Post by Banjo on Mar 22, 2011 20:46:29 GMT 7
Privacy fear over agencies' mega-merger: Medicare, Centrelink data plan
MEDICARE and Centrelink are involved in an Orwellian mega-merger that will strengthen data linkages to citizens'personal information, say consumer advocates.
The changes -- part of the Gillard government's service delivery reform program -- are in the Human Services legislation amendment bill 2010. After a three-week inquiry, the Senate Community Affairs committee is due to report on the bill today.
Australian Privacy Foundation health spokeswoman Juanita Fernando said the bill was geared more towards delivering an Orwellian society than citizens' services. "I am amazed the government has not told Australians that integration of Medicare and Centrelink services under a single shopfront will result in many new linkages of data," Dr Fernando said.
"The bill is dreadful. Data linkages have already commenced.
"We are concerned more linkages between Medicare, which hosts the centralised repository of individual healthcare identifiers, and Centrelink is the thin edge of the wedge."
Parliamentary secretary for community services Julie Collins said integration into a single department would bring together back-office functions to improve efficiency, reduce costs and free up staff.
"Increased self-service options will allow people to manage their own affairs, including through expanded online services," Ms Collins said, adding that the government was conscious of the need to protect customer data. "Importantly, any new sharing of customer data within the integrated department will occur only with customer consent.
"We are particularly aware of the trust Australians place in Medicare's management of their clinical information. For this reason, clinical data will be excluded from any data sharing under service delivery reform."
But Dr Fernando said the bill made no reference to the rich Individual Healthcare Identifier database and possible ramifications for access to services.
New information supplied by Human Services to the Senate inquiry had raised further concerns. "(The bill) empowers the department to seize computer equipment that potentially contains large numbers of patient records," she said. "One's personal information is no longer limited to 600,000 health professionals (via the IHI service). Now it is available to an additional 27,000 Centrelink employees and agents and access points employing any number of staff."
The Consumer Health Forum was concerned the bill "substantially reduced" Medicare's obligation to notify patients when their medical records were seized during the course of an investigation, chief executive Carol Bennett said. The bill says it would be "onerous and expensive" to notify patients where large numbers of records were seized, and could cause needless worry. Medicare would only be required to contact individuals when clinical information was exposed. "Australians assume the information Medicare holds about them will be protected and they will be informed of any atypical access to it," Ms Bennett said.
"CHF is concerned that if Medicare has the power to seize and examine records without being required to notify patients, there will be more inappropriate access to information."
Liberty Victoria spokesman Tim Warner said provisions for an individual's right to privacy were weak and piecemeal, and controls over data-matching would be "even more pathetic" when all the databases were held by one department and accessed from one set of terminals.
"The most mealy-mouthed promise is that many databases will only be linked at the customer’s request," Mr Warner said.
"It doesn't require the screen-writing talents of James Cameron to envisage a pensioner who is dependent on the case officer's goodwill for food and shelter being asked: 'May I link your pension record with your other records?' It would a brave soul who answered no."
Mr Warner said a stronger privacy culture was needed before such a bill was contemplated, including criminal penalties for those selling or misusing personal data.
Australian Privacy Commissioner Timothy Pilgrim said the merged department was expected to have appropriate protocols in place covering the handling of personal information.
"We understand that, if the bill is passed, Medicare intends to update its investigations protocols and will consult with us during this process,'' Mr Pilgrim said.
The Privacy Commissioner's Office was paid $412,500 to provide Human Services with privacy advice for the year to January 31.
More than $11 million has been paid to consultants and advisers on the service delivery reform project over the past two years, with Boston Consulting pocketing $6.75m for a business framework, $1.1m for a business plan, and another $616,000 for strategic advice.
KPMG was paid almost $975,000 for management advisory services.
www.theaustralian.com.au/australian-it/privacy-fear-over-agencies-mega-merger-medicare-centrelink-data-plan/story-e6frgakx-1226025592629
MEDICARE and Centrelink are involved in an Orwellian mega-merger that will strengthen data linkages to citizens'personal information, say consumer advocates.
The changes -- part of the Gillard government's service delivery reform program -- are in the Human Services legislation amendment bill 2010. After a three-week inquiry, the Senate Community Affairs committee is due to report on the bill today.
Australian Privacy Foundation health spokeswoman Juanita Fernando said the bill was geared more towards delivering an Orwellian society than citizens' services. "I am amazed the government has not told Australians that integration of Medicare and Centrelink services under a single shopfront will result in many new linkages of data," Dr Fernando said.
"The bill is dreadful. Data linkages have already commenced.
"We are concerned more linkages between Medicare, which hosts the centralised repository of individual healthcare identifiers, and Centrelink is the thin edge of the wedge."
Parliamentary secretary for community services Julie Collins said integration into a single department would bring together back-office functions to improve efficiency, reduce costs and free up staff.
"Increased self-service options will allow people to manage their own affairs, including through expanded online services," Ms Collins said, adding that the government was conscious of the need to protect customer data. "Importantly, any new sharing of customer data within the integrated department will occur only with customer consent.
"We are particularly aware of the trust Australians place in Medicare's management of their clinical information. For this reason, clinical data will be excluded from any data sharing under service delivery reform."
But Dr Fernando said the bill made no reference to the rich Individual Healthcare Identifier database and possible ramifications for access to services.
New information supplied by Human Services to the Senate inquiry had raised further concerns. "(The bill) empowers the department to seize computer equipment that potentially contains large numbers of patient records," she said. "One's personal information is no longer limited to 600,000 health professionals (via the IHI service). Now it is available to an additional 27,000 Centrelink employees and agents and access points employing any number of staff."
The Consumer Health Forum was concerned the bill "substantially reduced" Medicare's obligation to notify patients when their medical records were seized during the course of an investigation, chief executive Carol Bennett said. The bill says it would be "onerous and expensive" to notify patients where large numbers of records were seized, and could cause needless worry. Medicare would only be required to contact individuals when clinical information was exposed. "Australians assume the information Medicare holds about them will be protected and they will be informed of any atypical access to it," Ms Bennett said.
"CHF is concerned that if Medicare has the power to seize and examine records without being required to notify patients, there will be more inappropriate access to information."
Liberty Victoria spokesman Tim Warner said provisions for an individual's right to privacy were weak and piecemeal, and controls over data-matching would be "even more pathetic" when all the databases were held by one department and accessed from one set of terminals.
"The most mealy-mouthed promise is that many databases will only be linked at the customer’s request," Mr Warner said.
"It doesn't require the screen-writing talents of James Cameron to envisage a pensioner who is dependent on the case officer's goodwill for food and shelter being asked: 'May I link your pension record with your other records?' It would a brave soul who answered no."
Mr Warner said a stronger privacy culture was needed before such a bill was contemplated, including criminal penalties for those selling or misusing personal data.
Australian Privacy Commissioner Timothy Pilgrim said the merged department was expected to have appropriate protocols in place covering the handling of personal information.
"We understand that, if the bill is passed, Medicare intends to update its investigations protocols and will consult with us during this process,'' Mr Pilgrim said.
The Privacy Commissioner's Office was paid $412,500 to provide Human Services with privacy advice for the year to January 31.
More than $11 million has been paid to consultants and advisers on the service delivery reform project over the past two years, with Boston Consulting pocketing $6.75m for a business framework, $1.1m for a business plan, and another $616,000 for strategic advice.
KPMG was paid almost $975,000 for management advisory services.
www.theaustralian.com.au/australian-it/privacy-fear-over-agencies-mega-merger-medicare-centrelink-data-plan/story-e6frgakx-1226025592629