By the end of this year, all Australians will have a My Health Record, an online record of medical information, providing they don't choose to opt out of the service.
Speaking at the National Press Club on Thursday, Tim Kelsey, chief executive of the Digital Health Agency -- the agency charged with overseeing[1] the My Health Record and ensuring citizen information is secure -- addressed a handful of security and privacy concerns the health record raises.
One measure addressing such concerns is a cybersecurity centre that will monitor My Health Record.
"My Health Record operates to the highest cybersecurity standards in Australia and is independently audited on that basis by a number of organisations on that basis, including the Australian Signals Directorate," Kelsey said.
"The agency has set up a national cybersecurity centre to ensure constant, multi-layer surveillance of My Health Record ... since the system was launched in 2012, there has been no breach."
Another security control, Kelsey explained, is the requirement to have an access code or PIN on the individual's My Health Record.
Additionally, users will be able to see a real-time audit log of who has accessed their record, and they can also set an SMS alert that notifies them of that occurrence.
Users can withhold a document from the view of their clinician, too.
"All instances of access by a clinician are attributable directly to that person and recorded in real-time," Kelsey said, noting that incorrect usage will be punishable via a custodial prison sentence of up to two years. "People are quite rightly concerned over the privacy of their information, and that's why they have a right to make a choice."
That choice is the option to opt out.
Currently, more than 5.7