care.

There are huge benefits from the My Health Record. I refer the parliament to the July episode of my favourite ABC show the Health Report, hosted by Norman Swan. In addition to the benefits I mentioned earlier, there are other benefits, such as those listed by Professor Louisa Jorm, the director of the Centre for Big Data Research in Health at the University of New South Wales. These include the reduction of waste, the reduction of over-prescription of medications, the overuse of scans, the overuse of pathology and keeping better quality records. The My Health Record, I'm sure, will be of huge benefit to the Australian healthcare system, but that we need to get it right from the very beginning. We need to reassure people, we need to spend much more time educating both the health professions and the general public about the benefits of the healthcare record, and we need to provide reassurance about the safety of data.

People living in rural and regional Australia, especially, want to know how their data is going to be better used. On the Health Report on Monday, 6 August there was an interview of rural GP Dr Ewen McPhee. Like Dr Swan and most of the medical profession, Dr McPhee said, 'I'm a My Health Report fan and will be staying in and not opting out. Australia has been a world leader in the linkage of medical records.' To quote Professor Jorm:

I think we're actually one of the leaders in the use of routinely-collected administrative health data. Not so much for this type of study however, much more so for areas like pharmaco-epidemiology, studies of the outcomes of use of medications, for health services and health systems research, because there's been a strong tradition in Australia of health data linkage. We have been a leader. We need to be moving awfully fast now though, to make sure that we remain in that position.

That position being a leader in public health care around the world.

We need to continue with our electronic health record progress, like many other countries already have, such as Norway, the Netherlands, the United Kingdom, New Zealand, Germany, parts of the USA, France, Canada and Switzerland. Australia has led in health care and this will be another major leader in the provision of health care for all Australians. I'm a strong believer in the My Health Record system. We must get it right from the beginning. I'm hopeful that we can do this. I await with interest the Senate committee's report. In my own practice I will, I'm sure, see huge benefits from keeping electronic health records and the connection between my patients, myself, the local hospital and other providers of health care in the community. But we must get it right first. I think this should be bipartisan, without question. Unfortunately, the government has made a complete mess of the rollout of the My Health Record and I urge them to do better. Indeed, I will support them in their efforts to make it better.

6:08 pm

Photo of David GillespieDavid Gillespie (Lyne, National Party) Share this | | Hansard source

It is my pleasure to rise in support of the My Health Records Amendment (Strengthening Privacy) Bill 2018. The bill will amend the My Health Records Act 2012 to strengthen its privacy protections and will once and for all remove any doubts as to how seriously the coalition government takes the security of information that is stored in the system.

Before I proceed, I would like to remind members of the House and the broader Australian public of the history of the Personally Controlled Electronic Health Record, now known as the My Health Record. It was a creation of the former Labor government and it has been in place since 2012. Before the opt-in system was changed to opt-out, six million people had enrolled in it. I might add the very important fact that in that time no law enforcement officer or judicial process had sought access to the system.

I understand that the change from an opt-in to opt-out system caused a flurry of excitement and generated a flurry of outrage and fear. It's surprising that most of it was generated from my colleagues on the other side of the House. In 2015, when the bill changed the name to the My Health Record and put in place regulations to change from an opt-in to opt-out system, that was supported by the other side. It has been through the Senate before. The very essence of the My Health Record is to enable better health care: to allow the avoidance of drug allergies, to know serious illnesses and to have the important operations and events in a person's record available when they're seeing other health practitioners besides their regular health practitioner.

I might add, to reassure people on the other side, that there is a certain level of very, very high security in the system already. One has to get access through the myGov site with a unique username and password. There is then a one-time generated PIN, or personal identification number, that is then required beyond that. A medical practitioner will be accessing it; a random person can't do that. You need specially embedded software and, again, it has to be compatible with the system that the Digital Health Agency runs. They need to have a compatible ID, username and password. Similarly, they need a PIN. The extensive original documents reside with the primary practitioner or the person who enrols you. Other practitioners have to go through that process with your approval to get the information.

In a situation where there is an emergency, this very creation—which everyone here supported in a bipartisan fashion back in 2012, and as the good member for Macarthur has pointed out—will improve safety, will improve efficiency, will prevent duplication and will prevent critical information from being lost in emergencies. It's only used in a break-the-glass situation, where there is an emergency. Say you get wheeled into the Royal Canberra Hospital with some major event and your practitioner is up at Moree or wherever, and they can't get on to her. They then have the ability to get into the system, but that would trigger the Digital Health Agency inquiring who is accessing it. The repository of all your fine details, and every blow and change in your history resides, with your main practitioner. But the My Health Record becomes a repository of key health information, whether it's pathology tests; medications; operations; most importantly, your allergies; or whether you want to be an organ donor or not. It is a very useful tool.

Now, as I said, and as the member for Goldstein outlined, we are fixing up a lot of things that weren't sorted out when it was originally designed. As I said, that was when the other side was on the government benches, so they can't get too rich in their criticism of it. We're fixing problems that the Labor Party left behind time and time again. It gives the user and the owner of the information, which is the patient, the ability to remove details completely or add details. It has the ability to be locked, of course. It has the ability to give permission to use de-identified data for research. The power to delete has been changed, in these changes in these amendments, so that you can actually delete it forever. Under the old regulations, it could be deleted; but it wasn't erased. It will be a great addition to the security and the strength of everyone's privacy concerns.

Like many other people in the chamber, I support the initiative. I must admit it has had a very long gestation, and there's been an awful amount of public money put into developing it. I don't think it's efficient to go back to square one and start all over again. That would be ludicrous, crazy and a waste of money, but these amendments to the bill do address all those privacy concerns. We'll be left with a very robust system. People can still opt out of it if they have a philosophical objection to it. By all means, go and do that. I think it will just be great, because everyone knows Australians are great travellers and we go all around the country. As you all know, grey nomads in caravans as well as families and children are travelling all over this country because we love exploring and we love doing things. But accidents happen. Just the other day, I was in a car accident in a remote part of Western Australia with my wife. The bus rolled over, and some of our fellow passengers had to go off to hospital. Fortunately, there were no serious injuries, so everyone could verbally give their record, but I thought, 'It's pretty much time for me to get back to my GP and update everything in the system for me in case I do end up in a strange hospital in Derby where no-one knows my history.' It is such a good idea, and these privacy changes will increase the robustness of it.

I will make a few final comments about the member for Ballarat's concern about someone fleeing a violent situation. You have the ability to delete or block access; you have your username, your password and a PIN. In such a case, that person should be advised to go in and deny access. They should use the system that's already there, so that the estranged or violent partner, who is possibly legally separated or has an AVO against them, can't trace them through it. But it's very hard not to support this. I can follow the philosophical objections and the concerns raised by changing from an opt-in to an opt-out system, but, all in all, everyone can exercise their rights. They've got until November at least. Reports from Senate committee inquiries will be tabled in due course, but, for the time being, I want to reassure the people in the Lyne electorate that it is a very robust system that has been in place for six years and they're in good company with at least six million other Australians. I wouldn't throw the baby out with the bathwater. It is a great system and a great innovation, and it will deliver good health outcomes for the broader Australian public and for individuals.

6:17 pm

Photo of Chris HayesChris Hayes (Fowler, Australian Labor Party) Share this | | Hansard source

I agree with much of the contribution of the member for Lyne. I have respect for him as a practitioner, as I do for the other medical practitioners in this place. The interesting thing about those medical practitioners is that they all seem to have a very single view in terms of the My Health Records system and why it is important.

I'd like to make a short contribution in relation to the My Health Records Amendment (Strengthening Privacy) Bill 2018. We should say from the outset that Labor will be supporting the passage of this legislation. However, we will be seeking two amendments to help strengthen the privacy arrangements underpinning the My Health Records system. There is no way that we would prevent positive legislative changes occurring, and we think what this bill does is necessary to give individuals a better choice and control over their health information as it's shared.

As you're aware, there has been a fundamental change in the scheme. It's moved from being an opt-in scheme to an opt-out scheme, and many, many changes in dimension occur as a consequence of that. We will not let the government get away with thinking that this is now all about changing a scheme that was problematic. About six million people have already opted into that scheme, and they opted in for a very good reason. When the government changed it to an opt-out scheme, that changed significantly the impact of the scheme itself. What it has shown is that the government failed to properly communicate with the Australian people, particularly in relation to security and privacy issues. They were not capable of competently implementing their new arrangement, that is the opt-out approach, and as a consequence there was much concern and much fear within the community.

There's no doubt that the e-health system can deliver tangible healthcare benefits. Not only does it save cost through fewer diagnoses and treatments, and save on prescription errors, as a matter of fact it saves lives. I have heard some commentators speak about how if they have an accident, or if they need access to medical treatment, they reserve the right to tell the treating medical officers the information that they believe they should have at their disposal.

It was only, as you might recall, in February last year that I had my own incident, which was a major motorcycle accident. Lying on the side of the road, quite frankly I was certainly not in a position to communicate with anybody. I was absolutely in a world of pain having broken eight ribs, lacerated a spleen, broken a knee, broken arms and a few other things that went along with it. The fact is, by the time I reached the hospital here in Canberra, the treating medical people in the intensive care unit had access to all my information.

One of the things that I and my family did was, when we had the chance, we opted in. We opted in, not because I had any concern that someone was going to share my medical information, but because I always thought, 'Just in case something ever happened and you weren't in a position to go out and talk about your concerns—what my allergies may have been and other issues like that.' In my particular circumstances that was something I could not have done.

I think the member for Lyne spoke about being involved in an accident not that long ago in Central Australia. We don't plan for accidents. We don't plan for these sorts of things to occur to ourselves or our families. But when they do, we want to know that we will have access to effective, efficient medical treatment delivered in a professional manner. I was so glad that I had just about all of my medical information on e-records, which was able to be accessed by the physicians at the Woden hospital when they treated me.

Ours was an opt-in system and as a consequence we took the decision to be part of it. We did that in a very positive way, not knowing what the outcomes might be in events into the future. Now that it has been moved to an opt-out system most of the discussion has been around security of the information, how privacy settings would be treated, which has, unfortunately, taken the argument away from the very underpinning aspects of the My Health system, and that is ensuring that we have that information available to treat people in an efficient and effective way at a time when they most need it.

The government must admit this, they have had a very poor record on being able to communicate the changes in this scheme. It's been, at best, you'd have to say a botched rollout. They have not been able to engender the confidence of the community, and probably little wonder—just look at their record when it comes to information technology privacy and security. We've seen the botched rollout of the NBN, the NDIS and the robo-debt debacle. No wonder people get a bit concerned when this government says, 'Look, it's now all opt-out'. By the way, the last thing we want to do is have people feeling so threatened by this and en masse opting out. That would be deleterious not only to our national health system but for people. We need to be more positive than that.

These changes that have been posed in this legislation are much needed and I think they go some distance to satisfying the criticisms that have been made. The bill is amending the ability for law enforcement agencies to access the information other than through a court order and also prescribing the procedures that a judge or other judicial officer would have to go through before making that information available—for instance, making sure the information is necessary and not available through other sources. I think that is a step in the right direction. The bill also provides specific exemptions to the Attorney-General, the Ombudsman and the Information Commissioner from necessarily having to obtain those court orders. Their access to the information is for vastly different reasons and those exemptions make significant sense.

But the other aspect of the bill is that it makes a change to the permanent deletion of health information for those who want to opt out. I really would encourage people, particularly families, to think long and hard before they decide to opt out. But, if you want to opt out of the system, I guess it is only right that those records be deleted. Under the current system, if you were going to opt out of the system or decided that you did not want your records used, they would be locked down and retained for a period of 30 years after your death. In terms of satisfying the criticisms that have been made of this legislation, those two amendments contained in this bill are much welcome and should go a long way towards alleviating the concerns that many have raised in respect of the privacy and security of the My Health Record system.

It is also for these reasons that we are seeking to refer this bill to a legislative inquiry in the Senate. We think it is appropriate to have vigilance applied to this for people to feel free and able to put their concerns forward and so the government's in a position to properly deal with them. I think this is also a way of satisfying that there are appropriate checks and balances being incorporated to safeguard the security and privacy of all Australians in relation to the My Health Record system.

At this stage, as I say, we are moving amendments. The first amendment that we will seek is protection from the misuse of the My Health Record in pre-employment and workers' compensation matters. We do not want the information retained in the My Health Record system being able to be requested to be used in any extent in respect to employment. That is not what the system is about and, therefore, we should be guarding against it. We are also calling for amendments to ensure there are appropriate protections against inappropriate uses of the My Health Record system. The member for Macarthur spoke about the issue in relation to family violence. We don't see the perpetrator of family violence being able to use this system as another vehicle to view where a former partner might be currently being treated or, indeed, what the former partner's current location might be. That's not the intention of the system and I think the system should be geared to guard against that. For those reasons, we are moving the amendments indicated by the shadow minister.

It's not only Labor that holds views about the botched rollout of this opt-out e-health system; a number of stakeholders, whether they be medical professionals, academics or civil and digital rights advocates, all share the same concerns relating to privacy. I think it's better for all of us to have those concerns dealt with first and foremost before a Senate committee. On that basis we call on the government to suspend the opt-out period beyond the current date of November until such time as the security concerns have been adequately addressed. I still think it is in our interest to do all we possibly can to support the proper development of the e-health system. I say from personal experience that it certainly worked in my favour. The idea of having a properly configured My Health Record system should be of advantage to all Australians not simply for the efficient distribution of medical treatment but to be there when we need it at a time when we may not be able to speak on our own behalf.

6:31 pm

Photo of Susan LambSusan Lamb (Longman, Australian Labor Party) Share this | | Hansard source

I rise today to speak on the My Health Records Amendment (Strengthening Privacy) Bill 2018. The reason I do so is to stand up for health care for all Australians. I stand up to call on the government to ensure that our healthcare system is the very best it can be. Truly there is nothing more important than our health. That's not only my view; ask the people who have just been to a by-election in Longman how important health care is. They will tell you very loudly and proudly that they have a very strong view that health care is the most important thing.

Any good representative always prioritises what's important, but unfortunately that cannot be said for the new Prime Minister, Scott Morrison, or any of those who make up his government. While the government lagged in the polls for many months under Turnbull's leadership, the solution wasn't for the coalition to change their leader; it was to change their priorities. Until this government starts listening to the people they are supposed to represent about what is important to them, the new Prime Minister won't be any better than the last. If this government listened to what people wanted in their government's priorities, they would hear health care over banks, but instead this government wasted months trying to give multibillion dollar handouts of taxpayer money to banks.

Let's not forget that this government fought tooth and nail against holding a royal commission into the banking sector. In fact Prime Minister Scott Morrison voted against it 26 times. He ignored what the people of Australia were calling for and sided with the banks over everyday Australians 26 times. Instead of wasting time sticking up for the banks Prime Minister Morrison should have been working on ensuring our healthcare system is the best it can possibly be. He could have started by putting back the $2.9 million he ripped out of our local Caboolture Hospital, which would have huge positive outcomes for the people in my area.

He should have also taken more care with the rollout of the My Health Record system. This is a truly significant step towards modernising the way medical experts access patient records. As with so many other important steps forward that this government has taken, though, Labor has led this change. When we were last in office we began formulating the delivery of an electronic health record system. Implemented correctly by a government that truly cared about health, an e-health system could deliver tangible healthcare improvements and significant financial savings through fewer errors in the diagnosis, treatment and prescription process, but this is not a government that cares about health.

Labor had a plan. We were working on an opt-in system that we saw to be the right approach. It ensured that anyone who participated had to give informed consent. They had to want to be part of this. But for whatever reason, and I'm not going to even try to think about what reason that was, the government changed that. They turned instead to an opt-out system. The thing is that this government has never really explained why they've made this change. Maybe they have a reason. I can't speak for them; I don't know. But that's exactly what the issue right here is: we just don't know what that reason was. If there is in fact a justifiable reason for this abrupt change to an opt-out system, then all the government has to do is share it. What is it? Justify it. What is it? They owe it to the people of Australia. They use it to the very people who use this system, the very people to whom this government is supposed to be accountable to. It really does raise eyebrows about what this government's focus really is.

The government doesn't have the very best record when it comes to privacy and personal security. We have seen inexcusable failings time after time. Now, no-one has forgotten that last year, under this government, there was a serious breach where private Medicare data was being sold on the dark web by fraudsters. I actually remember that day. We were holding a press conference in my seat of Longman with the shadow minister, Linda Burney, when this news broke. I do remember that day very, very clearly. But to make matters worse, the department—under then minister Alan Tudge—knew about the shocking breach, but refused to let Australians know that their data was at risk for weeks and weeks. I find it just appalling, just disgraceful, that that information was known but not shared. Though this was clearly a huge embarrassment for the government, they have absolutely no right to hide their failings from the Australian public when it comes to the public's own data.

Of course, that wasn't the only recent breach of sensitive personal data that has occurred under this government. In fact, just in the past few months, we've also seen breaches of Centrelink data, as well as serious flaws in the online portal of the NDIS. What makes things worse is that this government had been aware, again, of a breach of the NDIS's security. They had known about the security risk for over a year and a half, but refused to take any necessary steps to fix it. Time and time again this government have let Australians down when it comes to their privacy and the security of their very sensitive and personal data. With this sort of track record, I find it hard to think there would be any Australian who would have any trust in this government when it comes to something as important as the roll out of the My Health Record system.

Labor holds a number of serious concerns with the My Health Record system in its current form, and we're calling on the government to fix them. This bill may address two of these concerns, but there are more yet remaining. The concerns that this bill seeks to address are certainly important—I'll give it that—and in all honesty should not have ever been written in the act to begin with, but this bill does seek to address them. I will acknowledge that.

Firstly, this bill amends the act to require a court order or a consumer's express consent before any health information from their My Health Record is disclosed to a law enforcement agency or another government body. This was a glaringly obvious omission from the original drafting of the act. A person's personal medical information should not be something that is readily available for a government employee to access, so this is a very welcome amendment. However, for whatever reason, the government has exempted the Auditor-General, the Ombudsman and the Information Commissioner from the requirements of this amendment. Perhaps this is necessary; perhaps this is not. We'll test this in a Senate inquiry to seek some certainty. I look forward to reading the report from that inquiry so that we can be confident and certain around this exemption.

This bill also amends the act to require the permanent deletion of all health information for all consumers who opt out of the system. In its current state, the act dictates that the My Health Record system should retain all information, albeit in a locked-down state. This just makes no sense. The government has turned the system from an opt-in system to an opt-out system but, in doing so, the government has also made it impossible to truly opt out of this system. These are both amendments that strengthen the act and add some much-needed integrity to the government's My Health Record system.

Again, I raise that there is still more that needs to be done. There are still a number of remaining concerns with the system that the government simply must address. For example, what is really troubling is that this legislation still has done nothing to address the serious concerns that the My Health Record may risk the safety of women fleeing abusive partners or of children needing privacy from non-custodial parents. Advocates have flagged that, in its current form, the My Health Record system could conceivably be used by some persons with intentions to track the location and treatment of vulnerable people. Obviously, this is deeply worrying and should be rectified immediately. So it begs the question: why didn't the government do that when they were drafting these amendments?

Another suite of concerns that the government should have addressed have been flagged by working people, by their unions and by legal representatives. They recognise that the current legislation opens the door for the mistreatment of workers by way of discrimination on the basis of their health, be it physical or mental, as well as their disability status. This discrimination could potentially come in many forms. In a submission from Maurice Blackburn Lawyers, it was flagged that a new employee may be required to provide access to their My Health Record to a doctor conducting a pre-employment assessment. Even if a particular ailment or disability has absolutely no impact on a person's ability or capacity to work, it provides another avenue for unscrupulous employers to discriminate.

Maurice Blackburn further flags that, in somewhat similar circumstances, employers may gain access to workers' data during workers' compensation claims. It's already difficult enough navigating through what can be quite an aggressive insurance environment, and allowing employers and insurers access to this sensitive data, particularly when such information may be wholly irrelevant to the claim at hand, seems like very dangerous territory.

I'll also pick up that Maurice Blackburn further notes that their concerns could have flow-on effects, with people becoming unwilling to discuss health issues, particularly those with relation to their mental wellbeing, for fear of future consequences. People should feel free, very confident and safe about going to their doctor—safe to disclose anything at all that they think is necessary. Making it possible to undermine the comfort of confidentiality is serious and deeply troubling. In fact, in effect it could see the My Health Record doing more harm than good.

Labor remains of the view that the government should suspend the rollout until these concerns have been fixed and, as I mentioned, there is an inquiry at hand. I'm looking forward to what that report uncovers, ventilates and exposes. I think it's wise to wait and see what that report hands down. I'm not quite sure why this government continually refuses to suspend the rollout until those concerns have been fixed. It just seems that they're determined to proceed regardless of any damage it may cause. As I've mentioned a number of times in this speech today, it is serious and it's very, very troubling.

Like I said, we've initiated a Senate inquiry into the rollout. It's imperative that we investigate these concerns in great detail to ensure the system is rolled out effectively and as safely as possible. This is too important not to get right the first time. We must get it right first go. We cannot risk people's privacy, we cannot risk people's health and we cannot risk people's safety.

6:46 pm

Photo of Matt KeoghMatt Keogh (Burt, Australian Labor Party) Share this | | Hansard source

Imagine a world where the government knew your entire medical history and your future job prospects were determined by this, a world where employers and government agencies could go over your head and review your confidential health records without permission. Imagine a world where you could be tracked by an abusive ex-partner through a publicly accessible database of all your medical information ever, a database containing all your medical information which has been put there without your express permission. It's reminiscent of the dystopian world described in the movie Gattaca, not real life in Australia in 2018—yet this is the world we find ourselves in.

The uproar from Labor and the wider public appears to have been heard with the government's acceptance that its rollout of the My Health Record system has been, in a word, appalling. The government's decision to switch to an opt-out model of the My Health Record rather than the opt-in model that was previously in existence has given rise to a number of significant privacy and security concerns that we don't believe have been properly addressed. In addition to this, we don't believe that there was an appropriate community consultation process undertaken in assessing this model, with communication with the wider community being next to nothing.

This bill responds to public anger over the My Health Record scheme by making some changes that Labor welcome, including requiring law enforcement agencies and other government agencies to seek a court order to access personal health records as well as permanently deleting the health information of people who choose to opt out of this system. While we do continue to have strong concerns about the government's implementation of the My Health Record system, we support this bill in the House.

Let's break it down further though, shall we? The My Health Record system has been designed to provide health professionals with a singular central source of health and medical information for each Australian so as to allow them to see any diagnosed condition, medical history, prior tests and pathology outcomes, allergies, treatment regimes, locational information and more. This is incredibly personal information and it could easily be used against someone. Therefore, it is very important that the privacy and security of such information is maintained. At the same time, to improve the medical care provided to a patient where this information could be made available to health professionals, especially during a medical emergency, it would be incredibly useful. However, this isn't the sort of information Australians would expect government agencies, law enforcement bodies, their health or life insurer, their employer or a violent former spouse to be able to get their hands on. This bill amends the act to require a court order or a consumer's express consent in order to disclose health information from their My Health Record to law enforcement agencies or other government bodies. While the government argues this is already its policy, with the number of broken and back-tracked promises—on school funding, ABC funding and a Prime Minister that will go a full term—we want to ensure that this policy, just like the Turnbull-Morrison government's GST break-up, is actually enshrined in legislation.

This bill sets out a range of conditions under which a judicial officer may make such an order, including that the disclosure be reasonably necessary and that the requested information not be already available elsewhere. Further to this, the bill exempts the Auditor-General, the Ombudsman and the Information Commissioner from that court order requirement. While the Liberal government claims that these limited agencies are compelled to ensure the privacy and security of the system, Labor, through a Senate inquiry, will test the relevance and efficacy of these exemptions.

The second element of the bill amends the act to require the permanent deletion of health record information for all consumers who opt out of the My Health Record system. Under the current plan, this information would be locked down but would continue to be retained until 30 years after an individual's death. This raises the question: what happens when a young person wants to get rid of the record their parents set up for them without their consent when they were a child?

While we do support this bill, as it does strengthen privacy protections to an extent, we will continue to liaise with the Senate inquiry and the community to allay further concerns. The inquiry is currently underway and seeks to run a fine toothcomb over the government's plan, and we expect to hear its findings next month. Through the referral to the Senate inquiry, we hope our further questions in relation to My Health Record will be answered.

In addition to this, we will move two amendments to the bill in the Senate, specifically in relation to protecting workers from misuse of their My Health Record information and protecting against inappropriate access to My Health Records. When it comes to protecting workers from misuse of these records, there have been significant concerns raised about access to medical records by health insurers and those assessing workers compensation claims. Unions have told us that they are worried doctors and other assessors who perform pre-employment or workers compensation assessment on behalf of employers might have access to an employee's My Health Record without their express permission or, indeed, even their knowledge. This information could be used to discriminate against potential employees, perhaps on the basis of a pre-existing medical condition that may not even be relevant to the role they are seeking to undertake. Legislating for this confidentiality will be a step in the right direction.

In the same vein, we must ensure that inappropriate access to My Health Records does not facilitate family violence or other unnecessary and nefarious access to and use of health record information. Should these records not be appropriately protected, there is nothing to ensure these records won't be used by perpetrators in family violence situations. For example, in a situation involving children who might be victims of an abusive family situation, what is there to prevent an abusive parent setting up a My Health Record for their child to keep an eye on where they are and what their medical situation is, regardless of their custody agreements? The legal fraternity is concerned that the system provides a loophole for a violent person to create a record for their child without their former partner's express consent, paving the way for these individuals to track down their estranged family's location, something that has been well covered in the press.

Furthermore, while access is intended to be limited to regulated medical professionals where consent is provided, no explanation has been given for how this restricted access will operate in a medical centre or hospital environment. These are places where every registered nurse could conceivably have access, if not other non-medical staff depending on the design of their systems. Nor has there been explanation of how such access is restricted by patient consent. Once consent is given, who else at a centre or hospital may then have access? One of the purported benefits of the My Health Record system is said to be access to medical record information in an emergency, where a patient may be unconscious and clearly unable to give consent. This being the case, the scope for unauthorised and illegitimate access appears almost unlimited. In these circumstances, what stops a nurse from looking up the Prime Minister's medical records for blackmail purposes? What stops an OT looking up his ex-wife's medical records to locate her after she has gone into hiding, fleeing domestic violence? If the government has answers to this, I would like it to provide them.

When Labor drafted a plan for My Health Record years ago, it was intended as an opt-in system, an educated, informed, signed-up process to ensure all participants had provided informed consent to ensure a streamlined medical process. The thought behind this was that e-health could deliver tangible health care improvements and save healthcare costs through fewer diagnosis, treatment and medication errors. But the government's botched roll-out means there has been only minimal take up and it has now decided to make a voluntary, informed consent scheme mandatory.

This bill is a start. But it doesn't go far enough. We believe it won't do much to put to rest the fears of the community on privacy and security. This, after all, is the government that is responsible for the 2016 census debacle. Should Labor form government, we will ensure this bill further legislates for the protection of women fleeing abusive partners and for children needing privacy from non-custodial parents. Should Labor form government, we will ensure that individuals won't be unfairly discriminated against by potential employers or in workers compensation claims. Should Labor form government, we will continue to review the recommendations from the Senate inquiry that are beyond the scope of the present bill. We will assess why the government shifted to an opt-out system, why it communicated this change so poorly, and why the default settings within the My Health Record are what they are. This must be further investigated and under a Bill Shorten Labor government that's what we would do.

This Liberal Abbott-Turnbull-Morrison government's track record when it comes to cybersecurity and privacy are quite frankly pitiful. They botched the roll-out of the NBN and the NDIS, the census failed under them and now we have the My Health Record debacle. This government cannot be trusted to store our valuable health information in a central database. That's already been proven with this roll-out. So, while we do support this bill because it is taking steps in the right direction towards more privacy, the people of Australia can be assured that, if elected, a Bill Shorten Labor government would make sure that it is an e-health system each and every Australian is comfortable with.

6:56 pm

Photo of Joanne RyanJoanne Ryan (Lalor, Australian Labor Party) Share this | | Hansard source

Labor agrees to support the My Health Records Amendment (Strengthening Privacy) Bill because we support e-health and the concept of the My Health Record. However, we have strong concerns about this government's implementation of the My Health Record system. To its core, My Health Records are about trust, and trust is hard-won and easily lost. This bill serves as another reminder of how this government is breaching the trust of the Australian people. That's why Labor has some comfort that there will be a Senate inquiry, and we will act to move amendments in the Senate.

It doesn't take a moment's thought to think of the trust issues around the My Health Record. We only have to go to historical breaches of trust in online systems. For instance, when we first introduced the online system in Victoria we had breaches occurring at local police stations. Police officers lost their positions because of those breaches and the public learnt not to trust online systems.

When Labor was last in office, we began the process of implementing an electronic health record system. Under Labor's plan e-health records were to be implemented under an opt-in system. This is the critical point where the public have now lost trust in this government. This is one of the examples where the public, rightly in my view, ask themselves questions about how far they can trust information that is given into a public space under this government. It goes to the absolute core of this—to the change from an opt-in system to an opt-out system. The public are rightly distrustful of the big brother notion that you must opt-out, that you must take action not to be involved, rather than Labor's original vision, which was to opt-in. Critically, an opt-in system means that a government, a system, would have to convince the public of the value of the system. An opt-out system suggests that the government doesn't care to relay the powerful positives of the My Health Record. Labor's vision had the potential to deliver tangible healthcare improvements and save healthcare costs through fewer diagnosis, treatment and prescription errors.

I still believe that that argument can be won with the public if they are in a system where they understand the positives of an e-health record system. They understand that in our modern world, where the notion of the family GP has changed over time, people are attending clinics and not necessarily seeing the same doctor every time they go to a clinic, and are not necessarily going to the same clinic. People will understand, I believe, the value of an eHealth system if they see that it serves them. Switching it from an opt-in to an opt-out system makes Australians suspicious that the system is designed to serve someone other than them.

This government—the Abbott-Turnbull-Morrison government—is a complete failure in terms of trust and willingness to have a conversation with the Australian people to convince them of the good of this system. The botched rollout has breached the trust of the Australian people. The government has botched the rollout by changing the system from opt-in to opt-out without providing any explanation whatsoever, never explaining why the rollout became compulsory and never bothering to allay fears. The government's mismanagement in its failure to communicate this decision and provide an explanation for the rollout backflip has done nothing but undermine public trust in an important reform. They've failed to allay fears, and this bill does not, in my opinion, go far enough even now to allay those fears. Put simply, this rollout joins the government's woeful track record when it comes to IT security and people's privacy, and the government needs to understand that this is a compounded trust deficit that they are responsible for having developed.

And, although Labor welcomes the extension for the opt-out period, we have to stop and take note that, in this chamber, the member for Goldstein expressed concerns about the opt-out model. Those opposite who speak often and long about freedom of the individual fail to understand the importance of the freedom of the individual when it doesn't suit their agenda. This is how the public now perceives the My Health Record and that is incredibly disappointing. It plays into the broader issue of trust. This government has evolved a trust deficit with the Australian people. They have a terrible record when it comes to trust. People think that politics is broken, and this bill gives them reason. The government has stoked people's fears of the potential negatives, including people other than medical professionals accessing the data, such as insurance companies, prospective employers or law enforcement.

The government has a terrible track record when it comes to trust in the IT privacy space, and this has been brought about by their own actions, their own legislation and their own implementation programs. They have breached trust with jobactive, with most Australians believing that that system is failing. The Centrelink datamatching has caused enormous outcry because of its inaccuracy and because of this government's refusal to acknowledge that the data-matching system was flawed and take appropriate action to fix it. We even had, in that situation, the government releasing personal information about somebody caught up in the robo-debt data-matching scenario. So the government, by its own actions, released data to journalists and then, in relation to My Health Record, said, 'We're changing it from opt-in to opt-out, and bad luck if you don't like that.'

The trust deficit is an own goal for this government. The false robo-debt notices cut deeply in my community, and that is part of the trust deficit. In my community, when I talk to individuals, many were choosing to opt out of this system. We also had the fear of the short time lines for opting out. We had confusion and IT systems not being able to cope with the demand. We had people who wanted to know why, if their records were already there, they couldn't opt out or remove records from the past. On top of that, we had the census failure and a failed NBN rollout. It is not surprising that the public have lost faith in this government and anything to do with their privacy and their information and electronic systems. This bill, although we will support it and will put amendments in the Senate, does not go far enough. It is being driven by public anger. That's what has led to some amendments that are included in the bill that we're discussing this evening.

The requirement of a law enforcement agency to obtain a court order to access records seems, on the face of it, to be a convincing argument—that is, if the public trust the government. Unfortunately, at this stage, the public don't trust this government with their information. The bill also means permanently deleting the health information of people who opt out of the My Health Record, which, of course, the public cried out for. In response to that issue, we welcome this. But, as the member for Perth rightly said, what about the children whose parents sign them up? What will their rights be in the future around opting out and the records that have been developed? I speak to this bill with many locals—people who are concerned—in mind. They may have had a mental health issue in their records that they don't want made public under any circumstance. They value their privacy in interacting with the system and they're terribly worried that this would mean that their son or daughter may not seek the appropriate professional help to get past a mental health issue—'I can't go, mum or dad, because it'll be permanently on my health record.'

These are real concerns of the Australian public, and this government needs to demonstrate that they understand those fears and that they're prepared to change this legislation to ensure that people feel confident about this system. I'm afraid that the first step in that process will mean reverting to an opt-in process where people know they have a choice, where they make an informed choice and where they have the right not to be involved at all.

It doesn't go far enough in protecting workers undergoing a pre-employment or workers compensation medico-legal assessment. I have sat in my office with many constituents who are going through these processes. I've raised issues in this place about these processes. I've raised issues with my state colleagues about the way people are asked to interact with bureaucracies during these processes—particularly people who come to see me who may have had a physical injury and found themselves months later with a mental health injury as a result of interacting with that process. It doesn't go far enough to protect women—or any partners—fleeing from domestic violence situations, where privacy is of the essence. I recently sat with a constituent who, at that point in time, was living in fear because, through a process in the courts, her whereabouts and the whereabouts of her child had become known to a former partner through the release of where that child was attending school. These fears are real for people on the ground, and this legislation does not go far enough to assure them that this process won't leave them vulnerable. It certainly does not go far enough to protect children seeking privacy from non-custodial parents.

These are real issues, but the critical issue is the trust deficit that this government finds itself with. Even good ideas are being doubted by the public. This government has much work to do if it wants to create a system where efficiencies are built in. Labor believes that the My Health Record system is a good system and that the pros far outweigh the cons. I can give you a family example of somebody walking into a chemist shop where there is an e-Health record online and the chemist saying, 'I'm not sure that you should take that medication, given your heart history. I'm not sure that you should be taking that medication, given you haven't been taking your blood pressure medication for the last three months.'

These could be breakthroughs for people. They could result in a much better health system. They could result in efficiencies. They could result in better diagnoses as the health records develop. But, unfortunately, from my point of view, this has now been pushed back. Any future with these positives has become victim to the trust deficit of this government. These are serious things, and they are serious things that this government needs to take into consideration. They need to go back to the drawing board on My Health Record. They really need to determine that they will take it back to an opt-in process until they have the conversation with the Australian public and they convince the Australian public of the positives of the My Health Record. That may take years. But this side of the chamber won't be held accountable for the trust deficit, developed by those opposite, of people who feel that those opposite don't care about their privacy, being able to cite many situations where they feel that that is a truth in their lives.

We won't block this bill in this House because it does go some way. In my view it does not go far enough. In my view most of the members of the public that I've spoken to, most of the community members I have spoken to in Lalor, will choose to opt-out of this system. I think that's a negative in the longer term but it's this government's problem and they need to fix it.

7:10 pm

Photo of Cathy O'TooleCathy O'Toole (Herbert, Australian Labor Party) Share this | | Hansard source

The NDIS, the NBN, the royal commission into banking and financial services, energy, marriage equality and Medicare are just a few of the areas where a competent government could have done much better for Australians. However, what Australians are witnessing is a government that seems to be so focused on their own self-interest instead of taking these critical areas of policy seriously and dealing with them properly in the best interests of the Australian people.

The concept of e-health and My Health Record should be a positive initiative for the Australian people, as access to our health records in a convenient and timely manner is really important. If implemented by a competent government, e-health could deliver tangible healthcare improvements and save on healthcare costs through fewer diagnostic treatment and prescription errors. However, you can now add My Health Record to the list just like the NDIS, the NBN, the royal commission into banking and financial services, energy, marriage equality and Medicare as a comprehensive list of incompetent handling by this LNP government.

Labor began delivering an electronic health record system when we were last in office. Labor's system was an opt-in system, as we thought that was the right approach by giving people choice and control over their health records. The opt-in system gave anyone who participated the opportunity to give informed consent. Now we see that the LNP government has done the exact opposite by creating an opt-out system. People are entitled to choose whether they want to share their personal details or not. This should not be an unsubscribe option in the junk emails one regularly receives, because these records contain people's private medical health records. This is highly confidential information.

The LNP government has simply selected an opt-out system but has never properly explained why or attempted to educate the public about their approach to My Health Records. Their absolute failure to communicate effectively has fuelled many of the privacy concerns Australians have regarding the My Health Record. To be honest, I'm one of those people. I have tried to opt-out. I know how this government has completely botched the NBN and the NDIS, not to mention the absolute debacle relating to the recent census data collection. How can this government honestly think that I could trust them with my health history?

I went to the website to opt-out. I went through the process only to discover that I can't opt-out as my health record was collected in the trial in Townsville and I could not do anything about changing that online. I was given a receipt number and now I'm expected to sit on the phone to talk with someone to arrange to opt-out. The problem is I just don't have the time to sit on the phone waiting to speak with someone to sort out this mess.

LNP members across the floor barely trust each other yet they are asking the public to trust them with their private health records. Australians are frightened to trust this government with their highly confidential medical health records, probably the most personal information that many of us possess. I am sure that I don't trust this government with my health record.

This bill tries to address some of the public outrage and anger. This includes requiring a law enforcement, and other government agencies, to get a court order to access records and permanently deleting the health information of people who opt-out of My Health Record. But these changes don't go far enough, and as such they do little to allay community fears and my own personal fears about privacy and security.

There are two huge issues with the current My Health Record that the Morrison government is refusing to look at, let alone rectify: one being domestic violence and the other being workers' rights. This bill does absolutely nothing to address concerns that the My Health Record may risk the safety of women fleeing abusive partners or children needing privacy from non-custodial parents. This was evident this week when women across Australia in violent relationships seriously feared that their partner would be able to track their hiding place down through their child's My Health Record.

Legal experts have warned that the system provides a loophole for a violent person to create a record for their child without their ex-partner's consent, potentially allowing them to track down their estranged family's location. The Australian Digital Health Agency's default position is to allow those parents access to their children's My Health Records, which could contain information such as a residential address or the pharmacy or GP that they use. Where there is a dispute between separated parents over who can access the child's record, the ADHA will suspend both parents' access to the record until it investigates and decides which parent should have access. This is not a satisfactory solution, as the child's records may be needed in the time they are waiting. But the rigmarole and the time taken to opt out still leaves women and their children vulnerable, and this is simply unacceptable.

Then there are the significant issues and concerns for workers. Workers have raised concerns that doctors who perform pre-employment or workers-compensation assessments may pass health information on to employers, and employers could use this information to discriminate against employees—for example, a pre-existing medical condition preventing a person from getting a job. Maurice Blackburn have said doctors who examine employees have access to their medical health records unless the worker changes their privacy settings. Maurice Blackburn has stated:

… it is very clear that a doctor performing an assessment for an employer or insurer could access My Health Record without there being any further consent process.

Right now we have a royal commission into banking and financial services that is examining insurers. With the evidence being heard, how many in this place or across Australia honestly feel that they can trust an insurance agency, especially with their medical health record? Little to no-one, I would suspect.

If you are a fly-in, fly-out worker working in the mines, where you're required to undergo medical testing; a transport worker who is claiming workers compensation, and you are required, as part of the process, to undergo a medical examination; a pilot; a train driver; a truck driver; a heavy-machinery operator; or in certain trades, then the LNP government's My Health Record should scare you. Your privacy is potentially at risk and open to your employer, open to other insurers and potentially open to third parties. Don't think that an insurer won't try to wriggle out of a claim because of the information contained in one's medical history or that an employer will be so gracious as to ignore your medical history if you're trying to apply for a job that requires medical testing, because, quite frankly, they won't. These are serious and genuine concerns, and the LNP Morrison government should suspend the opt-out period until these and other issues can be thoroughly addressed.

Labor is supporting these measures but more must be done, and Labor will be referring it to a legislative inquiry in the Senate. The Senate inquiry will test whether this bill adequately responds to privacy and security concerns and will develop possible amendments. After numerous demands from Labor, the Senate has also agreed to Labor's proposal for an inquiry into the My Health Records system as a whole. This will focus on elements of the system that are beyond the scope of this bill, such as the government's decision to shift to an opt-out system, its communication of this fundamental change and the default settings within My Health Record. The LNP government has a woeful track record on IT security and privacy. This is the same government that completely and incompetently managed the census data collection. This is the same government that gave us the Centrelink robo-debt debacle. There are way too many ifs and too much bad history for me to trust this LNP government with my medical history. It is not a matter of if but a matter of when the data will be breached. The best possible system must be in place, and we are all very concerned that this will not be achieved under this LNP government. The Australian people deserve a quality system when it comes to digitally securing our health records, and it is only a Labor government that will deliver this crucial outcome. For all of us, there is nothing more important than the security of our health records.

7:19 pm

Photo of Susan TemplemanSusan Templeman (Macquarie, Australian Labor Party) Share this | | Hansard source

I'm very lucky that, for the last 25 years or so, I've had the same GP, so my health record is already held in a single place. He can tell me which year it was I started having flu shots and when my pap smear is due. If everyone had that situation and, touch wood, good health, we wouldn't even be worrying about a digital health record. But people do change doctors, they have complex conditions, they move through different hospitals and they don't stay in the one place. Anyone with a chronic illness knows what it's like to get to a new doctor and have to give your medical history. It's pretty awful if it's a chronic or episodic mental illness. There are often so many parts of that story to tell.

So, in theory, I think a digital record of your medical interactions and results is a fabulous idea. But why is it that I have so little confidence in the reality of it as we see it today? And it's not just me. Dozens of my constituents have written to me about their concerns and their frustrations—their frustrations particularly in trying to cancel their My Health Record. While July this year marked the launch of the three-month opt-out period for the My Health Record in my part of the world, the Nepean Blue Mountains region, which covers the electorate of Macquarie, most people already had a My Health Record. So, most people in the Blue Mountains and Hawkesbury were given a My Health Record as part of the 2016 opt-out trial. Unfortunately, very few people realised that they had one. They found out only when they went to opt out of the current system. And what they found was that they couldn't. It was a painful process to identify that they had to actually cancel their record, not opt out.

I'm going to let you hear how Elizabeth described her experience. She says, 'I called the help line as instructed, and the first call centre person took all the information about me and my children multiple times and then pressed "validate" to finalise and said it was taking a long time and put me on hold. Fifty minutes later the second person took only my Medicare number and then told me I could not opt out, as a record had already been created for me.' And as she wrote this email to me she said, 'I am on hold for the third call centre person to find out why two people saw different information results, and they have completely forgotten I'm even here. It's been an hour and a half.'

Now, she wasn't alone. I had many similar emails and calls for help to my office. Once we identified that you had to cancel a record, people were also furious that they actually couldn't completely get rid of the data already there, that it could only be archived. This amendment fixes that problem, and we welcome it. But it doesn't go far enough. We don't believe that any of the changes do enough to allay the community's fears about privacy and security. There are many examples, but this bill does nothing to address the concerns that the My Health Record may pose a risk to women from domestic violence with their children and that the children's health records, linked to both parents, can be used to track visits to pharmacies or doctors. So, that is one area that needs to be addressed.

Workers have also raised concerns that doctors who perform pre-employment or workers compensation assessments may pass on health information to employers and that employers could use that information to discriminate against the workers—for instance, on the basis of pre-existing medical conditions. That's another area that, understandably, unions are very concerned about and union members—in fact, all workers all who know they will have to go through a medical assessment. We remain of the view that the government should suspend the opt-out period until these and so many other issues can be addressed. We are supporting this bill in the House, but the fact that it is going to an inquiry in the Senate will hopefully provide some reassurances for people. That will really test whether the bill adequately responds to the privacy and security concerns and, I would expect, develop amendments around them. While we will support this, we have grave concerns about it.

I think it was summed up really effectively by another email I had, from Paul Bailey, from Winmalee, who wrote to me in detail about the range of concerns he has. Like me, he agrees in principle with a system that can be accessed anywhere, but he worries about the security. He specified his concerns about mental health and about women's issues, like information about abortions being accessible. He also highlights the privacy issue. He says that 'nearly every IT person has said that privacy safeguards are nowhere near as safe as the government states'. He wrote that he is no computer expert but that he would take their advice. He says that, after the debacle of the census last year and the so-called robo-debt problem, which showed that some welfare recipients owed thousands of dollars in debt when in fact they didn't, he has no faith in any government's computing system. He had three attempts to opt out and was put in a loop saying he was unsuccessful but wasn't told why. This is a classic example of the sorts of experiences people have had—and those on the other side wonder why there is so little confidence in this. This government has had a shocker of a record on IT security and privacy. They have botched every system they have tried to roll out, including the NBN, the NDIS, their shocker of a census and the robo-debt mess, and now they've stuffed up My Health Record.

I'm assuming a lot of the consequences we're talking about were not intended by the government. I point to another one that has been raised—that is, parental access to information about their teenage children. Unless children know that they can de-link their parents, their information is going to be accessible. You want your teenage children to seek help for mental health issues or around sexual health. If they know that their parents are going to get an alert every time that happens or be able to see those records, you are putting into the system a disincentive for young people seeking medical help. I'm sure that isn't the consequence this government intended, but that's what we're being warned is going to happen. Unfortunately these unintended consequences seriously undermine what might have been a useful system.

I also mention the amendment to this bill, which is absolutely a step in the right direction, to ensure that a court order or a consumer's express consent is required in order to disclose information from their My Health Record to law enforcement agencies or other government bodies. We absolutely support that one. The government argues that it's already the policy, but legislating for it is a safer bet. It is wise to have a range of conditions under which a court can make such an order, including being able to demonstrate that the disclosure is reasonably necessary and that the requested information is not available from another source.

The amendments being put today are sensible; they simply don't go far enough to restore confidence. It will take a long time for the community to have confidence in this system. While there are huge potential advantages for people to be able to access a record that was created in one state and delivered on in another, which could save someone's life, the real concern is that the government has not done the work needed to put in the safeguards this sort of massive change needs. As a parent I can see huge advantages in the ability for my children to digitally access those records wherever they are; unfortunately I'm not sure they will want to have a My Health Record. They may well make a judgement that the risks are too great. Many people seem to be making that judgement. That in itself undermines the system and everything this health record is meant to do.

The bottom line is it can't be done without trust. I just don't see that the other side is doing enough to rebuild the trust that has been so badly damaged by the current botched rollout. It's very easy to lose trust—you lose it in a nanosecond—but to rebuild it is going to take time and significant evidence from those opposite that the issues people are raising and will raise when the Senate looks at this legislation are going to be taken seriously, not dismissed and thrown away. If people are told, 'Don't worry about it; trust us,' they won't unless they see real evidence that this government is serious about a system that has the integrity to protect people's privacy. We know that the majority of health workers who access this system will do the right thing, but it will take only a very small number of breaches for an entire country to lose their trust in a system that should be saving lives.