Carol Brown (Tasmania, Australian Labor Party, Shadow Assistant Minister for Infrastructure and Regional Tourism) Share this | Hansard source

I rise to speak on the Human Services Amendment (Photographic Identification and Fraud Prevention) Bill 2019. This bill seeks to amend the Human Services (Medicare) Act 1973 to include a requirement that photographic identification be present on Medicare cards. Senator Hanson states that this is to militate against fraudulent use of a Medicare card by someone other than the person to whom it is allocated. As a matter of principle, Labor will support considered and sensible measures that address Medicare fraud.

In considering this support, it is important to be clear about whether fraud is occurring presently; if it is, how that fraud is occurring; whether this bill will have the effect of addressing fraud, if, indeed, fraud is occurring; whether what is proposed in this bill is the most effective way of achieving the outcome of addressing Medicare fraud; the financial impact of the proposed changes; the impact on individuals, especially as it relates to their privacy; the impact on providers, especially medical practitioners, psychologists and others who bill to Medicare; and the government's capacity to implement any proposed changes. The impact on privacy is especially important, and I will go into this in more detail later. The red-tape impact of the proposed changes must also be considered. Finally, it is important to consider any unintended consequences of the bill.

There are a huge number of Medicare transactions every day. According to the Australian Medical Association, there are 45,000 provider interactions with Health Professional Online Services every day, and an estimated 27,000 HPOS confirmations of Medicare details; and, in the last year, 148.8 million GP services claimed against Medicare. The AMA said in 2017:

There is no evidence of a systemic problem and no evidence that patients' health information has been compromised.

From the outset, it should be noted that there are additional ways that a person's identity can be verified through the use of their Medicare card. In 2011 Medicare cards were added to the Attorney-General's Department's Document of Verification Service, DVS. To quote a government report from 2017:

The DVS is a secure, online system that enables user organisations to match information on a range of evidence of identity documents against the corresponding record of the document issuing agency. In addition to helping to strengthen the integrity of Medicare cards, the DVS provides a government-endorsed method for their verification, including for private sector organisations such as banks and telecommunications providers which have legislated customer identification requirements. The DVS operates 24 hours a day and can provide verification of identity documents within seconds.

Medicare cards are now the second most commonly verified document through the DVS: during 2016-17 around 4.6 million or 15 per cent of all DVS transactions were conducted using Medicare card data. More than half (55 per cent) of these checks were conducted by the private sector.

This detail is worth knowing, in the context of the significant changes proposed in this bill.

We also need to consider the practical consequences and, potentially, unintended consequences of what this bill proposes. One obvious implication that must be considered, in the context of the changes this bill proposes, is that for many families it is not just an individual but several members of a family on a Medicare card. The practical consideration of having current photos of children as they age or shifting to individual cards, to avoid having many photographs on the one Medicare card, is something that would need to be explored, in detail, if this proposal were to be given serious consideration. This alone would preclude this bill from being agreed to in its current form. As I said at the outset, Labor will support sensible measures to address Medicare fraud. But there are many actual and, potentially, unintentioned consequences, where this bill would affect that need, to be considered in proper detail.

Accordingly, in considering changes of this magnitude, a process ought to be established that allows all affected stakeholders to provide their input into the proposal and for the government to thoroughly examine all of these issues. We can, therefore, look to what has been considered in the past, when similar questions and proposals have been considered. There has been a significant body of work done quite recently into the proposal raised in this bill. In July 2017 the government commissioned the Independent Review of Health Providers' Access to Medicare Card Numbers. The purpose of this review was:

… to consider the balance between appropriate access to Medicare card numbers for health professionals and the security of patients’ Medicare card numbers.

It was in response to media reports that Australians' Medicare data had been breached and was available for sale on the dark web. The review was chaired by former Secretary of the Department of Prime Minister and Cabinet Professor Peter Shergold; the president of the Royal Australian College of General Practitioners, Dr Bastian Seidel; then president of the Australian Medical Association Dr Michael Gannon; and Dr Kean-Seng Lim, deputy chair of the Australian Medical Association Council of General Practice.

This review made 14 representations, informed by presentations and written submissions from professionals and community and consumer organisations. The recommendations covered the specifics in this bill, such as whether photographic ID or some other form of security, like a hologram, should be on a person's Medicare card. The review panel also considered whether a person should have to provide a secondary form of ID when they first attend a health service. There were a number of significant groups that were opposed to this proposal, which I will come to later.

Of particular relevance to the proposal raised in this bill is the review's observation that for some groups their Medicare card is their principal source of ID. The National Aboriginal Community Controlled Health Organisation submitted to the review:

Many of our Aboriginal patients use their Medicare card as their only form of identification – many do not have a Drivers' License or a Proof of Identity card. If this was no longer available for use as a form of identification, this would make access to essential welfare services extremely difficult for our patients.

To also quote the review panel directly in response to this, they say:

It is the Review Panel's view that any measure taken to prevent Medicare cards being used as a recognised form of secondary evidence of identity, as some submissions have suggested, has the potential to disadvantage certain vulnerable members of the community. It would also have significant impacts on a range of government and private sector organisations, and have a flow on effect on consumers, particularly in the telecommunications sector which has legislated customer identification requirements for pre-paid mobile phones. The education sector would also be significantly affected considering the Medicare card is used to support the issuance of a large number of Unique Student Identifiers.

To this point, the first recommendation of the review panel was 'that the Medicare card be retained as a form of secondary evidence for identity purposes'. The review panel also specifically considered whether having a photographic ID on a Medicare card might have the effect of reducing fraud.

The review panel responded to that proposal:

The Review Panel noted that while adding a photograph or other security feature such as a hologram might have a short term beneficial impact on the illegal reproduction of Medicare cards, such changes are not likely to have a lasting effect. A more practical and immediate measure is for organisations that accept Medicare cards as evidence of identity to utilise the DVS to confirm that the card and/or number being presented corresponds with a valid and current record held by the Department of Human Services.

As mentioned, the review also considered whether another source of ID in addition to a Medicare card should be presented when a person presents at a health facility for the first time. The Northern Territory Department of Health said of this proposal:

The NT does not support introducing additional identity requirements for this purpose as this has the potential to put added pressure on remote clinics and impact disproportionately on remote (particularly Aboriginal) people …

In short, it would be logistically challenging and impractical to require all patients to provide more than one type of identification aligning to their Medicare card. Further, any such requirement must not be able to be used as a reason to deny access to essential health care.

The Australian Medical Association said, 'It would place an additional administrative burden on practices and put in place an unnecessary barrier to care for patients.' The Australian Privacy Foundation said:

At the outset the Foundation emphasises the fundamental importance of trust as a basis of the delivery of health services to all Australians, including in instances where a recipient may not hold a card or other token of entitlement to services. Respect for that trust through a coherent, principled and effective privacy regime is not antithetical to good governance, efficiency and responsiveness to individual needs.

The National Aboriginal Community Controlled Health Organisation said:

It is critically important to remember health services, particularly in remote areas, that they continue to have access to clients Medicare numbers which:

…

• imposes no additional requirement for identifying people since many clients do not carry identification.

The review panel's finding on this point was as follows:

Existing requirements around patient identification for clinical safety purposes would be consistent with a requirement that health professionals should be confident of the identity of their patients for Medicare billing purposes, and this should not pose a barrier to care. This would provide assurance that patients are using their own identity to access healthcare, and that they are eligible to receive a Medicare benefit.

The committee did also recommend:

… as a condition of claiming Medicare benefits on behalf of patients, health professionals should be required to take reasonable steps to confirm the identity of patients when they are first treated.

The government formally responded to the review panel's report in February 2018. I note that it agreed, without qualification, to 13 of the review panel's 14 recommendations and agreed, in principle, to the other recommendation, pending further examination of implementation options. One of the main changes resulting from this is that health providers seek another source of identification in addition to a person's Medicare card when presenting at a health service. Of this change, the government, in response to the review panel's report, said:

This should not be onerous, and should not serve as a barrier to health care. By providing identification, consumers will be playing an essential role in supporting the ongoing integrity of the Medicare system. The Government will also empower consumers to protect their own Medicare card information by building public awareness and supporting consumers to access information about how their Medicare card number is used.

One final point worth noting is that this proposal is likely to have a very significant financial impact well into the hundreds of millions of dollars. This would need to be taken into consideration in formally considering any proposal. Labor believes that the case has not been made to support this bill. Labor encourages the government to look at this issue in more detail, particularly as technology changes, ever mindful of protecting Australians' privacy, reducing red-tape burden on health professionals and organisations and making sure that Medicare fraud is eliminated entirely.