Alert on health record access
Healthcare workers have raised new My Health Record privacy concerns.
Nurses have told reporters that a tradition of shared logins and open computers at some healthcare organisations mean unauthorised people could easily access sensitive health data, and the system would not know who it was.
For some, it adds to the growing list of concerns about the national e-health database.
“Some [computer] logins remain active for weeks, and an access credential issued to an individual is often used by multiple people,” a nurse has reportedly told the ABC.
The Australian Digital Health Agency (ADHA), which oversees My Health Record, says it enforces strict cybersecurity standards.
“All hospitals have a responsibility and requirement to protect the privacy and security of patients' data, regardless of whether it's held on their own systems or contained on My Health Record,” a spokesperson said.
The nurse said his hospital often had a logged-in computer open all day in an operating theatre.
“Where I work, it's easy to access pathology, medical imaging and medical records without identifying yourself,” he said.
Health Informatics Society Australia surveyed healthcare workers last year, and found 61 per cent of public hospital respondents and 69 per cent of private hospital respondents had “some shared or generic” computer user credentials.
The ADHA says “no unauthorised viewing” of any individual's health information has occurred in the My Health Record system to date.