Juanita Fernando: Privacy lags as e-health rolls out

CONCERNS about e-health privacy are growing around the world.

Most recently, the British Medical Association Scotland called for stronger measures to protect patient confidentiality, particularly with the way patient information can be shared between medical users.

The Australian Privacy Foundation (APF) has highlighted similar concerns about the situation in Australia.

Empirical research findings show clinical end-users frequently covertly share credentials such as user names and passwords so they can share health data.

This may occur because the clinician who has the necessary password access to health data is absent or a particular system has not been used for a while and their password has expired.

Clinicians also need access to patient records from various systems in order to base their diagnoses on a coherent record of patient care (eg, x-ray record, test results, specialist reports).

Anecdotally, students in my medical sciences courses at Monash University tell me that while it is easy to put information into an e-health system, the reverse is true when trying to get care information out of the system.

This is of special concern because e-health records display such a vast amount of patient information on a large number of computer applications.

At the same time, Australian health authorities have only just begun to devise a privacy and security framework for our e-health records (the security and access framework).

But it will be several years before patients will see any benefit from the national initiative.

In the meantime, all patient identification details can now be interconnected via a single health identifier number, stored in a central database.

Under the Medicare Healthcare Identifier service, launched in July this year, more than 600 000 health care providers — including pharmacists, psychologists and podiatrists — will be given unique identifiers allowing them to access patient numbers.

A scan of media reports shows how human error or malfeasance poses a significant threat to the privacy of patient e-health information.

I am particularly concerned that the database will become an identity fraud resource or even be subject to media curiosity through misuse of information and communication technology to get “a good story”.

Yet Australian health authorities have failed to deal explicitly with privacy over several years. In the absence of any privacy framework, they continue to avoid implementation of e-health security and access issues.

This represents a process failure that repeats past failures to grapple with, in the first instance, the hard but necessary e-health privacy and security details.

To help mitigate the e-health privacy and security concerns in Australia, work is underway with commercial e-health organisations through the Australasian College of Health Informatics to develop an information security template.

Clinicians interested in the requirements for secure access to clinical information and responses to suspected breaches can access APF policy statements on eHealth data and health identifiers and Protections against eHealth data breaches.

Dr Fernando is a lecturer with the Faculty of Medicine, Nursing and Health Sciences at Monash University and a councillor on the Australian Privacy Foundation board. Her special interests are in medical informatics, information security and e-health tools.

Further reading

Medical Ethics Committee, British Medical Association. Confidentiality and disclosure of information tool kit.

British Medical Association. BMA News press release. Doctors have no confidence in NHS database, says BMA News poll.

BMA says “suspend SCR roll-out”. ehealthINSIDER 2010.
The health information system security threat lifecycle: an informatics theory. Int J Med Inform 2009; 78: 815-826.
Healthcare data risk greatest from human error. InformationWeek 2010; May 20.

Posted 1 November 2010