Audit finds centralized database puts patient privacy at risk
A review of Australia’s controversial My Health Record scheme has concluded that it does, as experts have warned, present security risks to the public.
My Health Record is an electronic healthcare system designed to provide Australians with seamless healthcare across different medical services.
Earlier this year, it was changed from an opt-in to an opt-out scheme, despite concerns about privacy and security.
In its review of the system, published on Monday (November 25), the Australian National Audit Office (ANAO) concluded that the A$1.5 billion ($1 billion) project is “largely effective”, although poor management of shared cybersecurity risks, including inadequate controls over access to patients’ records, remains a pressing issue.
In terms of privacy, the ANAO found, emergency access to patients’ records was widely being misused.
“Monthly use of the function increased from 80 instances in July 2018 – prior to the transition to an opt-out model – to 205 instances in March 2019… in only 8.2% of instances was it used as intended,” reads the report.
Meanwhile,…