Staff Writer

Compliance audits dictate that healthcare institutions have complex needs when it comes to managing staff capabilities and related training as a result of critical systems implementation and National Safety and Quality Health Service standards (NSQHS) management. This means that Learning Management Systems (LMSs) are becoming increasingly important as is their quality and functional richness. The maturation of more robust and flexible educational technology standards, such as learning records management ‘Experience API (xAPI)’, also means institutions need to implement modern LMS that are being developed alongside the latest technologies. But, deploying an LMS can be daunting, especially for learning and development teams that are already facing work overloads. However, this can be simplified by: Assembling a representative, internal stakeholder group drawing from all the craft groups and key business units. Use them in the evaluation and keep them engaged in a governance role after deployment. Make them champions supporting the system internally. Choosing a good LMS, which should have strong standards support (SCORM, IMS, QTI, LTI and xAPI) and have a clear track record in healthcare and its problem space and a vector of ongoing development to keep up with trends in ICT. Choosing a good Ed Tech partner: There are specialist firms, usually with SaaS offerings. Look at their track record in healthcare and talk to clients about them. Look for one that offers close partnerships and expertise in the deployment and configuration of the LMS, and is not just a hosting service. Check their reputation for ongoing support. Planning out the project: Lean on your Ed tech partner for this as they would have done it over and over. Be sure to include a change management plan. Keep the project lean and don’t overcook it. An LMS deployment is not as complex as an EMR or Property Management System (PMS) one. Integrating HRIS and Single Sign Ons for process automation and change management. Automating key processes such as enrolment in mandatory training by job role. Focusing on the user: Ensure each type of user receives user experiences focused on their needs and make it as simple as possible.  Cooperating as a community of practice: Form a community with other institutions using the software to share ideas, resources and lobby. IMPROVED PROCESSES THOUGH INTEGRATION AND AI-STYLE AUTOMATION Hospitals such as Austin Health and Eastern Health have all created detailed user data integrations between their Human Resources Information Systems (HRIS), as well as their LMS and Single Sign On with identity management systems. The Single Sign On makes access to LMS easy for the user, but HRIS integration is key. The rich metadata on users such as their job roles, business units, associated cost centre data, their managers, their leave status, etc. all contribute for use in the LMS’ AI-style rules engine. For example, a ward nurse will have a set of key compliance training courses to do, such as basic life support. A nurse working in ICU will have others such as advanced life support. These rules can all be mapped into the LMS rules engine. As staff join the hospital workforce or move between roles, the relevant rights training will appear for them on the system. It will also make the difficult process of managing NSQHS compliance easier as the AI rules can be mapped to the NSQHS framework to ensure the right staff are trained in the right things and that reports track and demonstrate this achievement. COOPERATE: COMMUNITIES OF PRACTICE The LMS, once installed and configured, is like a living organism inside the institution’s ecosystem and needs ongoing nurture and governance. This is frequently overlooked, affecting the ROI expected from the investment. One way to keep that nurtured is to cooperate with other institutions using the software. For example, Austin Health and Eastern Health, along with other hospitals such as Royal Adelaide and Goulburn Valley are all members of the Totara Health User Group. This group meets every two months to share ideas and pursue strategic threads of interest. For example, a common pain point has been in the transfer of health professionals from one hospital to another. The group’s members have initiated an R&D project funded at a network and government level to use the modern xAPI Ed Tech standard and switchboard key compliance training records between their LMSs automatically. This has done away with the shoeboxes of printed certificates and time wasting of manual record keeping, letting the professionals focus on the important business of saving lives.   Alexander Roche is the Founder and Principal Educational Technologist for online learning infrastructure and services company, Androgogic.

NSW Health will soon roll out a new radiology information system and picture archiving and communication system (RIS-PACS) across 11 of its organisations. The organisations involved include nine local health districts, the Sydney Children’s Hospitals Network and NSW Health Pathology’s Forensic and Analytical Science Service, and aim to improve the way in which more than 1.8 million medical images are captured, used and archived across these organisations annually. The deployments, the result of a partnership with Swedish-based secure communications company Sectra, are expected to take around three years to roll out and follow a six-month proof-of-concept trial. Specifically, the platform provides more modern and improved services to patients, including SMS reminders for appointments and secure access to their images via an online portal. Benefits to clinicians include: image accessibility to healthcare professionals working in different hospitals and in remote locations; critical results management and radiation-dose tracking; improved security of patient information; integration with other NSW Health systems; and access to prior images to assist with diagnosis and referrals. The system involves a Sectra picture archiving and communication system (PACS), a radiology information system (RIS) provided by Kestral, and a critical result management system provided by Spok. NSW Health said that with more than a million medical images captured by the participating organisations every year, images need to be stored safely and be readily accessible for clinicians. “The new RIS-PACS platform will deliver benefits directly to patients by providing clinicians with improved access to imaging through a centralised image archiving and communication system,” it said. [Read more: NSW’s hospitals enroute to state-wide Electronic Record for Intensive Care (eRIC) implementation | Innovation remains at the centre of eHealth NSW and HealthShare NSW's strategy] eHealth NSW Chief Executive and NSW Health Chief Information Officer Dr Zoran Bolevich said the deployment is a “great example” of the collaboration between NSW Health and industry partners to deliver benefits across the state for both clinical staff and patients. “The project placed key radiologists, ICT specialists and medical imaging users from 11 NSW Health organisations in the driving seat to test critical aspects of the platform prior to proceeding with a full implementation,” he said.

Cryptographic technology addresses the security problems that blockchain doesn’t, according to Cryptoloc Technology Founder Jamie Wilson. “Everyone is looking at blockchain, but there are a whole lot of flaws with this technology. Even with a private blockchain, you’re enabling a cyberattacker to take control of your entire system. Blockchain also involves the use of an open ledger, which allows an attacker to track back and access your entire medical history,” he told HITNA. “With cryptographic technology, no one else has access to the information except for the user themselves. There’s also a full audit trail where everything is date and time stamped, so you’ll know who has accessed the file and where they have accessed it from.” Wilson said security by design – taking a proactive instead of reactive approach to data security by building security into infrastructures from the ground up – is the best approach. “Cryptographic technology allows just that. By encrypting each and every file uniquely, no two files are the same. And malware and ransomware gets reduced as should a user gets attacked, you can identify that they’re being held to ransom.” Wilson identified that heightened levels of connectivity in Australia’s national healthcare system have also created additional points of exposure for cyberattacks, highlighting the need for new ways to secure these systems “The ideals behind having a national health system to share and control medical records between doctors, specialists and patients is sound and could vastly improve the quality of healthcare in Australia,” he said. “Unfortunately, storing and sharing such a wealth of personal data provides many security vulnerabilities and is a lucrative target for cyber criminals.” With the national healthcare system suffering many compromises – the number of data breaches involving My Health Record has risen from 35 incidents in the last financial year to 42 incidents this year – and more than 2.5 million opting out of using the voluntary system, Wilson said stronger data security technologies are necessary. “Cybercriminals are not looking at just one individual; they’re looking at a wider collection of information to be able to attack them later and abuse their identity,” Wilson said. A recent Office of the Australian Information Commissioner (OAIC) report supported his claim, identifying that malicious and criminal attacks were the second largest source of data breaches from the health sector, at 46 per cent. It also found that cyber incidents were the most common type of attack, accounting for 44 per cent, while theft of paperwork or data storage device was the second most common type of attack (32 per cent). “A centralised health record system is a fantastic idea. However, we need to be able to secure this data and be able to share this information securely on a global stage to ensure that individuals receive the correct medical treatment that they’re entitled to,” he said. [Read more: Connected care: protecting patient privacy and security | Industry calls for more caution over MHR system] Wilson also said Australia is not where it needs to be from a global healthcare security perspective. “Australia is falling with regards to cyber and the securing of information,” he said. “The best way of doing this is reviewing the way that we do security today and bringing the control back to the user. That gives the user the control to be able to share their information with third parties should they wish to do so. This ensures that information is not flowing out to multiple parties outside of the system.” In addition, Wilson addressed the need for more security around external mobile devices, especially with more BYOD (bring-your-own-devices) and Internet of Things devices getting integrated into the healthcare system. “This goes back to what I mentioned around security by design and having security built into every part of the healthcare IT management process,” he added. Wilson will further discuss how the new cryptographic platform of Cryptoloc reinvents data security at the upcoming 2019 HIMSS Health 2.0 eHealth Summit in Singapore.

The Australian Digital Health Agency (ADHA) has opened an online consultation for all Australians to have a say on the development of a more modern, digitally connected health system. The online consultation, part of a nationwide series of discussions used to co-design the National Health Interoperability Roadmap, allows clinicians, healthcare organisations, consumers and the technology sector to converse about standards and priorities required for an interoperable health system. The roadmap is a key priority of the National Digital Health Strategy, which was approved by all states and territories through the Council of Australian Government (COAG) Health Council in 2017. The strategy identifies the importance of connected health services and calls for the definition of standards to support interoperability.  “Industry clinical software supports millions of digital transactions daily through public and private health systems. A collaborative consensus on standards will increase the confidence of all users and make a more interconnected health system possible for patients and their healthcare providers,” Medical Software Industry Association CEO Emma Hossack said.  According to the ADHA, interoperability holds the potential to bring patients’ records together from a range of systems and to provide access to information from disparate sources, give consumers and providers greater visibility and enable research and innovation. “Best use of data and technology is key to sustainable, high quality and person-centred healthcare,” ADHA CEO Tim Kelsey said. “We’ve made progress since the National Digital Health Strategy was launched in 2018 – including creating a My Health Record for nine out of 10 Australians, and developing standards for secure digital messages to replace letters and fax machines in healthcare. “We are now developing the plan to move Australia to the next stage of connected care. Improving the interoperability of health and care services so that the right information is available at the right time for the right person is fundamental to improving the outcomes and experience of healthcare.” [Read more: ADHA rolls out secure messaging initiative to axe the fax | Paving the way for interoperability in Australian healthcare] In addition to the online consultation, ADHA will be facilitating 50 digital health community conversations nationally in the coming months with members of the healthcare sector, health technology industry and consumer representatives to collaborate on how digital technology can best support the delivery of a person-centred healthcare system. ADHA is also welcoming written submissions by email or mail.

The 2019 Federal Budget has come under fire as a missed opportunity to make meaningful strides towards modernising Australia’s healthcare sector. The Budget includes a $62 million investment over four years for GPs, emergency care and specialist services in rural areas and planned upgrades to regional hospitals. But Coviu CEO Dr Silvia Pfeiffer said funding is needed to spur innovation in healthcare, especially from digital health and telehealth. “It's the only way to scale our future healthcare needs in an increasingly aging and digitally enabled population,” she said. “Funding for digital health and telehealth is certainly a step in the right direction; however, I'd like to see this taken even further. The government should be looking to include even broader reimbursements for telehealth and digital health, including video consultations.” Ricoh Australia CEO Andy Berry said innovation in healthcare is often stifled by the immediate requirement for day-to-day productivity. “We have a long way to go to develop the digital workplace – an essential building block for innovation. Yet, everything from enhanced cybersecurity to rural health improvements can be bolstered with digital workplaces,” Berry said. “A modern digital workplace helps people collaborate and facilitates better teamwork and the technology is applicable across any location – from a corporate head office to remote sites. Digital workplace innovation also helps product and service innovation, which is something the government should always be looking to propel.” [Read more: Australian Govt pumps $6.3M into Health Data Portal development | Tech development, regulation, investment and implementation key to digital health] Tableau Software ANZ Managing Director Nigel Mendonca said the need for digital transformation spending highlights the need for more data analysis and insights across government agencies and the wider economy. “With better analytics, we can make better decisions on our digital transformation programs and the effectiveness of public spending,” Mendonca said. “STEM education will generate more data and with analytics, we will be able to witness in real-time how well students learn and how well the ideas will grow. It would be great to see the government promote analytics as a discipline in itself – the economic benefits are waiting to be discovered.” Talend ANZ Country Manager Steve Singer said data trust and intelligence is the next frontier for STEM and digital transformation. “The Federal Government’s budget contains many programs which can benefit from better data trust and intelligence. Investments in cyber security, digital transformation and STEM education will be more successful if they are backed by trust and intelligence from the data they generate,” Singer said. “For example, the $220 million from the Medical Research Future Fund for research into heart disease will go further with more intelligence on causes and treatment outcomes, while relying on trusted data to fuel their decisions. With that information we can ensure public funds are working as well as they can.” A BIG MOVE FOR SECURITY On the other hand, the industry welcomed the funding towards cybersecurity. According to LogRhythm APAC Sales Director Simon Howe, the extra funding is necessary to prevent cyber theft and espionage in healthcare. “Risk factors can be identified with better and more timely data analysis. Everything from behavioural analysis to trending targets can be identified, review and ‘de-risked’ with better intelligence,” Howe said. “The Federal Government investments will hopefully help increase awareness of risk assessment among the Australian business community.” Moustache Republic Director Laura Doonin said the emphasis on increasing cybersecurity capability presents a good opportunity for local companies to deliver technologies and services to assist with digital changes. “By starting with local opportunities, Australian companies can develop solutions which are applicable to any global company. Let’s use government incentives as a starting point for technology development,” Doonin said. “This is particularly true for small- and medium-sized businesses such as retailers with a focus on digital. With the right support and economic development infrastructure, businesses can go global through innovation.” [Read more: Why crisis response is a weak point for healthcare cyber security | What does the new Secure Cloud Strategy mean for healthcare?] WatchGuard Technologies ANZ Regional Director Mark Sinclair said small businesses are the engine of Australia’s economy and welcomed the investment to cybersecurity. “Too often, we hear about a small business becoming the next victim of a phishing scam or ransomware attack. That small business could be a medical centre… and it’s time we all stepped up to a new level of awareness and action,” Sinclair said. “As a result, we strongly encourage the government to reconsider an uptick in federal funding for cyber education and support for small business security technology investment so that business can focus on what they do best rather than worrying about their IT infrastructure.” Aura Information Security Australia Country Manager Michael Warnock called for further investments in both specialist cyber skills and broader awareness programs. “A perennial problem in Australia – and indeed globally – is a shortage of cyber security skills. Let’s hope the $570 million cyber spending boost will flow onto other areas of the economy. For example, requirements for anti-drone technology for the AFP and AI technology for ASIO could be met with local suppliers.”

Healthcare organisations are fast adopting hybrid cloud as a result of increasing security and compliance concerns, according to a new study. The Nutanix Enterprise Cloud Index identified that hybrid cloud adoption in healthcare is expected to jump from 19 per cent to 37 per cent worldwide in two years, as providers address critical technology needs. The healthcare industry in Australia has been hit with multiple security concerns of late, with the sector topping the list of notifiable data breaches for the fourth consecutive quarter and the number of data breaches involving My Health Record rising year-on-year. The study found that 28 per cent of healthcare respondents named security and compliance as their top decision criterion in choosing where to run workloads. In its attempt to improve its current state, the report revealed that healthcare ranked third in the number of hybrid cloud deployments currently running, by industry. It also found that more than half of the respondents noted inter-cloud application mobility as essential, demonstrating the need for seamless movement of applications and associated data, networking services and security policies between different types of clouds. Nutanix ASEAN, India and ANZ Vice-President Neville Vincent said the ANZ industry is increasingly leaning toward adopting hybrid clouds that combine private and public cloud services as an ageing population, rise in chronic disease and increased health costs mean it’s pertinent for industry to invest in the next generation of infrastructure that preserves quality of care. “Australia and New Zealand have always provided a premier healthcare system for their citizens but… a host of technical and social factors are putting increased pressure on our hospitals and healthcare professionals,” he said. “There is no quick cure for these issues, but investing in next-generation IT infrastructure is the first step in preserving our quality of care and bringing healthcare to the individual rather than the other way around.” Vincent said infrastructure innovations like hybrid cloud allow hospitals to manage different applications and data types, take advantage of automation and create new service lines such as telehealth or remote monitoring, leading to improved patient engagement. [Read more: Hacking humans: The next digital frontier of neobiology and altering the human race | Medical records at Victorian hospital get hacked] Nutanix Global Marketing Senior Vice-President Chris Kozup added that hybrid cloud provides the flexibility, ease of management and security requirements of healthcare and allows for providers to undergo a digital transformation of healthcare delivery. “And this need will only become more prominent as attacks on systems become more advanced, compliance regulations more stringent, and data storage needs more demanding,” he said. “With the cloud giving way to new technologies and tools such as machine learning and automation, we expect to see positive changes leading to better healthcare solutions in the long run.”

The Digital Transformation Agency, set up to improve people’s experience of government services, has set out new requirements as part of a new Secure Cloud strategy, bringing more change around privacy and security policies for all industries including healthcare. The new requirements demand Australian software companies to complete a compliance process and accreditation before they’re able to roll out third-party services. The mandatory policy applies to any third-party that uses cloud services to connect with the Department of Human services (DHS) – this encompasses services such as My Health Record, Medicare, National Disability Insurance Scheme (NDIS), Pharmaceutical Benefits Scheme, and other forms of care. Macquarie Cloud Services Head of Customer Experience Phil Wallace said the move aims to lift security protecting sensitive health data and payments platforms, which is vital for healthcare as it’s responsible for more mandatory data breach notifications than any other sector. “Because of the sensitive nature of healthcare data, the DHS has always had to meet heightened security standards. The policy has two mandatory requirements, being DHS certification and that cloud providers must use sovereign Australian onshore solutions,” he said. “Cloud solutions can be complex and distributed by nature. By helping the industry move to new, more secure onshore secure standards, it removes the threat that one link in the healthcare supply chain could compromise sensitive data and payments for all users.” Wallace said a secure cloud strategy policy puts in place standard processes for organisations to follow, to enable an industry-wide compliance obligation. “Health technology is complex; products may be subject to a whole range of standards and protocols, some of which are still being defined. Getting the critical area of data storage security right enables organisations to start concentrating on the protocols in their practice.” Medical Software Industry Association (MSIA) CEO Emma Hossack agreed with Wallace, adding that privacy of patient information is critical for healthcare providers. “In the event that providers are using web-based solutions – and this will become increasingly common – then security of transmission and storage of health information is no longer a nice to have; it is essential. There is no privacy without security,” she told HITNA. [Read more: Why health orgs are embracing cloud to improve physician and patient experience | Why hospitals and health insurers are really turning to the cloud] According to Hossack, associated problems in the healthcare space aren’t to do with software, but rather, how it’s deployed and the security protocols around it. “It includes allowing multi parties to ‘share’ an individual’s password, which negates the benefit of access logs and weakens security and privacy,” she said. “This comes down to training; it’s an area which the MSIA will work with the Australian Digital Health Agency on this year to encourage all health organisations to continually train staff on the use of software – both in terms of functionality and security.” Hossack said this move is just the start of improving privacy and security in healthcare. She suggested that various divisions of healthcare band together to educate the industry about the changes. “Change takes time. Education about the importance of security for consumers’ privacy by the government and the whole health industry is the best way to overcome the challenge. Education by colleges and other peak bodies like the Practice Managers Association and nursing bodies responsible for accreditation and standards is also key.” Greenlight ITC CEO Mike Smith said policy is important, but healthcare providers that aim to achieve them on their own, with limited resources and constant change, will find it challenging. The managed service provider and cloud support partner to software companies servicing the healthcare sector has worked with medical billing experts and other healthcare software companies on compliance. “Many healthcare users face challenges just sustaining current operations in the face of aging assets, rising costs, the war for talent and growing complexity. When healthcare providers partner with local experts for compliant solutions, everybody wins,” Smith said. [Read more: The time for healthcare to embrace cloud, is now | Allscripts and Microsoft partner to build new tech for clinical research in the cloud] Smith said there are a number of other initiatives healthcare providers can take. They include:  Keeping abreast of new legislation or changes  Actioning on changes as soon as possible to allow as much time as possible for adjustment      Keeping customers and partners informed of changes throughout  Identifying efficiencies to offset rising costs  Incorporating other requirements like monitoring and backup when teaming up with a partner. “New legislation, constant change and more distributed modes of care are making it harder for practitioners to concentrate on helping people. Organisations should look to offload such compliance and security burdens to specialists, so they can free resources to help more people,” he added.

Connected medical devices can improve patient care and operational efficiency. However, they also introduce new privacy and security risks. Healthcare providers should rethink their privacy and security practices in light of these new risks. According to the Office of the Australian Information Commissioner’s (OAIC) latest Notifiable Data Breaches (NDB) report, the health sector accounted for 21 per cent or 54 of the 150 breaches reported between 1 October 2018 and 1 December 2018. In addition, the global Internet of Things (IoT) healthcare market is expected to grow by 37.6 per cent between 2015 and 2020, opening up more devices to attack. That’s a frightening statistic considering that the healthcare industry already ranks second in data breaches. Healthcare organisations face two major security challenges:  They are prime targets for hackers Their attack surface expands every day as more and more medical devices are connected to networks.  When it comes to cybersecurity in the healthcare space, there is a need to recognise that information security and medical device cybersecurity are different, and need to be protected in different ways. This means taking a visibility-first approach when it comes to medical devices and ensuring that the cybersecurity in place to classify and protect these devices is specifically designed to support them. According to the Therapeutic Goods Administration (TGA), the Australian regulatory framework for medical devices already captures cybersecurity. Manufacturers have been considering security in their design, and the TGA has been assessing and regulating the security of medical devices through the Essential Principles. However, as the number of networked devices is growing, the risk profile is changing and public awareness of cybersecurity as a risk is increasing. This changing landscape has created new challenges for regulators of medical devices, including poor or unclear standardisation, sharing information, publication of vulnerabilities and exploits by users and security researchers, and poor transparency of expectations between stakeholders. Clinical devices such as glucometers, electrocardiograms and drug infusion systems are potential targets for hackers despite the efforts of manufacturers to secure their products. Considering the essential role these and other devices play in delivering critical care to patients, extra measures need to be taken to protect them. For example, in any patient care scenario, there is a mix of physical and virtual IT endpoints including IoT assets that often can’t accept agents for technical or regulatory reasons, building automation devices that are overlooked, and clinical devices that have legacy operating systems, or applications that don’t meet typical security standards. The main considerations for healthcare providers when it comes to security include: An increased number of medical devices on networks, often using outdated operating systems or uncommon firmware Mobile devices, which are harder to track and secure A wide variety of people connecting to and disconnecting from the network, meaning healthcare personnel, office staff, patients, guests and maintenance teams, all require different policies Ensuring the integrity and security compliance of a mix of IT, IoT, medical and environmental devices without disrupting operations Clinical engineering teams receiving mixed priorities about what they can do to their legacy equipment to maintain regulatory compliance without impacting patient care Protecting patient records from loss and cyber incidents to maintain the integrity and confidentiality of electronic information Third-party vendors and service providers accessing the healthcare network need oversight to prevent security missteps. Healthcare organisations need to be able to safely expand network access to clinicians, caregivers, research organisations and contractors while securely embracing agentless medical devices. This means finding a platform that lets them discover, classify, assess, and continuously monitor devices, including personally-owned and agentless medical devices; enforcing security posture and regulatory compliance policies; notifying users, restricting or blocking access, and automating network segmentation; as well as orchestrating and automating security among third-party security tools. With the volume of networked devices growing and the risk profile increasing, it has become clear that medical device security standards in Australia are lacking, while public awareness of security is growing. This means that healthcare providers need to take a proactive approach to medical device classification to mitigate the risk and prepare for potential future requirements.  Steve Hunter is the Senior Director for Asia Pacific and Japan at Forescout.

Graham Grieve counters the case for smart eHealth cards with the argument that smartphones would work better. Several experts that presented to the senate panel investigating the My health Record in 2019 argued that instead of a central data repository, Australia should instead, invest in a smart card based infrastructure to store consumers’ health care records. These experts proposed an approach where each individual carries their own smart card, and healthcare providers load information to and read information from the card during encounters with health care providers. The experts claimed that using smart cards avoids the central problem of the My Health Record system: a single consolidated record of all health information, with dual consequences: All patients are held to a single set of policy choices about how their information is shared and managed The single repository is a large, attractive target for hackers and any successful hacks may yield many records.  Most of the focus was on the second point – a single gathering of such a large amount of healthcare information is a natural target for hackers of various kinds. Note that although the central system is highly secure and run by a security-focused team with high-discipline, provisioned to be able to make a rapid response to emerging issues, the same cannot be said of the many access points authorised to access data from the system. A hacker gaining control of such an access point (or, a legitimate user misusing the endpoint, as in the Medicare number breach in 2017) would have access to all the records, though the more indiscriminately the access is used, the more quickly it would be detected. The experts claimed that these problems could be resolved by using smart cards instead. SMART CARD EVALUATION It’s certainly true that smart cards would not have the same security challenge – hacking a single smart card, or even the system by which smart cards are accessed/updated would only grant access to the subset of smart cards encountered by the hacked system(s) during the time of the hack, since there is no central database to hack and get global access to. However, smart cards do not make any difference to the rest the of problems a system faces; they simply move them around. The problems of security, integrity, access control and security still arise in any architecture. The challenges for a smart card based approach are: Who has the right to read information on the smart card? How can a patient control how much information is accessed? Who has the right to put information on the smart card? And how is existing information reconciled with new information? Can systems updating records overwrite existing patient information? How do you secure smart cards against non-authorised readers, and still allow for back up?  How do you incentivise consumers to keep track of their health smart cards so they don’t lose them? (and how do you incentivise them to backup their information?) If they lose information, is it stored somewhere else like a new central store? How much information can you fit securely on a smart card? (And how much does the system cost?) Overseas, health smart cards generally store very little information – usually, enough to automatically identify the consumer that carries the card and to connect to a patient record stored elsewhere. In other words, it’s a token that provides access to a central record store. This does not avoid the problems of a central repository. All of these have possible solutions, but because the smart card itself is passive, the solutions must be imposed through rules made about the software that interacts with the smart card. Which means, in effect, the smart card system would hold patients to a single set of policy choices about how their information is shared and managed; at  least to the degree that the government can impose a single set of rules. But the patient doesn’t have any say about this – only the providers of the software to healthcare do. The current arrangements around the My Health Record – with the running problems related to certificates that the agency is not in a position to solve, but is still being held accountable for in public – demonstrate that a single organisation, or the health software ecosystem, cannot solve all these problems. Finally, using smart cards raise a real problem inherited from the “Australia Card” debacle – people are suspicious of government supplied cards that have an identifier.  In fact, this is such a serious perceptual problem that this might be the most important question: Would Australians accept any kind of smart card from the government? (even if it doesn’t serve as an identifying card) A patient controlled record will only truly be patient controlled when the patient holds the information. Unfortunately, smart cards will not get us there. A REALLY 'SMART CARD' All of these questions already have an answer; it’s called the smartphone. Smartphones are the correct package for acting as ‘local store’ for a patient’s information: 89 per cent of consumers already carry a smartphone Consumers part with their smartphones reluctantly  Most consumers backup their smartphones often and generally keep a close watch on them Smartphone vendors invest billions of dollars in making both a secure and usable smartphone ecosystem Rather than building a static framework, the government can specify the API formats used to exchange data between smartphones and the rest of the system, and let innovation bloom in the consumer space. The same APIs can be reused for other purposes in healthcare Applications on smartphones can manage storage/access/reconciliation/ownership issues to the degree that the consumer wants without a central authority having to make all their decisions for them Smartphones typically have plenty of storage space (note: it’s not known how much consumers would allocate to health, but the smartphones can proactively manage this question) Other countries (most notably the US) are already building ecosystems based on APIs that serve smartphones, with active support from the providers of the ecosystems.  In fact, it would be cheaper to buy the remaining 10 per cent of the population a smartphone than invest in a smart card ecosystem. Though many of that Australian population is not in a position to hold and use smartphones – mostly elderly patients and children under the age of two – they can depend on other people to manage their healthcare information. This is yet another challenge to resolve for smart cards. For this reason, the Australian Government should pay careful attention to the foundations of a healthcare information ecosystem to ensure that all consumers, not just digital literati, can leverage any API based system. And it should ensure a robust framework is set up for assessing policy and technical conformance for the APIs (though this no magic bullet). Of course, some consumers won’t want to use smartphones to store their health records at all. Others might want to take advantage of a centrally provided secure repository. The strong benefit of a web/API based framework is that consumers can choose how to engage with the system. As such, future developments for the My Health Record system should move away from the current document repository approach towards a web/API based ecosystem. Grahame Grieve is the Principal of Health Intersections, and a healthcare Interoperability consultant and developer.

Good systems analysis requires adherence to a simple recipe – understanding who the stakeholders are and their needs, establishing design goals and working collaboratively to attain them. So how can the My Health Record system, which began in 2012 as opt-in and changed to opt-out 2018, be done better? We like to think the stakeholders are healthcare recipients and providers Australia wide. We would regard privacy, security and utility of health information as key design goals. We would hope that the many design aspects such as legislative, governance, administrative, medical and technical, be developed in harmony. Yet, all these aspects, when recently exposed to public scrutiny, have been found wanting. Researchers at Deakin University Law School under Professor Danuta Mendelson were quoted in Australian Doctor in December 2016 saying, "The My Health Record system appears more suited to supply data for government agencies and researchers than it is suited to healthcare". If the stakeholders rightfully were the Australian healthcare consumers and providers, we should be engaged in the design process and the design goals of utility, security and privacy should be achieved. Key to the design process is the question, "Does the electronic health data need to be in an online central repository?" If the stakeholders are those wanting access to big data about healthcare recipients and providers, the answer is, "Yes." If the stakeholders are Australia's healthcare recipients and providers, that answer may be different. Rights campaigner and lawyer Lizzie O’Shea drew a good analogy on Weekend Sunrise in July last year when she said, "When you centralise information like this … it becomes very attractive to hackers. We’re also putting power into the hands of government to decide how that information is to be used." "You wouldn’t cut a house key for every single plumber in the city, or every house painter [and] electrician… The same is true here; 900,000 medical professionals and 12,000 organisations have access to these records. Why would you design a system like that?” she said. Much has been touted about the benefits of treating doctors, for example, having ready access to an unfamiliar patient's data. The benefits are acknowledged and assumed to be achievable only from a centralised repository of health data. An online central repository accessible by hundreds of thousands of legitimate access points cannot be defended against cyber attack. An attacker need hack only one of these to gain access to every record in the database to see, copy and change at will. A POSSIBLE WAY FORWARD Germany implemented the first-generation of its system of smart eHealth cards in 1993 and this was then developed into the second-generation eHealthcare card in 2017. Data stored on the second-generation German eHealthcare card includes the insured person’s name, date of birth, address, gender, insurance number and coverage status.​ In addition, there is an option for additional personal data to be stored on the card with a person’s consent, such as emergency data and medication, allergies or drug intolerance. Currently, data is accessible by authorised healthcare providers on presentation of the eHealth card. There is no need for a centralised repository, which could be hacked or used for purposes other than for healthcare. If a card is lost or damaged, it is replaced by the issuing authority and data restored from the backup performed at the most recent healthcare consult. The data format is also not constrained by the physical design of the eHealth card memory chip. In 2017, 70 million Germans were in possession of the card. In the near future, a new generation of cards is expected to facilitate the exchange of medical information necessary for treatment, with the inclusion of emergency data, electronic medication plans and electronic patient records on the card. Some other main benefits of the new and improved system are said to include the prevention of redundant medical examinations by different doctors and the online update of administrative data. As such, the benefits of an eCard based system are: Patients control who and only who gets access to the data The entire database of health information is not in a centralised repository connected to the internet Patients don't need to be concerned about what present and future governments, as well as other non-healthcare organisations may do with their health data eCards are flexible about the way data may be stored and retrieved, enhancing the utility of healthcare data A comprehensive telematics infrastructure interface that provides secure communication of health data: eScripts, eReferrals, test results, health insurance, etc. updating the eCard at points of service.  A similar system could be designed for Australia, but the following need to be considered:   How do we make the data useful? It needs to be reliable, complete, up-to-date and stored in a manner which encourages meaningful, apt and rapid retrieval by the healthcare provider and associated recipient. How do we make it secure? We make it virtually impossible for the data to be retrieved by unauthorised actors. How do we make it private? We make it secure and prohibit use outside direct healthcare except only by informed explicit consent of the healthcare recipient. It is possible for Australia to have an eHealth system that services healthcare providers and recipients as primary stakeholders, but Australia is a long way from making such a system a reality. All aspects of the current My Health Record system design – legislative, privacy, health utility, security and technical – need a comprehensive overhaul. To achieve this requires our governments to change the present system, which has shortcomings in legislature, privacy, healthcare delivery, security and technology. There is a fundamental conflict between providing health data for government and non-government organisations, which the My Health Record system is geared to do, and providing an effective eHealth system which respects the privacy and trust of the patient-doctor relationship. Specifically, privacy, powers of the Minister to make rules, substantial powers invested in the System Operator and delegation of these powers need to be reviewed and changed (the original draft legislation commissioned by the Department of Health was substantially changed before presentation to the Parliament 2012). A focus on making the data relevant to immediate healthcare rather than value as cohort data needs to enliven the My Health Record use. A realisation of the fundamental vulnerability of centralised data accessible over the internet needs to drive a new paradigm. The new paradigm must make it practically impossible for everyone's data to be viewed, copied, or changed by unauthorised actors. This will allow for the use of data with informed consent, for example for research, so that it can be aggregated on a case by case basis rather than offering the totality of data by default as a smorgasbord. The most succinct summary of My Health Record’s current state was given in a submission to the Inquiry by an unnamed person who "held a variety of roles at Commonwealth Department of Health":  "In my analysis, both the government and the system operator of My Health Record, the Australian Digital Health Agency... have grossly overstated the benefits to individuals of My Health Record... which is primarily a glorified Dropbox,” he wrote. "The primary functionality of My Health Record is to facilitate secondary data usage, for government and non-government organisations, and that it is they that will be the primary beneficiaries of the system. "In terms of its usefulness for clinical practice and for individual health record management and tracking, it is not fit for purpose, although not entirely useless. This is primarily because My Health Record is about medical records storage rather than providing an up-to-date and accurate medical history overview that can be quickly drilled down into.” The only way the My Health Record can truly be Our Health Record rather than a “glorified dropbox” is if a smart eHealth card system similar to what Germany has in place is adopted.   Paul Power is the head of IT Consultancy to the medical profession, Power Associates. He also appeared as a witness and made submissions to the Senate Inquiry into the My Health Record system in 2018 and the Senate Inquiry into the Medicare card data breach in 2017. Graham Grieve counters the case for smart eHealth cards with the argument that smartphones would work better. Read more.