Tail of e-health must not wag the dog of personal health care: report

Protection of the individual is the primary function of personal health care data, says APF

The protection of the individual is the primary function of personal health care data and the tail of health administration and research must not be permitted to wag the dog of personal health care, according to an Australian Privacy Foundation (APF) policy position document.

The document, eHealth Data and Health Identifiers, sets out the APF principles for assessing eHealth initiatives and eHealth regulatory measures.

“Calls for a general-purpose national health record are for the benefit of tertiary users (administration, insurance, accounting, research, etc), not for the benefit of personal health care,” the document reads.

"The tail of health and public health administration and research must not be permitted to wag the dog of personal health care."

Among the specific criteria in the document:

  • The health care sector must remain a federation of islands
  • Consolidated health records must be the exception not the norm
  • Identifiers must be at the level of individual applications
  • Pseudo-identifiers must be widely-used
  • Anonymity and persistent pseudonyms must be actively supported
  • All accesses must be subject to controls
  • All accesses of a sensitive nature must be monitored
  • Personal data access must be based primarily on personal consent
  • Additional authorised accesses must be subject to pre- and post-controls
  • Emergency access must be subject to post-controls
  • Personal data quality and security must be assured
  • Personal access and correction rights must be clear, and facilitated

The AFP has a particular focus on e-health. Last year, it awarded the NSW Department of Health the Most Invasive Technology prize in is Big Brother Awards, the ‘Orwells’. The department won for introducing its electronic health record system Health-e-Link with only an opt-out for patients instead of the opt-in requirement of the Health Privacy Law.

“The failure to allow partitioning of sensitive health information, the lack of controls on authorised users, and failure to pilot both opt-in as well as opt-out systems could threaten public trust in what could be an immensely valuable tool for improving both individual and population health,” said Orwells judge, Associate Professor at the Faculty of Law, University of Sydney, Dr Roger Magnusson.

Nominations are now open for this year’s Big Brother awards at www.privacy.org.au.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags governmentprivacydata privacye-healthAFP

More about Brother International (Aust)Department of HealthNSW Department of HealthNSW Department of HealthPrivacy FoundationUniversity of SydneyUniversity of Sydney

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Georgina Swan

Latest Videos

More videos

Blog Posts