Why the Australian Government's My Health Record project will put your privacy at risk

in teamaustralia •  4 months ago

I haven't watched or read the news for a few years now and my life is a thousand times better for it. However, that doesn't mean I don't inadvertently find out stuff that's going on. Recently, one of my email subscriptions alerted me to the Australian Government's My Health Record (MHR) project. The idea is to create an automatic electronic health record for every Australian from mid-2018.

Wary of anything the government does, I did some digging.

The right to privacy

When MHR began in 2012, it was an opt-in service. I assume not enough people were signing up so it recently shifted to an opt-out model. This means you now have to physically opt out of a service you never agreed to in the first place.

The opt-out period will run from 16 July until 15 October 2018. However, if you live in Far North Queensland or the Blue Mountains it may already be too late for you. In March 2016, the Australian Government commenced a trial opt-out system for residents in these areas before rolling it out to the rest of the country.

If you don't opt out by 15 October—or didn't already if you live in a trial area—the Australian Government will automatically create a digital copy of every medication you've been prescribed, and every symptom and ailment you’ve told your GP about. It will store it centrally and give numerous people access to it.

When I started writing this post, the government explicitly stated that if you choose to opt out later, you will no longer be able to access MHR, but it will continue to store your information for 30–130 years after your death.


Thankfully it appears the government's been reflecting on Europe’s General Data Protection Regulation (GDPR), which kicked in on 25 May 2018. GDPR gives individuals the power to demand that organisations reveal what personal information they have about them and delete it upon request. GDPR applies to all organisations—including those outside of Europe—that manage the data of European citizens. It's therefore reasonable to assume that many Europeans living in Australia have accessed medical services via Medicare so MHR would be captured under GDPR.

MHR's 30-year date storage rule clearly breaches GDPR, which is designed to protect people’s privacy and the right to be forgotten. As such, on 1 August 2018, Health Minister Greg Hunt released a statement saying that if someone wants to cancel their e-record they will be able to do so permanently.

However, deleting information from MHR is not straightforward since it is designed for long-term data retention. This means a record could still be present in backups taken at various points in time. While removing someone's record from a database should be relatively easy, removing them from the backups is more complicated. It also raises questions around who, and under what circumstances those backups can be accessed. You can read more about these issues here.

The hacking risk

Much of the concern around MHR is around data security. A big, centralised database containing the medical records of a country's citizens is a honeypot for hackers. Personal health information and electronic medical records can and do fetch hundreds of dollars on the dark web. Even if the Australian Government uses 'military grade' security, it's highly likely that the 900,000 health professionals that have access to it won't, so your data is still at risk.

Between 27 June and 4 July 2018, hackers accessed the medical records of 1.5 million people in Singapore—a quarter of the population. Data stolen included the names, national registration identity card numbers, addresses, birth dates, and gender and race information of patients who had visited SingHealth's specialist outpatient clinics and polyclinics between 1 May 2015 and 4 July 2018. Additionally, 160,000 of these citizens, including Prime Minister Lee Hsien Loong, had their outpatient medication data stolen.

According to Thales, nearly half (48%) of US healthcare respondents reported a breach in the past year, which is more than the global healthcare average (39%). Perhaps more worrying, is that almost 70% of all global healthcare companies reported experiencing a data breach at some point in the past.


If you think Australia is safe from hacking, you're wrong. In 2016–17, the Office of the Australian Information Commissioner reported 140 separate data breaches affecting a total of 152 healthcare recipients, 144 of whom had an MHR at the time. This is up from 2015-16, in which 94 separate breaches affecting 103 healthcare recipients, 98 of whom had an MHR were reported. Furthermore, the Medicare details of any Australian were reportedly available on the dark web in 2017 due to a vulnerability in the government's system.

You can't turn toast back into bread

Governments and companies have repeatedly shown us that they can not be trusted to store data securely. Once your data is out there, there's nothing you can about it.

Earlier this year, I received two separate emails informing me that my data had been breached in relation to two separate job applications I made a couple of years ago. Both companies used PageUp to store my information and clearly my data was not destroyed once it was no longer required.

As you can see, there is NO mention of how you can get your data back. All you get is a half-arsed apology and a recommendation to update your virus protection software.

Great. Thanks.

Now imagine how much worse that would be if you were HIV positive or you'd had an abortion at some point. Do you really want to trust the government with your private medical information?

The alternative

The Australian Government has reportedly spent $2 billion on the MHR project so far. But just as it decides to ramp up this highly centralised and expensive project, storing health data on blockchains is starting to gain traction. Similar to the NBN—a project plagued by cost blowouts, which is likely achieve nothing more than provide Australians with an obsolete broadband network by the time it's fully rolled out—the Australian Government has once again missed an opportunity to develop something better.

Estonia and Dubai are the leaders when it comes to management of medical records on the blockchain. Estonia was the first country to embrace blockchain technology while Dubai wants to become the world’s first blockchain-powered government by 2020.

Estonia is using Guardtime's Keyless Signature Infrastructure to manage its one million e-health records. I'm not techie or a dev, so I'm not going to pretend I know how it works. However, my layman's understanding is, that since there is no hackable entrance or a central point of failure, blockchain stored data is much more secure than a centralised database.

Something like bluzelle also strikes me as offering a possible solution to MHR. It offers a mutable database, meaning data can be written, amended, searched, and deleted, just like in a regular database. However, since the data is stored in groups of nodes, a.k.a. swarms, there is no central point of failure. In the unlikely event that hackers could breach a swarm and access the data, only the data sharded to that swarm would be breached. Since this represents 0.1% of your data, it is essentially useless to hackers.

Bluzelle is also designed with GDPR in mind. Unlike the MHR database which has unanswered questions about the deletion of, and access to, backed up data, Bluzelle records are fully destroyed on request. Furthermore, individuals have complete control over the use of their data and are the only ones that can grant access to it.

Although its still in the very early stages, it seems to me that blockchain technology offers many advantages for storing digital data—like health records—while adhering to new laws around data privacy and the right to be forgotten. Until such a time that the Australian Government provides us with complete control over our data, I will be opting out of using its insecure, overpriced, centralised database.

How can I opt out?

The process is surprisingly straightforward and quick. Go to the MHR website and have your Medicare card and drivers licence handy. You'll get a confirmation once it's done, which you can then upload to a centralised server like dropbox or google for future reference. 😁


I have no affiliation with Bluzelle or any other organisation mentioned in this post.

Footer by @ryivhnn
All images from pixabay

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

yeah these guys are nutters, as usual its "something thats going help you..." but the rest of that sentence is " ... be controlled ".

Woah, I am glad you did some digging. They can keep it for 130 years after your death? How is that even logical, when most records after 3/10 years is null. The medical field is a trip. Also, Dubai wants to become the world’s first blockchain-powered government by 2020 I didn't know, that is amazing!

Awesome post choo, no surprise there. I WANT MORE!!


Lol. I'll see what I can do.

They aren't keeping it for 130 years anymore apparently, and that was if the date of your death was unknown--otherwise it was 30 years.

I see a shit storm brewing on the horizon, thanks for the reminder :)


You're welcome.

This is news to me... disturbing news that is.
Excellent article as usual, very informative. And it's so great that you even included the process on how to opt out, I'll be referring this post to my friends.

Thanks choo for letting me know on time :).


Thank you! And that's 1 of 3 of my half written posts complete!


With these levels of information and quality, no wonder you don't write a lot of posts choo.
You should make smaller posts too from time to time... maybe something like ULOG ^_^.


Hahahaha. Ulogs. I HATE those things. Plus mine would be boring. I literally do the same thing every day unless I'm travelling.

Here's my ulog.
Get up check steemit. Work/do stuff on my computer. Crossfit. Yoga. Steemit/computery stuff. Bed. Occasionally I might venture out and get my legs waxed or pick up a package if I've done internet shopping, but that's pretty much it.


Whoa whoa! You hate it?! Actually I don't really know what ulog is, but I've seen a lot of people using the term.

I don't think yours would be boring though, since your daily routine doesn't involve eating at all, that's pretty unique no? Kehehe, forgive me for my bad sense of humour.


Lol. Whoops. You can throw breakfast, unch and dinner in there. They are boring as well though. I make one thing and eat it all week. I've eaten oatmeal for breakfast for like 5 years.

This post was shared in the Curation Collective Discord community for curators, and upvoted and resteemed by the @c-squared community account after manual review.

I find this alarming @choogirl. Of course any system can be hacked!


I know right? That's why I wanted to make a post about it.

I have opted out a couple of weeks ago.


Seems like the best option.


Yes i think so.

Thanks for posting about this... reminded me to opt out - which I just did!.. as I don't agree with the idea.


Cool. Glad I reminded you.

I was going to share something about this myself after a friend sent me something on it. Glad you shared it, though, as you'll reach more.


Thanks. Sorry, if I took your idea. :(


Don't be. Like I said, you'll reach more people than me anyway.

Really interesting and alarming, great info well done.
Thank you for the advice, I will do that.


Thank you. I'm glad you found it useful.

Thanks for raising this. Glad we get the option to opt out at least. Maybe they learned something when they compromised 100 years of data with that Census rubbish.


Oh yeah. That was shit. I was deliberately out of the country at the time so I avoided that.

At the moment everybody make a lot of noise about privacy and the General Data Protection Regulation that was intensified. Of course a bit of privacy is important. Especially on health issues, but on some things it's exaggerated. I work at a Data Recovery Company and i know that it's pretty important to preserve privacy. But people are revealing so much data on Facebook or other social networks so that i think the relation is a bit at risk.


Yeah, but people aren't putting their medical records on FB, etc. The whole Singapore hack for example, sounds like a nightmare. I would be really upset if I was one of those victims.

Thanks for this. I’ve shared it on my Facebook too and will opt out.


You're welcome. FB will shadow ban it. They did on mine. I had to type another message telling people to go to my page if they wanted to see it.


hah! Bugger.

I work in IT Security... and I'd hazard a guess that the statistics on companies that have been hacked at some level (98%) are probably conservative...


That doesn't surprise me at all.

An important and well written post :O Thanks for the heads up, choo! I will spread this out to my friends :O!!!


Thanks and you're welcome. My guess is a lot of people aren't really thinking about it.

As a follower of @followforupvotes this post has been randomly selected and upvoted! Enjoy your upvote and have a great day!

I just heard about this a couple of days ago, only because a client back home mentioned it. Since being away from Oz, it's hard to keep up, ESPECIALLY when they do things like this with no official warning. I'm yet to opt out but it's now top of the list for tomorrow. They absolutely can't be trusted with this info. They've proven that time and time again.


I know. I wouldn't have known if it didn't show up in something in one of my emails. Glad i reminded you to look into it.


Leaving comments asking for votes, follows, or other self promotional messages could be seen as spam.

More Information:

The Art of Commenting
Comment Classifications


How about I flag you instead for being a comment spammer and plagiarist? Yeah, I'll do that. Bye, bye!