Tuesday, 19 June 2012
Personally Controlled Electronic Health Records Bill 2011
I table a supplementary explanatory memorandum relating to the government amendments to be moved to these bills. The memorandum was circulated in the chamber on 8 May 2012. I seek leave to move government amendments (1) to (32) on sheet CN235 together.
I move government amendments (1) to (32) on sheet CN235:
(1) Clause 5, page 8 (line 15), omit "amended.", substitute "amended; or".
(2) Clause 5, page 8 (after line 15), at the end of the definition of Ministerial Council, add:
(c) if that Agreement is not in force—the COAG council (however described) responsible for health matters.
(3) Clause 5, page 11 (line 1), before "System", insert "performance of functions under this Act by the".
(4) Clause 9, page 17 (line 26) to page 18 (line 3), omit subclause (3), substitute:
(3) Each of the following is identifying information of an individual, other than an individual in the capacity of a healthcare provider:
(a) if applicable, the Medicare number of the individual;
(b) if applicable, the Veterans' Affairs Department file number of the individual;
(c) the name of the individual;
(d) the address of the individual;
(e) the date of birth, and the date of birth accuracy indicator, of the individual;
(f) the sex of the individual;
(g) if the individual was part of a multiple birth—the order in which the individual was born;
Example: The second of twins.
(h) if applicable, the date of death, and the date of death accuracy indicator, of the individual.
(5) Page 18 (after line 25), at the end of Part 1, add:
13A System Operator may arrange for use of computer programs to make decisions
(1) The System Operator may arrange for the use, under the System Operator's control, of computer programs for any purposes for which the System Operator may make decisions under this Act.
(2) A decision made by the operation of a computer program under an arrangement made under subsection (1) is taken to be a decision made by the System Operator.
(6) Clause 15, page 21 (after line 5), after paragraph (m), insert:
(ma) to prepare and provide de identified data for research or public health purposes;
(7) Clause 38, page 32 (after line 20), at the end of the clause, add:
(3) The health information referred to in subsection (2) in relation to a consumer may include the name of one or more healthcare providers that have provided healthcare to the consumer.
(8) Clause 44, page 35 (line 30), after "provider", insert "organisation".
(9) Clause 51, page 40 (lines 9 to 12), omit subclause (2), substitute:
Cancellation or suspension if consumer no longer eligible, etc.
(2) The System Operator may, in writing, decide to cancel or suspend the registration of a consumer if:
(a) the System Operator is no longer satisfied that the consumer is eligible to be registered; or
(b) the System Operator is no longer satisfied, having regard to the matters (if any) specified in the PCEHR Rules, that the identity of the consumer has been appropriately verified; or
(c) the System Operator is satisfied that, unless the registration of the consumer is cancelled, the security or integrity of the PCEHR system may be compromised, having regard to the matters (if any) prescribed by the PCEHR Rules; or
(d) the System Operator is satisfied that the consent referred to in subsection 41(3) in relation to the consumer has been withdrawn; or
(e) the System Operator is satisfied that the consent referred to in subsection 41(3) in relation to the consumer was given by an authorised representative or nominated representative of the consumer, and:
(i) the authorised representative or nominated representative who gave the consent ceases to be an authorised representative or nominated representative of the consumer; and
(ii) the System Operator requests the consumer to give consent of the kind referred to in subsection 41(3); and
(iii) the consumer does not, within a reasonable period, give the consent.
(10) Heading to subclause 51(4), page 40 (line 26), omit "whether consumer eligible", substitute "action in relation to consumer's registration".
(11) Clause 51, page 40 (line 29), omit "whether a consumer is eligible to registered", substitute "whether to take action under subsection (2) in relation to the consumer's registration".
(12) Heading to subclause 51(5), page 41 (line 1), omit "whether other entity eligible", substitute "action in relation to entity's registration".
(13) Clause 51, page 41 (lines 3 to 8), omit all the words from and including "consumer" to and including "registration", substitute "consumer while the System Operator investigates whether to take action under subsection (3) in relation to the entity's registration".
(14) Clause 58, page 46 (line 9), omit "has applied", substitute "is applying, or has applied,".
(15) Clause 58, page 46 (lines 29 and 30), omit "has applied", substitute "is applying, or has applied,".
(16) Clause 73, page 57 (lines 6 to 15), omit the clause, substitute:
73 Contravention of this Act is an interference with privacy
(1) An act or practice that contravenes this Act in connection with health information included in a consumer's PCEHR or a provision of Part 4 or 5, or would contravene this Act but for a requirement relating to the state of mind of a person, is taken to be:
(a) for the purposes of the Privacy Act 1988, an interference with the privacy of a consumer; and
(b) covered by section 13 or 13A of that Act.
(2) The respondent to a complaint under the Privacy Act 1988 about an act or practice, other than an act or practice of an agency or organisation, is the individual who engaged in the act or practice.
(3) In addition to the Information Commissioner's functions under the Privacy Act 1988, the Information Commissioner has the following functions in relation to the PCEHR system:
(a) to investigate an act or practice that may be an interference with the privacy of a consumer under subsection (1) and, if the Information Commissioner considers it appropriate to do so, to attempt by conciliation to effect a settlement of the matters that gave rise to the investigation;
(b) to do anything incidental or conducive to the performance of those functions.
(4) The Information Commissioner has power to do all things that are necessary or convenient to be done for or in connection with the performance of his or her functions under subsection (3).
Note: An act or practice that is an interference with privacy may be the subject of a complaint under section 36 of the Privacy Act 1988.
(17) Page 57 (after line 16), at the end of Division 4, add:
73A Information Commissioner may disclose details of investigations to System Operator
The Information Commissioner is authorised to disclose to the System Operator any information or documents that relate to an investigation the Information Commissioner conducts because of the operation of section 73, if the Information Commissioner is satisfied that to do so will enable the System Operator to monitor or improve the operation or security of the PCEHR system.
(18) Page 57, after proposed clause 73A, insert:
73B Obligations of System Operator in relation to correction, etc.
(1) The System Operator may, in order to meet its obligations under the Privacy Act 1988 in relation to the correction and alteration of records:
(a) request a participant in the PCEHR system to correct personal information contained in a record included in the PCEHR system and, if the participant does so, to upload the corrected record to the PCEHR system; and
(b) if the participant refuses to do so—direct the participant to attach to the record a note prepared by the consumer in relation to personal information included in the record, and to upload the record and note to the PCEHR system.
(2) A participant in the PCEHR system who is given a direction under paragraph (1)(b) must comply with the direction.
(19) Clause 74, page 58 (line 9), after "provider", insert "organisation".
(20) Clause 76, page 60 (line 10), after "provider", insert "organisation".
(21) Clause 77, page 60 (line 16), before "The", insert "(1)".
(22) Clause 77, page 60 (after line 29), at the end of the clause, add:
(2) Despite subsection (1), the System Operator is authorised, for the purposes of the operation or administration of the PCEHR system:
(a) to hold and take such records outside Australia, provided that the records do not include:
(i) personal information in relation to a consumer or a participant in the PCEHR system; or
(ii) identifying information of an individual or entity; and
(b) to process and handle such information outside Australia, provided that the information is neither of the following:
(i) personal information in relation to a consumer or a participant in the PCEHR system;
(ii) identifying information of an individual or entity.
(3) This section does not limit the operation of section 99.
(23) Clause 97, page 73 (line 28), after "must", insert "take such steps as are reasonably necessary in the circumstances to".
(24) Clause 99, page 76 (line 17), after "provider", insert "organisation".
(25) Clause 105, page 80 (line 9), omit "operator", substitute "organisation".
(26) Clause 105, page 80 (line 12), omit "provider operator", substitute "provider organisation".
(27) Clause 108, page 84 (after line 2), after subclause (4), insert:
(4A) Without limiting the matters to be covered by the review, the review must consider the following matters:
(a) the identity of the System Operator;
(b) alternative governance structures for the PCEHR system;
(c) the opt in nature of the PCEHR system, including the feasibility and appropriateness of a transition to an opt out system.
(28) Heading to subclause 109(2), page 85 (line 7), omit "jurisdictional advisory committee", substitute "committee and council".
(29) Clause 109, page 85 (line 9), after "committee", insert "and the independent advisory council".
(30) Clause 109, page 85 (line 10), after "committee", insert "or the independent advisory council".
(31) Clause 109, page 85 (after line 30), after subclause (4), insert:
PCEHR Rules may relate to agreements
(4A) The PCEHR Rules may specify that a person must enter into a specified kind of agreement in order to be, and remain, a registered healthcare provider organisation, registered repository operator, registered portal operator or registered contracted service provider.
(32) Clause 109, page 86 (after line 27), after subclause (7), insert:
PCEHR Rules may relate to research
(7A) The PCEHR Rules may specify requirements with which the System Operator and other entities must comply in relation to the preparation and provision of de identified data for research or public health purposes.
During the debate, Minister, concerns were raised, particularly in relation to privacy, by Senator Boyce and me. Is the government assured that the provisions contained in the amendments go fully to addressing privacy concerns that have been raised not just here but as part of the inquiry by the Senate Community Affairs Legislation Committee. They are of concern and have been of concern throughout this whole process. I really just want to hear, Minister, your assurance that that is the case, particularly in relation to the concerns that were raised in relation to the powers of the Australian Information Commissioner.
The e-health record system will have bank-strength security features, including extremely strong encryption and firewalls. These protections are in line with the very high standards required by both the Department of Defence and the Attorney-General's Department. Paper based records, as we know, can be copied, stolen or modified without anyone knowing. With the e-health record system patients will be able to view a log that shows them every occasion on which their record has been accessed or changed and by whom. Consumers will need a secure password to access the system, which they can invent themselves. The password will then be encrypted, as with internet banking. For even more security, when you log on you will have to enter a personal question to confirm your identity. On top of this, the system will automatically log you off if your session is inactive. As for the question about privacy and security, they are fundamental to the effectiveness of an e-health record system. Unlike the former government's proposal, as I recall, this one is personally controlled, and I think that gives enormous power to the health consumer to manage their personally controlled electronic health record—something that will give the community confidence in the system, which I am sure we are all looking for.
I understand that, under these amendments, the role of the system operator in providing de-identified data for research and public health purposes will be clarified, with the objective that the aggregate data be used to improve understanding of population health issues. Again in relation to privacy, when the system is accessed for the purposes of de-identifying data, will that also be covered by the legislation in terms of logging in and logging off? One accepts the logging-in and logging-off where it is a medical practitioner accessing the information. But, with this broader scope, do those provisions ensure that those privacy concerns are met even where the data is used in that manner?
The amendments specify that it is a function of the system operator to prepare and disclose de-identified data for research or public health purposes. The amendments also provide that the minister can make rules to specify requirements with which the system operator must comply when preparing and providing de-identified data. The system operator will be authorised to delegate this function to a Public Service employee of the Department of Health and Ageing, the Chief Executive of Medicare or any other person with the consent of the minister. Despite any delegation functions, the system operator will ultimately be responsible for this function.
It is intended that the rules will provide detailed requirements regarding the manner in which the system operator de-identifies data and discloses it to requesting parties. For example, it will be critical to set rules in respect of de-identifying the information of small populations to ensure persons are not directly or indirectly identifiable. It is likely that the requirements will draw on existing requirements developed by the National Health and Medical Research Council ethics committee or the Aboriginal Health and Medical Research Council. The rules may also provide criteria that the system operator must consider in determining whether or not to disclose the requested de-identified data.
Can you outline some of the provisions in relation to strengthening the consent arrangements in the legislation? Could you provide just a little bit more information on that, thank you, and on the circumstances in which those provisions in the amendments will strengthen those consent arrangements?
Could I ask you to be a little more specific, Senator, so I know exactly what issue it is I am trying to address. There are general provisions in the legislation around consent, as you understand. I am trying to accurately answer your question, so I would not mind knowing what you are really asking.
I do not have it in front of me, but in the Senate committee inquiry there were concerns raised about the consent arrangements. If the officials have other information and want a bit more time to get it, I have some other questions, if that would help, Parliamentary Secretary. The officials could have a look and maybe come back.
That would probably give them a little bit more time. I wanted to address some of the issues about the launch that were raised in the article in today's Australian. The article refers to the launch being 'on hold'. Do we know when that launch at St Vincent's Hospital will take place?
The federal government have been building the infrastructure for a national e-health record system that will allow consumers to set their own computer-based electronic health records. The infrastructure has been built and it is going through the final stages of rigorous testing at the moment. This is about developing the foundations of the system carefully and systematically. We are determined to get it right and to ensure that the system is rolled out properly, phased in over time. The minister has always said that that is what the government would do—and, in the debate on the legislation both here and in the other place, many of those opposite endorsed that approach.
We know this is a complex area of reform and that a national e-health record system will continue to build over time as consumers and healthcare providers join the system. We have been working closely with consumers, healthcare providers and others to get that right, and we will continue to do so.
Do I take it that the launch that was planned at St Vincent's Hospital in Sydney for Monday, 2 July, which was to be the first working day of the new system, (1) has been cancelled and (2) has no replacement date?
I will get you some detail on that. To be frank, we are talking about bringing in a fundamental change to the way we provide health services in this country. We are bringing in a massive reform which will improve the health outcomes of Australian health consumers. I think Australians who are interested in their health will be far more interested in whether or not they get a quality personally controlled electronic health record rather than when there will be a launch.
But, Minister, the point is that this was all supposed to be ready, and I will not reiterate what Senator Boyce has said. One assumes that, if you have a system which will be rolled out and start from a particular day that it will start on that day. I appreciate your point about a launch but on 1 July, when people should be able to register for electronic health records, it is not likely to be operational. My question to you then is: when is the electronic records system likely to be operational?