No clean bill of privacy for My Health
The Workplace of the Australian Info Commissioner (OAIC) has launched its annual report of actions regarding digital well being, revealing a surge in complaints in regards to the My Well being Document system.
The complaints comply with the My Well being Document being moved from a self-register to an opt-out mannequin in February.
The OAIC report says that in 2018-19 it acquired 145 enquiries and 57 complaints about My Well being Document, in comparison with 14 enquiries and eight complaints the earlier monetary 12 months.
It stated most complaints had been acquired earlier than the top of the opt-out interval on 31 January.
The report says the Workplace additionally acquired 10 enquiries in regards to the Healthcare Identifiers Service, and 5 complaints.
“Throughout the reporting interval, the OAIC offered detailed privateness recommendation on the My Well being Document system to stakeholders, together with the Australian Digital Well being Company and to the Senate Neighborhood Affairs References Committee and Laws Committee,” the report says.
“The OAIC additionally performed privateness assessments of regulated entities within the digital well being sector,” it says.
The report says the OAIC acquired 4 necessary information breach notifications from the My Well being Document System operator.
“Two notifications associated to unauthorised entry to a My Well being Document by a 3rd get together conducting fraudulent Medicare-claiming exercise; one notification concerned incorrect Medicare enrolment leading to unauthorised entry to a My Well being Document; and an enquiry into the fourth notification confirmed information breach had not occurred,” the report says.
The OAIC acquired 31 necessary notifications about information breaches involving Medicare information.
Of the 31, 27 concerned intertwined Medicare information, the place healthcare recipients with related demographic data shared the identical Medicare file, and Medicare offered information to the wrong particular person’s My Well being Document.
The remaining 4 notifications resulted from findings below the Medicare compliance program, the place Medicare claims made within the title of a healthcare recipient, however not by that healthcare recipient, had been uploaded to their My Well being Document.
The OAIC is the impartial regulator of the privateness provisions below the My Well being Data Act 2012 and the Healthcare Identifiers Act 2010.
The Workplace’s 139-page report will be accessed at this PS News link.