University of Canberra assistant law professor Bruce Arnold also drew comparisons to the UK, saying the government had learnt nothing from the UK “trainwreck”.
“In the UK patients, health practitioners, IT specialists and privacy lawyers alike condemned inadequate governance, misunderstanding of risk and disregard for patient autonomy,” Prof Arnold said.
He said the UK had “belatedly heeded those criticisms” but Australia had not.
“The risks of an insecure system that conscripts patients — and assumes de-identification will enable problem-free sale of bulk health data — greatly outweigh those benefits,” he said.
Prof Arnold said the legal protection for patient privacy and the IT framework was “inadequate”.
“Official expectations that many patients will understand security settings are naive,” he said.
“MyHR has been sadly oversold. There’s been little effort to provide patients with the basis for meaningfully informed consent.
“That threatens the most fundamental aspect of public health: trust.”As I've indicated in pieces such as that here and on Twitter, there's a compelling public good in a coherent, respectful and effective national e-health system. Regrettably MyHR is not that system and we need to think hard about fundamental deficiencies in its design and implementation.