As of today all of your medical records are now online on the government health website. It use to be an opt in situation but from today it is now changed to an opt out option. You have until october to opt out.

Do you trust the gov with your personal medical information online and do you think its safe from hackers?

Thanks for the heads-up Autocon!

I opted out -- don't trust the government one bit at all!

I opted out...

I'm wavering a little...it's a good idea in and of itself, but I do not trust this government at all either in competence (their track record in IT and data security is abysmal) or in motive (outsourcing to shonky providers, selling data to third parties, and releasing private data out of sheer malice a la that Centrelink VS Andi Fox blogger thing last year).

I'm leaning towards opting out atm.

Can someone explain what medical records it is? Is it just what is on file at public hospitals or is it including my local GP, private specialist, etc?

The government? Maaaaaaaaybe.

Individual small-scale medical practitioner office's IT security? Hell no. And... hackers ALREADY target those.

I opted out.

The opt-out form requires the user to enter information such as a Government-issued identification card number and Medicare card number. Wouldn't like to think how secure that information will be, after it is submitted and stored! :eek:

The opt-out form requires the user to enter information such as a Government-issued identification card number and Medicare card number. Wouldn't like to think how secure that information will be, after it is submitted and stored! :eek:

They do need to validate against the Medicare record, though. So it's kinda needed.

Having said that, I don't believe we should forced to opt out. This whole thing smells like it's for the benefit of big health firms & insurers. Not us.

They do need to validate against the Medicare record, though. So it's kinda needed.

Having said that, I don't believe we should forced to opt out. This whole thing smells like it's for the benefit of big health firms & insurers. Not us.^^^ This. Plus all this (https://www.theguardian.com/commentisfree/2018/jul/19/opt-out-cassandra-the-information-technology-wobbegong-on-my-health-record). I'm out.

Shame 'cos it's still a good idea, if it was undertaken with regard for privacy and by a government who could, say, successfully pull off their own Census.

After reading up on this I'm not overly concerned. Mostly because my GPs office already has it all stored on their own cloud so they can access it from various clinics around town. Doesn't really matter to me if it's in my doctors hands or in the health department, if it's online it's online.

Not sure if true but apparently the guy running My Health in Aus ran care.data in the uk(same thing) which sold private info to drug companies etc and was shut down in 2016. Big debarcle

While I do believe, in this instance, the individual in mind is telling the truth when he says he’s doing it for ideological reasons, it remains interesting that even a Liberal Party MP is personally opting out: http://mobile.abc.net.au/news/2018-07-23/tim-wilson-opts-out-my-health-record/10025204?pfmredir=sm&sf194135794=1&smid=Page:%20ABC%20News-Facebook_Organic&WT.tsrc=Facebook_Organic

I can't opt out, need to delete mine. Must have been signed up automatically when I had to setup my mygov account. Sneaky bastards. Not happy.

I was going to opt in, I've used so many different GP's over the years, it would be good to have a consistent medical history when visiting someone new.

Now I'm not so sure

the NET :)

After reading up on this I'm not overly concerned. Mostly because my GPs office already has it all stored on their own cloud so they can access it from various clinics around town. Doesn't really matter to me if it's in my doctors hands or in the health department, if it's online it's online.

It’s about target visability. Your GP is a small target amongst thousands of small targets. The probability that someone will go after it is low.

However a centralised government database with the names and health records of millions of Australian citizens? That’s a high profile/high reward target that will almost certainly be under constant cyber attack from all over the world. Not to mention the risks of what the government may decide to do with the data in the future.

The government doesn’t have a stellar record of keeping our data safe. I don’t trust them with this. The cons outweigh the pros.

I've used so many different GP's over the years, it would be good to have a consistent medical history when visiting someone new.
Are you prescription drug shopping? :p

Are you prescription drug shopping? :p

lol, no. I lived in Victoria, then moved to Sydney to study, I've lived in about 12 places in various suburbs around Sydney since about 1997

It’s about target visability. Your GP is a small target amongst thousands of small targets. The probability that someone will go after it is low.

However a centralised government database with the names and health records of millions of Australian citizens? That’s a high profile/high reward target that will almost certainly be under constant cyber attack from all over the world. Not to mention the risks of what the government may decide to do with the data in the future.

Who do you trust to do a better job of security? A local GP clinic or the Australian government? If you answered a local GP then you are insane.

No networked security is perfect, but at least the government has security personnel on staff. Your local GP on the other hand could very well terrible security and you would never know it.

Frankly if my records have to be in someone's cloud I'd rather the one with a known good level of security, not a GP that could have extremely terrible security.

Who do you trust to do a better job of security? A local GP clinic or the Australian government? If you answered a local GP then you are insane.

No networked security is perfect, but at least the government has security personnel on staff. Your local GP on the other hand could very well terrible security and you would never know it.

Frankly if my records have to be in someone's cloud I'd rather the one with a known good level of security, not a GP that could have extremely terrible security.

You completely missed the point of my post.

Also those GPs with crappy security you’re talking about are going to have unrestricted access to this database. So if someone were to gain access through one of these GPs yor refer to, they could potentially access the records of anyone. Not just that particular GP’s patients.

We have internet security experts everywhere saying that what the government is proposing is at best a half arsed solution. The rules around its use are rubbery at best and will be subject to the whim of the government of the time. Your data is being treated as a product and will be used as such in the future. Same with your kids. Provided it doesn’t end up hosted on a website first . Are you ok with that?

It's not just about the lack of security.

This too



"Patients control access to the record, so they can switch off their entire record and make it only available using a pin code, or use that process with individual documents," Dr Hambleton said.

Patients can get an SMS or email anytime someone new accesses their record — but it is up to individuals to set up those privacy and access settings.

Robert Merkel, a software engineering lecturer at Monash University, said he was worried the safeguards were not in place by default.

"I am concerned that most people simply aren't going to be aware of those privacy controls," Dr Merkel said.


Because the they didn't have many people sign up for this, they are going to blanket sign up everyone and have those that wish to opt out do so. Absolutely backwards way of doing this.

Because the they didn't have many people sign up for this, they are going to blanket sign up everyone and have those that wish to opt out do so. Absolutely backwards way of doing this.

To be honest, I wasn't even aware of this whole thing until I saw this thread a week ago and then a news story yesterday.

Personally I don't like the idea of them signing us up without our permission and then us having to go to the trouble of opting out. I don't like that at all.

My main problem is what use the government of today and possible uses the governments of the future will put your private health information to. For instance imagine if you were going for a job in a government department and they checked and saw you had taken considerable stress leave in the past because of a note your GP wrote you a decade ago. Think they will employ you over someone who doesn't have that on their record? I don't trust the powers that be one bit to not pull something like that. And considering how the government walks hand-in-hand with big business (can anyone say 'giant tax cuts'?) I don't trust them to not eventually 'accidentally' share our details with corporations.


"And it says here Mr Simpson, that you once held a dog by its back legs and walked it round like a wheelbarrow"
"I was ten!"
"Well it all goes on your permanent record"

The government doesn't have a good record for that. And if they want to gain any trust back, this sure as hell won't do it.

To be honest, I wasn't even aware of this whole thing until I saw this thread a week ago and then a news story yesterday.

Personally I don't like the idea of them signing us up without our permission and then us having to go to the trouble of opting out. I don't like that at all.

My main problem is what use the government of today and possible uses the governments of the future will put your private health information to. For instance imagine if you were going for a job in a government department and they checked and saw you had taken considerable stress leave in the past because of a note your GP wrote you a decade ago. Think they will employ you over someone who doesn't have that on their record? I don't trust the powers that be one bit to not pull something like that. And considering how the government walks hand-in-hand with big business (can anyone say 'giant tax cuts'?) I don't trust them to not eventually 'accidentally' share our details with corporations.


"And it says here Mr Simpson, that you once held a dog by its back legs and walked it round like a wheelbarrow"
"I was ten!"
"Well it all goes on your permanent record"

The most likely scenario is that a government will decide to make your record available to health insurance companies when assessing your premium. Suddenly every health check/issue you ever had will be used as a justification to charge you more for health insurance.

The most likely scenario is that a government will decide to make your record available to health insurance companies when assessing your premium. Suddenly every health check/issue you ever had will be used as a justification to charge you more for health insurance.

Thats a good point. We had health insurance for years but got rid of it as it was too expensive and only used if for discounts on dental anyway. Now we just have ambulance cover but as we get older will probably need to get it again one day

Every person in the medical profession will have access to your record. You will be notified of anyone that accessess your records BUT you wont be told who that is, just a notification saying someone has accessed the records. Yes it is confirmed that health insurance companies will have access and its a known fact police access this type of data base illegally.

It may also involve employers down the track being able to acess these records for medical checks before being employed to work. Such things as this to think about and what else may occurr in the future. The guy running this scheme started care.data in the uk which was shut down in 2016. Should read. They were selling the private records to marketing companies. People were getting unsolicited marketing from drug companies for their conditions.

To be honest, I wasn't even aware of this whole thing until I saw this thread a week ago and then a news story yesterday.

Your not the only one. Apparently even people in the medical profession didnt know his was happening. The government has been so secretive about this that almost all the people my family n friends know and theirs didnt know and some still dont.

I chose to opt out after seeing that Telstra and other 3rd party IT businesses already had access.

Imagine my surprise when I tried to opt out and the screen said "You can't opt out as you already have created a record".

No, I hadn't. Apparently anyone living in North Queensland have already had their records created, so I had to go through MyGov to delete it.

I opted out. Rang up and got an indian woman, so i asked if i could be transfered to an australia call centre. She told me she was in SA adeliade. Didnt want my info going over seas. It was quick n easy and only needed my medicare number no license.

The medical info on the web site is being hosted overseas. No or different legislation over there? What will happen?

I opted out (just minutes ago)

Did it over the phone so I didnt have to put my driv. Lic. Number over the net.

Once you got through the irritating computer voice and bad elevator music, a very pleasant australian voice took two minutes, sent a confirmation email, and I was opted out.

Even if you have a record and cancel it, they still keep it for 30 years, that worried me

:D

It appears the opt out option will be extended to end of January 2019 (was 15th November 2018).

I honestly dont understand why people are so worried about this. I think this is fantastic! Have a look at this article (https://www.abc.net.au/news/science/2018-07-16/my-health-record-experts-say-its-safe-privacy-concerns-remain/9981658) for instance. I think there is a lot of misinformation out there.

I honestly dont understand why people are so worried about this. I think this is fantastic! Have a look at this article (https://www.abc.net.au/news/science/2018-07-16/my-health-record-experts-say-its-safe-privacy-concerns-remain/9981658) for instance. I think there is a lot of misinformation out there.

Its the possibility of the records getting hacked and private info being leaked to everyone which is driving this fear, in my opinion.

I work in IT and everyone keeps asking me my thoughts as well.

I guess this is why online data is such a two-edged sword. Its great from an accessibility perspective because it means other medical practitioners can get your details at very short notice so useful in emergencies, other states, etc. The flipside of course being that if their databases ever did get hacked then thats a LOT of privacy breaches (and class actions to follow I would suspect).

However if we think about this logically, the risk is no different to other everyday life aspects. We all love PayPass due to its easy 'tap-and-go' functionality, but if your card gets stolen that gives easy access to your money (in smaller quantities anyway). Someone could fish through your rubbish and grab your private documents and use you in identity theft. And in the IT world, everyone uses emails but viruses and spam and malware still can infect machines; Facebook and other social media profiles can be used for catfishing, etc.

Heck, you could argue a downside to ANYthing easily enough. It all comes down to personal preference.

For those who want to opt out, great. For those who want to keep their records on line, great too. Such is the power of democracy and choice. I certainly won't be judging people's opinions on this matter :)

I honestly dont understand why people are so worried about this. I think this is fantastic! Have a look at this article (https://www.abc.net.au/news/science/2018-07-16/my-health-record-experts-say-its-safe-privacy-concerns-remain/9981658) for instance. I think there is a lot of misinformation out there.Yeah, but the same organisation just yesterday was insisting that everything was fine while their entire opt-out website had crashed.

For my part, I have 2 big concerns here: first, what happened to Andie Fox (https://www.abc.net.au/news/2018-05-31/privacy-precedent-what-can-the-government-reveal-about-us/9816700). As long as there's a government in charge who will use highly dubious overextensions of what are supposed to be highly restricted powers, to release sensitive private information in response to criticism, I don't want them having any more of my information than is absolutely necessary. I mean, this is the same mob who couldn't even run the freaking Census. No way am I trusting them with my complete medical history.
Secondly, the data isn't just available to medical services. It's also available to private/corporate interests - it was one of the original design features from the British model they copied it from, which was shut down after insurance companies and pharmaceutical outfits started abusing it. It's not just about 'being hacked', it's about the broad array of organisations who can access it legitimately, for purposes that are not necessarily in my best interests.

Having all of your medical advice readily available is a good idea, as long as it's treated carefully, responsibly, with adequate safeguards and oversight and only for the patient's medical benefit. But that's not what this is. This is more or less like giving Facebook all your medical data, only if Mark Zuckerberg had already unapologetically doxxed people who p***ed him off.

Yeah, but the same organisation just yesterday was insisting that everything was fine while their entire opt-out website had crashed.



That is not indicative of the security of the data though. As an example, the ATO has had a lot of issues with websites/programs crashing from strain in the past. However, when was the last time you heard that the ATO was hacked and taxpayer data was stolen? Never, it just won't happen or is exceptionally unlikely to happen.

In my mind the rewards far outweigh the risks, especially with young kids. I love the idea that no matter where I am in the country, if I take my kids to a doctor they can look up their medical history.

That is not indicative of the security of the data though. As an example, the ATO has had a lot of issues with websites/programs crashing from strain in the past. However, when was the last time you heard that the ATO was hacked and taxpayer data was stolen? Never, it just won't happen or is exceptionally unlikely to happen.


The weak link though is that a lot of medical practices are small businesses run by doctors (or you know, equivalents) who are far from IT experts. One well trodden path for hackers to gain credit card details is the IT systems in medical practices with little or no IT security... and now they’re being given access to this database. The ATO system doesn’t provide that same access to small businesses.

That is not indicative of the security of the data though. As an example, the ATO has had a lot of issues with websites/programs crashing from strain in the past. However, when was the last time you heard that the ATO was hacked and taxpayer data was stolen? Never, it just won't happen or is exceptionally unlikely to happen.

In my mind the rewards far outweigh the risks, especially with young kids. I love the idea that no matter where I am in the country, if I take my kids to a doctor they can look up their medical history.Blatantly denying it even while the website is still down doesn't exactly inspire confidence in their ability to acknowledge and then fix problems though.
Much less when the problems are a design feature rather than just a screw-up, which sort of brings us back to Problem #2 - it's not just hackers who are the risk here (https://www.watoday.com.au/healthcare/hidden-conflict-my-health-record-boss-privately-giving-advice-to-health-firms-20181107-p50eh9.html?fbclid=IwAR3A4w5OYXP4AUfuEMFx459Iu--1_FupzMoRnSe3ThyqiuMvHejs1DGBHNM). This isn't 'what flavour of pizza do you like?' or 'what Game of Thrones character are you?' level information we're talking here, this is literally your whole medical record.

I hope you're right and I hope it is all harmless, to be used for our own good. It's a good idea, as long as it's not abused. Current trends suggest it probably will be, one way or the other.:(

Privacy is a massive legit concern.

In my case, contracted a hideous big toe thumb from Megan Fox.

Anyone in the medical profession can look up your records. You will not be notified who has accessed your records but will be notified that "someone" has.

Its good if you have allergies to medicine and other drs can look it up.

I can just see the future of insurance companies wanting in on the records.

In Singapore it was already hacked.
Very big issue.

Thread Necromancy due to relevance.

It's been super quiet in the media, but for those who are still unaware (as I was until yesterday), today is the final day for Opting Out of the My Health Record. After today, the Government will create one for everyone who hasn't Opted Out of this.

I had a very informed read of this last night and a good discussion with my other half and we are deciding not to Opt Out. The privacy and security appears solid (as solid as you can for a new system anyway) and the potential benefits, for us, outweigh the risks, along with the access control they're saying users will have.

Im not too concerned. According to the news this morning, the government has announced that you can still choose to opt out after today if you choose to do so.

I'm concerned that the guy running the show was running the UK system that was shut down for selling information to big pharma. (at least that's what I've heard happened)

I've also not seen an e-system implemented in Australia, properly handle throughput, or peak loads successfully in my entire life without some failure.

I know how hard we and the Gov. work to keep military information however trivial secret/not shared with people who don't need to see it. And that's a network of people who are threatened by fines, loss of jobs, jail time, or companies losing multi million dollar contracts.

I can see staff at random pharmacy/doctors office being blasé and not properly storing, saving or recording personal health data. sure doctors and nurses can be relied upon, mostly, but they will have no choice to palm off this work to staff who aren't invested.