Issues Paper 31

61.13 In the Issues Paper, Review of Privacy (IP 31), the ALRC asked whether electronic health information systems require specific privacy controls over and above those provided in the Privacy Act or the draft National Health Privacy Code.[15] Submissions in response to IP 31 drew a distinction between electronic health information systems that simply stored health information in electronic form or transmitted information in electronic form, and those systems that centralised an individual’s health information and allowed a number of different health service providers to access that information—in particular, the proposal to develop a national SEHR scheme.

Electronic health information systems

61.14 In its submission, the Western Australian Department of Health noted that:

Electronic health information systems pose risks to privacy because of the speed and reach of information transfer. However, they also provide new opportunities to increase individual control and to improve security and the ability to audit access to information. Arguably, the privacy issues with electronic systems are not different in kind from those relating to paper-based systems of information storage and general principles are usually appropriate. However, the principles must be informed by a thorough knowledge of electronic storage and transfer practices.[16]

61.15 The Office of the Information Commissioner (Northern Territory) agreed that high-level privacy principles should be sufficient.

The Privacy Act and privacy principles do not, and should not, attempt to prescribe detailed requirements for any particular project. They operate at a higher level. Likewise, a national code would operate at a high level and should be reviewed only infrequently. It would be inappropriate to single out electronic health systems for prescriptive treatment that may prove unable to cope with technological changes that appear in a few years time.[17]

61.16 The Victorian Office of the Health Services Commissioner stated that the provisions of the Health Records Act 2001 (Vic) deal adequately with electronic health information systems.[18]

National shared electronic health records

61.17 In its submission, DOHA acknowledged that:

National e-health systems such as Unique Health Identifiers (UHIs) and the Shared Electronic Health Record (SEHR) will significantly change the way health information is handled in the provision of healthcare services. They will lead to greater aggregation of health information which is more searchable. More information about an individual will be potentially available to many more people. The development of these systems will create new opportunities over time for examining this information for the benefit of the individual concerned and the community as a whole, but also carry the possibility of misuse.[19]

61.18 DOHA noted that, for these systems to realise their potential benefits, a high level of public trust and confidence will be necessary. DOHA was of the view that specific legislation providing clarity, certainty, and predictability will be necessary to build and maintain this trust and confidence. In DOHA’s view, legislation should set out the purposes and permitted uses of UHIs and SEHRs and, in addition, could address the following issues:

  • the establishment of a standing governance body or bodies to oversight the management and operation of specified e-health systems;

  • who has control over the information collected and how this will be exercised;

  • eligibility criteria, rights and requirements for participation in specified e-health systems by consumers and providers;

  • limitations on the personal information that may be collected in relation to specified e-health systems;

  • the rights of individuals to exercise control over information held about them and to access and correct this information;

  • restrictions on the use or disclosure of the information collected and any penalties for improper use or disclosure;

  • rules and decision-making processes governing the secondary use of information;

  • prohibitions on function creep or the mechanisms to authorise any changes in use;

  • arrangements for ensuring data quality and security of records containing personal information;

  • arrangements for access to records and audit logs by the individual concerned or their authorised representative;

  • remedies for improper access and use, including complaints mechanisms; and

  • arrangements for enforcing compliance with the standards for interoperability in the healthcare sector that are proposed to be published by the National E-Health Transition Authority (NEHTA).[20]

61.19 In its submission, the OPC also considered the proposal to establish SEHRs and expressed the view that such systems ‘should be accompanied by specific legislative measures to ensure community confidence that personal health information will be handled privately’.[21] In the OPC’s view, such legislation should provide for:

  • participation on an opt-in basis;

  • the primary uses of data;

  • a designated authority and processes for approval of secondary uses of data;

  • consent processes; and

  • sanctions and complaint mechanisms.

61.20 NEHTA submitted that it may be desirable to develop specific legislation to support these new initiatives where they raise issues that fall outside the ambit of statutory privacy regimes, such as governance.[22]

[15] Australian Law Reform Commission, Review of Privacy, IP 31 (2006), Question 8–5.

[16] Department of Health Western Australia, Submission PR 139, 23 January 2006.

[17] Office of the Information Commissioner (Northern Territory), Submission PR 103, 15 January 2007.

[18] Office of the Health Services Commissioner (Victoria), Submission PR 153, 30 January 2007.

[19] Australian Government Department of Health and Ageing, Submission PR 273, 30 March 2007.

[20] Ibid.

[21] Office of the Privacy Commissioner, Submission PR 215, 28 February 2007.

[22] National E-health Transition Authority, Submission PR 145, 29 January 2007.