The inquiry is separate to the Senate inquiry announced last week (see below) and is concerned with claims that Medicare card details are being sold on the internet.
The deadlines for public submissions to both inquiries is notably short.
Independent Review
The Independent Review involves Professor Peter Shergold (former Secretary of the Department of Prime Minister and Cabinet), Dr Michael Gannon (President of the Australian Medical Association), Dr Bastian Seidel (President of the Royal Australian College of General Practitioners) and Dr Kean-Seng Lim (Australian Medical Association). Unsurprisingly, the Review does not involve a consumer representative; privacy advocates and users of the health system will presumably contribute through responses to the Review consultation paper.
Members of the Review will be "examining access by health professionals to Medicare card numbers by using the Health Professional Online Services (HPOS) system or by calling" the Department of Human Services.
The Department states
The Australian Government wants to ensure the system is convenient and secure. The system hasn’t been significantly changed since its establishment 8 years ago.A 2014 ANAO report was noted here.
In July this year Dr Gannon was reported as worrying that the Medicare number data breach would undermine patient confidence in the much-criticised MyHealth Record (MyHR) system, with the AMA accordingly seeking an assurance that a similar breach could not occur with MyHR.
This is a deeply concerning development. It is so important that this information has integrity.
It’s so important, as it is with a paper record, as it is with other forms of communication about deeply personal matters that they are secure.
The electronic health record has the potential to reduce adverse drug reactions, to reduce unnecessary duplications of investigations, but to do all that, both doctors and patients need absolute confidence in the integrity of personal information.The Review's terms of reference and scope are -
The Review will consider the balance between appropriate access to a patient’s Medicare number for health professionals to confirm Medicare eligibility, with the security of patients’ Medicare card numbers.
The Review will examine and advise on:
- the type of identifying information that a person should be required to produce to access Medicare treatment in both urgent and non-urgent medical situations
- the effectiveness of controls over registration and authentication processes at the health provider's premises to access Medicare card numbers
- security risks and controls surrounding the provision of Medicare numbers across the telephone channel, and the online connection between external medical software providers and HPOS
- the sufficiency of control by patients and the appropriateness of patient notification regarding access to their Medicare number
- the adequacy of compliance systems to identify any potential inappropriate access to a patient’s Medicare number
- any other identified area of potential weakness associated with policy, process, procedures and systems in relation to accessibility of Medicare numbers.
Based on the examination of the issues above, the Review will make recommendations for immediate practical improvements to the security of Medicare numbers, while continuing to ensure people have access to the healthcare they need in a timely manner.
The Review may also make recommendations for medium to longer term changes, or at least the identification of areas that need further examination, to ensure the security of the system and protection of information of Australians.The consultation questions in the Independent Review's discussion paper are summarised as
1. Do patients have sufficient control and awareness of access to their Medicare card details?
2. What identifying information should patients have to produce to access health services?
3. Are the current access controls for HPOS sufficient to protect Medicare information and prevent fraudulent access?
4. What would the impact on health professionals be if they were required to move from an individual or site level PKI certificate to a PRODA account? Would any enhancements to PRODA be required for health professionals to accept it as a replacement?
5. If PRODA accounts and PKI certificates were to be suspended following a period of inactivity, what processes or alerts would the Department need to put in place? What would be a reasonable period of inactivity before accounts were suspended?
6. If delegate arrangements in HPOS were to be time limited, what processes or alerts would the Department need to put in place? What would be a reasonable period for delegate arrangements to last before they require review?
7. In what circumstances do health professionals need to make batch requests for Medicare card details through HPOS Find a Patient? Can such requests be limited to certain types of providers or health organisations? Should they be subjected to a higher level of scrutiny?
8. In what circumstances do health professionals require access to Medicare card numbers through the provider enquiries line? Could the provider enquiries line be made available in more limited circumstances?
9. Is the information available to health professionals regarding their obligations to protect Medicare card information (including the terms and conditions for accessing this information online) sufficiently clear and understood?
10. Should Medicare cards continue to be used as a form of evidence of identity?
11. How can Government build public awareness of why it is important for individuals to protect their Medicare card information?
12. Do you have any other comments about the Review Panel’s possible responses or any other matters relating to the Terms of Reference?Senate Inquiry
The Senate Finance and Public Administration Committees inquiry into 'The circumstances in which Australians’ personal Medicare information has been compromised and made available for sale illegally on the ‘dark web’' is concerned with
- any failures in security and data protection which allowed this breach to occur;
- any systemic security concerns with the Department of Human Services’ (DHS) Health Professional Online Services (HPOS) system;
- the implications of this breach for the roll out of the opt-out My Health Record system; Australian government data protection practices as compared to international best practice;
- the response to this incident from government – both ministerial and departmental;
- the practices, procedures, and systems involved in collection, use, disclosure, storage, destruction, and de-identification of personal Medicare information;
- the practices, procedures, and systems used for protecting personal Medicare information from misuse, interference, and loss from unauthorised access, modification, or disclosure; and
- any related matters.