In a submission to the Senate Committee on the Healthcare identifiers Bill 2010, the Commissioner, Helen Versey said the Bill was “somewhat artificial and limited” as it dealt with arrangements around the healthcare identifiers but did not discuss broader privacy issues concerning e-health.
“The privacy risks involved in this identifier are largely, though not exclusively, related to the proposed use and disclosure of the identifier to link e-health records,” Ms Versey said.
She said it was not yet clear how the e-health system would be operated and managed or to whom identifiers would be disclosed.
“This makes it difficult to adequately assess whether the safeguards being instituted will ultimately be sufficient or effective,” she said.
“The National Health and Hospitals Reform Commission recommended that a person-controlled electronic health record should be available for each Australian, with the capacity for individuals to choose which healthcare providers and carers would have access to their person-controlled health records.”
Ms Versey said having Medicare operate the Healthcare Identifiers Service (HIS) posed a potential conflict of interest.
“While the stated intention is that the HIS will be a separate and new Medicare business, not linked to its funding or claims-for-payment functions, the fact that all of these functions will effectively be operated by the one organisation is likely to lead to a degree of public disquiet or concern about potential misuse,” she said.
Ms Versey suggested Medicare implement recommendations made by the Australian National Audit Office in its 2004-05 report before proceeding.
She said further clarity on whether State or Commonwealth Privacy Commissioners would have jurisdiction over privacy complaints relating to the HIS was also needed.
“A situation in which two separate regulators have jurisdiction, depending on which of them the individual happens to complain to, may create unnecessary confusion and allow ‘forum shopping’ on the part of complainants,” the Commissioner said.
Ms Versey said State and Territory privacy legislation should apply unless it did not exist, in which case Commonwealth legislation should apply.
She supported a number of offences for unauthorised use or disclosure of identifiers that were included in the Bill.
“I acknowledge that steps have been taken to ensure that privacy protections will apply to IHIs across all Australian jurisdictions,” Ms Versey said.
The submission was available from www.privacy.vic.gov.au.
---
Quelle/Source: PS News, 30.03.2010
Bitte besuchen Sie/Please visit:
