A government electronic health records system costing hundreds of millions of dollars, in preparation for a decade, is in a shambles this week as the newly-‘launched’ e-portal won’t even take the basic registrations online for which it was set up. As well, there’s doubts about how safe people’s private health information will be. CLA’s CEO Bill Rowlings reports…
Govt e-health system in shambles
The federal government’s e-health record system is in a shambles. Three days after launch day, it isn’t working.
Australian Medical Association president Steve Hambleton described the “launch” as akin to “throwing a paper plane out the window at Cape Canaveral”.
If you want to sign up for an electronic record, you have three choices:
- by phone,
- in person, or
- in writing.
The one thing you can not do is sign up for an electronic health record online.
A note says: Login to the Consumer portal – available shortly.
Supposed to go live on 1 July, some media reports say it was only 40% completed on the due date. Apparently, the system went ‘live’ for a few hours, and was then pulled down.
At the time of writing (4 July, 11am), the system was useless. In fact, it may also be dangerous, if hacking reports are accurate.
The Australian is reporting that government’s e-health platform was hacked while being developed but the incident went undetected for several months. This apparently helped to delay delivery, resulting in only 40% of the system being ready by its July 1 launch date.
“The hacking incident raises issues of reliability and security of the system as people start to register for an e-health record that would contain their personal details and health information such as medications, allergies and immunisation details,” the newspaper said. “According to sources close to the Department of Health and Ageing, the hacking incident occurred while the PCEHR system was being built late last year, but (lead contractor) Accenture discovered it only four months ago.”
The National e-Health Transition Authority (as it then was: it has since dropped “transition” from its name) and Health were apparently informed that basic security procedures around firewalls and passwords were not followed, leading to the hacking incident, the newspaper said.
The PCEHR has been promoted as a secure electronic summary of people’s medical history stored and shared in a “network of connected systems”.
The project has been plagued by delays, waste of money, blind alleys and the inability of the two managing enterprises – NEHTA, which is overseeing the project, and the Health Department – to pay attention to the “consultation” feedback they have received over the past five years from organisations like Civil Liberties Australia and the Australian Privacy Foundation.
Even when the system goes lives, and “works”, it will still have inbuilt privacy flaws which NEHTA/Health were alerted to, but ignored. One fatal flaw is that the “one big database” approach is wrong.
A Health department spokeswoman said the two online channels would go-live again “soon”, although callers to the personally controlled e-health record (PCEHR) registration helpline were being told it could be available some time this week, the Australian wrote, quoting the spokesperson as saying: “The online channels were implemented briefly on Tuesday in order to test the performance of the system and related links in the live internet environment. The screens and processes available were the fully tested and production-ready versions, and (the go-live) was intended for localised piloting to test useability.”
Bill Rowlings is CEO of Civil Liberties Australia. He* was involved with many frustrating “consultation” processes with NEHTA and Health where their inability to listen and to hear was almost pathological.
(…*and many colleagues, also)