I haven't watched or read the news for a few years now and my life is a thousand times better for it. However, that doesn't mean I don't inadvertently find out stuff that's going on. Recently, one of my email subscriptions alerted me to the Australian Government's My Health Record (MHR) project. The idea is to create an automatic electronic health record for every Australian from mid-2018.
Wary of anything the government does, I did some digging.
The right to privacy
When MHR began in 2012, it was an opt-in service. I assume not enough people were signing up so it recently shifted to an opt-out model. This means you now have to physically opt out of a service you never agreed to in the first place.
The opt-out period will run from 16 July until 15 October 2018. However, if you live in Far North Queensland or the Blue Mountains it may already be too late for you. In March 2016, the Australian Government commenced a trial opt-out system for residents in these areas before rolling it out to the rest of the country.
If you don't opt out by 15 October—or didn't already if you live in a trial area—the Australian Government will automatically create a digital copy of every medication you've been prescribed, and every symptom and ailment you’ve told your GP about. It will store it centrally and give numerous people access to it.
When I started writing this post, the government explicitly stated that if you choose to opt out later, you will no longer be able to access MHR, but it will continue to store your information for 30–130 years after your death.
Thankfully it appears the government's been reflecting on Europe’s General Data Protection Regulation (GDPR), which kicked in on 25 May 2018. GDPR gives individuals the power to demand that organisations reveal what personal information they have about them and delete it upon request. GDPR applies to all organisations—including those outside of Europe—that manage the data of European citizens. It's therefore reasonable to assume that many Europeans living in Australia have accessed medical services via Medicare so MHR would be captured under GDPR.
MHR's 30-year date storage rule clearly breaches GDPR, which is designed to protect people’s privacy and the right to be forgotten. As such, on 1 August 2018, Health Minister Greg Hunt released a statement saying that if someone wants to cancel their e-record they will be able to do so permanently.
However, deleting information from MHR is not straightforward since it is designed for long-term data retention. This means a record could still be present in backups taken at various points in time. While removing someone's record from a database should be relatively easy, removing them from the backups is more complicated. It also raises questions around who, and under what circumstances those backups can be accessed. You can read more about these issues here.
The hacking risk
Much of the concern around MHR is around data security. A big, centralised database containing the medical records of a country's citizens is a honeypot for hackers. Personal health information and electronic medical records can and do fetch hundreds of dollars on the dark web. Even if the Australian Government uses 'military grade' security, it's highly likely that the 900,000 health professionals that have access to it won't, so your data is still at risk.
Between 27 June and 4 July 2018, hackers accessed the medical records of 1.5 million people in Singapore—a quarter of the population. Data stolen included the names, national registration identity card numbers, addresses, birth dates, and gender and race information of patients who had visited SingHealth's specialist outpatient clinics and polyclinics between 1 May 2015 and 4 July 2018. Additionally, 160,000 of these citizens, including Prime Minister Lee Hsien Loong, had their outpatient medication data stolen.
According to Thales, nearly half (48%) of US healthcare respondents reported a breach in the past year, which is more than the global healthcare average (39%). Perhaps more worrying, is that almost 70% of all global healthcare companies reported experiencing a data breach at some point in the past.
If you think Australia is safe from hacking, you're wrong. In 2016–17, the Office of the Australian Information Commissioner reported 140 separate data breaches affecting a total of 152 healthcare recipients, 144 of whom had an MHR at the time. This is up from 2015-16, in which 94 separate breaches affecting 103 healthcare recipients, 98 of whom had an MHR were reported. Furthermore, the Medicare details of any Australian were reportedly available on the dark web in 2017 due to a vulnerability in the government's system.
You can't turn toast back into bread
Governments and companies have repeatedly shown us that they can not be trusted to store data securely. Once your data is out there, there's nothing you can about it.
Earlier this year, I received two separate emails informing me that my data had been breached in relation to two separate job applications I made a couple of years ago. Both companies used PageUp to store my information and clearly my data was not destroyed once it was no longer required.
As you can see, there is NO mention of how you can get your data back. All you get is a half-arsed apology and a recommendation to update your virus protection software.
Now imagine how much worse that would be if you were HIV positive or you'd had an abortion at some point. Do you really want to trust the government with your private medical information?
The Australian Government has reportedly spent $2 billion on the MHR project so far. But just as it decides to ramp up this highly centralised and expensive project, storing health data on blockchains is starting to gain traction. Similar to the NBN—a project plagued by cost blowouts, which is likely achieve nothing more than provide Australians with an obsolete broadband network by the time it's fully rolled out—the Australian Government has once again missed an opportunity to develop something better.
Estonia and Dubai are the leaders when it comes to management of medical records on the blockchain. Estonia was the first country to embrace blockchain technology while Dubai wants to become the world’s first blockchain-powered government by 2020.
Estonia is using Guardtime's Keyless Signature Infrastructure to manage its one million e-health records. I'm not techie or a dev, so I'm not going to pretend I know how it works. However, my layman's understanding is, that since there is no hackable entrance or a central point of failure, blockchain stored data is much more secure than a centralised database.
Something like bluzelle also strikes me as offering a possible solution to MHR. It offers a mutable database, meaning data can be written, amended, searched, and deleted, just like in a regular database. However, since the data is stored in groups of nodes, a.k.a. swarms, there is no central point of failure. In the unlikely event that hackers could breach a swarm and access the data, only the data sharded to that swarm would be breached. Since this represents 0.1% of your data, it is essentially useless to hackers.
Bluzelle is also designed with GDPR in mind. Unlike the MHR database which has unanswered questions about the deletion of, and access to, backed up data, Bluzelle records are fully destroyed on request. Furthermore, individuals have complete control over the use of their data and are the only ones that can grant access to it.
Although its still in the very early stages, it seems to me that blockchain technology offers many advantages for storing digital data—like health records—while adhering to new laws around data privacy and the right to be forgotten. Until such a time that the Australian Government provides us with complete control over our data, I will be opting out of using its insecure, overpriced, centralised database.
How can I opt out?
The process is surprisingly straightforward and quick. Go to the MHR website and have your Medicare card and drivers licence handy. You'll get a confirmation once it's done, which you can then upload to a centralised server like dropbox or google for future reference. 😁
I have no affiliation with Bluzelle or any other organisation mentioned in this post.
Footer by @ryivhnn
All images from pixabay