The Australian government is continuing its push for the public to start using the centralized health record system. The idea being that i could move from one doctor to another with ease – essentially my records follow me. The Health Minister Greg Hunt is under pressure to convince the public that the system is secure. He’s having a hard time. This article details my objections.
The minister has said we (as users of the system) have absolute control of our records including controlling access to our information and limiting what information is stored within our My Health Records. However, he follows on by saying the system will save lives by allowing hospitals to access our information in cases of emergencies (think car accident where we’d be unable to communicate with the doctor). That combination doesn’t make sense. We either have absolute control or we don’t.
If encryption and decryption of my records is dependent on my login credentials, i can be confident that only i have access to my content. Anyone (or anything) attempting to access my records would need my credentials to decrypt my content.
There are ways to encrypt information with one key allowing multiple other keys to decrypt the same information and I’ll come back to this shortly. But that’s getting complicated “https://www.gnupg.org/gph/en/manual.html#AEN111” and doesn’t alter my objection.
Given the Health Minister Greg Hunt’s statement that others “can” access my information (hospitals in an emergency, for example) stored within My Health Records, i can conclude one of two things: a) my records are not encrypted at all, or b) my records can be decrypted by entities other than myself.
I stated above that multiple decryption keys is possible, it seems irrelevant because we know others “do” have access without the information owner’s authentication credentials.
So here’s the question, would you use it? My suggestion, insist that you doctor only uploads positive records, never negative records. Imagine an insurance company that will only pay-out or provide cover if they can see your e-health records. Show them. “Nothing to see here!”.
Of-course there is also the possibility of someone other than authorized people accessing our My Health Records and that’s not even worth discussing here because we know it’s possible (what in recent history would convince you otherwise?) and a likely and absolutely tempting objective for those who’d profit from knowing. Think extortion.
In recent times we’ve had failures with Centerlink’s systems (resulting in incorrect fund recovery and record recovery failures), the Census outage and Medicare numbers for sales on the ‘dark web’. I simply don’t think this will work. Use it knowing your records will likely one day become public or at least be exposed in some way. Even a small exposure of our health records would be tremendously bad.