Up until now every doctor, clinic or
hospital you have visited has maintained a separate record of your health. But
now, with your consent, you can have an e-Health record (called a PCEHR or Personally Controlled Electronic Health Record) created to supplement your health records by linking
key information about you. The idea is that wherever you are in Australia, no
matter which doctor or hospital you visit, a summary of your healthcare
information will be available to assist in your diagnosis and treatment. This
information might include medications that have been prescribed to you, any
allergies you might have, and treatments you may have received.
In managing your PCEHR, you can set
controls specifying which healthcare provider organisations and nominated
representatives may obtain access to your record. Advanced access controls
allow you to limit access to the whole of your PCEHR and/or to limit access to
specific documents within your record. It is also important for you to talk to
your healthcare providers about the type of information that can be uploaded to
a PCEHR, as well as advising if there is are any records you do not want
uploaded to your record.
The Office of the
Australian Information Commissioner (OAIC) recently distributed a number of draft fact sheets providing comment
around some privacy issues of current relevance to the PCEHR. The topics
include consent and handling of personal information, emergency access, and how
to manage your e-Health record. These are the first of a range of guidance
material on specific e-Health topics that will be developed by the OAIC.
The Consumers
e-Health Alliance (CeHA) has brought to
our attention a number of issues raised in these fact sheets. One of the main
issues for concern relates to the registration process, which seems to mandate
that each applicant create an ‘australia.gov.au’ account, which will link to
other nominated Australian Government agencies. There is also reference made to
the ‘communication benefits’ for those creating an account, but not much
explanation as to how the reverse access across Government entities might work.
CeHA will query these issues and welcome any other issues of concern from
consumers.
At the moment, the interest and
powers of the OAIC seem restricted to privacy/security issues broadly, but do
not appear to cover the actual implementation and ongoing operations of the
PCEHR system. The PCEHR is at the early stages and there isn’t yet much
meaningful information stored in the record, but it is still important to work
through privacy concerns and ensure that sufficient safeguards are in place. The PCEHR is an opt-in system, so it’s your
choice to participate. However, this may not always be the case so it is worth
considering any privacy issues that might be of concern to consumers as these
records develop in the future.
We will let you know when the OAIC’s
fact sheets are published, or other important privacy information regarding
PCEHR is available – in the meantime you might like to check out the OAIC’s Privacy fact
sheet 15: Ten tips for protecting the personal information in your eHealth
record.
Kathryn Briant
Posts
No comments:
Post a Comment