The agency responsible for oversight of My Health Record has revealed there were two incidents that compromised the medical records system during the 2019-20 financial year.
In its annual report[1], the Australian Digital Health Agency (ADHA) outlined how one matter reported to the Office of the Australian Information Commissioner (OAIC) involved a breach to the external IT infrastructure[2] that supports the My Health Record System, but assured that no health information was stolen.
"This potential threat to the supporting IT infrastructure connected to the My Health Record system was identified and promptly addressed. There was no impact to the safety of health information in the system," ADHA stated.
The other breach was in relation to unauthorised access to an individual's My Health Record, which was reported by a state or territory authority. The ADHA said the incident involved an individual who was receiving treatment from a healthcare facility and the login used to access the record belonged to a member of the person's treating team.
The number of breaches during 2019-20 was a significant improvement on last year's 38 cases[3].
As of 30 June 2020, there were 22.8 million active records on the My Health Record system. A total of 1.75 million people accessed their record via the national consumer portal and a total of 810 million documents were uploaded to the My Health Record system.
During the financial year, ADHA said it also saw significant increases in pathology, diagnostic imaging, and dispense documents, which it attributed to increases in clinical software connections.
Nationally, 67% of private pathology labs were connected to the My Health Record system, which was short of the 80% target that ADHA had set out to achieve for 2019-20. Meanwhile,