My Health Record (MHR) is the national digital health record platform for Australia, and is managed by the Australian Digital Health Agency. It was originally established as the Personally Controlled Electronic Health Record (PCEHR), a shared electronic health summary set up by the Australian government with implementation overseen by the National Electronic Health Transition Authority (NEHTA). The purpose of the MHR is to provide a secure electronic summary of people's medical history[1] which will eventually include information such as current medications, adverse drug reactions, allergies and immunisation history in an easily accessible format. This MHR is stored in a network of connected systems with the ability to improve the sharing of information amongst health care providers to improve patient outcomes no matter where in Australia a patient presents for treatment.[2][3] PCEHR was an opt-in system with a unique individual healthcare identifier (IHI) being assigned to participants and the option of masking and limiting information available for viewing controlled by the patient or a nominated representative; MHR uses an opt-out system.

My Health Record
Type of site
Health records
Available in17 languages
List of languages
English, Punjabi, Urdu, Hindi, Swahili, Persian, Tigrinya, Malayalam, Arabic, Cantonese, Mandarin, Greek, Italian, Korean, Spanish, Thai, Vietnamese
Country of originAustralia
OwnerAustralian Digital Health Agency
URLmyhealthrecord.gov.au
CommercialNo
Users22.8 million (August 2020)
Launched2016; 8 years ago (2016)
Current statusOnline
Content licence

History

edit

Background

edit

In 2013 it was reported that on average, each Australian has 22 health system interactions annually. This includes General practitioner (GP) visits, specialists, or prescriptions. All of these interactions are held in individual, separate, paper-based records making the entire health picture of an individual difficult to ascertain.[4] It is also reported that up to 10% of hospital admissions are due to adverse drug events, 18% are due to medical errors relating to lack of adequate available patient information,[5] and an estimated 25% of clinicians time is spent collecting information regarding the patient than actually treating them.[6] These facts combined with the ageing Australian population, vast geographic expanse, and ever increasing population, drove the implementation of an electronic health record in an effort to bring the medical record into the 21st century.

PCEHR

edit

As part of the 2010/11 Australian federal budget the Hon. Nicola Roxon (Minister for Health and Ageing) announced the PCEHR as a "key building block of the National Health and Hospitals Network".[7] The system went live on 1 July 2012[8]

The Australian Government had a policy to develop a lifetime electronic health record for all its citizens. PCEHR was the major national EHR initiative in Australia, being delivered through territory, state, and federal governments. This electronic health record was initially deployed in July 2012, and underwent active development and extension by the Australian Digital Health Agency.[9]

It was budgeted to cost $466.7m but had surpassed this to $766m before the actual launch date with the final figure still to be calculated.[10]

In contrast a recent study published by Deloitte[11] projected the PCEHR to save approximately $11.5 billion over the 2010 to 2025 period. This consists of approximately $9.5 billion in net direct benefits to the Australian Government and $2.0 billion in net direct benefits to the private sector.[12]

As of 17 February 2013, 1233 healthcare organisations had registered for the PCEHR with NEHTA CEO Peter Fleming estimating 98% of GP-specific software was PCEHR compatible.[13]

At the 7-month mark 56,761 patients had registered with the 12-month target at 500,000 patients. The target figure was still considered achievable according to the DoHA deputy secretary Rosemary Huxtable who had released this information to a Senate Estimates committee. [14]

My Health Record

edit

The name of PCEHR has changed to My Health Record in 2015 with an opt-out model. The Australian government budgeted around $485million for this system which potentially could save nearly 5,000 lives per year when functional.[15][16][17][18]

e-health

edit

The Australian standards organisation, Standards Australia, and federal Department of Health have created an electronic health website, "e-health"[19] relating to information not only about Australia and what is currently going on about EHRs but also globally. Many key stakeholders contribute to the process of integrating EHRs within Australia. They range from each States Departments of Health to Universities around Australia and National E-Health Transition Authority to name a few.

Registration

edit

Patients were able to opt into the PCEHR by providing personal details such as full name, date of birth, Medicare/Department of Veteran Affairs number, and sex. Currently there are several mediums for consumers to register via:

Identity Verification Code (IVC)

edit

If a consumer registered over the phone, in writing, or in person an identity verification code IVC is issued to enable access to the e-Health record online for the first time. After this first log, or post 30 days from issuance the IVC becomes obsolete. There are four steps in the registration process:

  1. Read the essential information
  2. Create a new or log into your australia.gov.au account
  3. Verify your identity
  4. Set up your e-Health record [21]

Healthcare Identifiers Service (HI Service)

edit

The Healthcare Identifiers Service (HI Service) was established by the federal, state and territory governments to create unique identifiers for healthcare providers and individuals seeking healthcare. It was designed and implemented by Medicare Australia under the control of the NEHTA. The HI Service allocates three types of Healthcare Identifiers:[22][23]

Individual healthcare identifier (i.e., who received the service)
The Individual Healthcare Identifier (IHI) is a unique 16 digit reference number that is used to identify individuals within the healthcare system.
The healthcare provider can retrieve a registered patients IHI via the Healthcare Identifier Service by entering in the correct name, DOB, and Medicare number which will automatically retrieve the patients unique IHI from the system. This then links the patients with their PCEHR, allowing the healthcare provider to view all the uploaded material.[24]
Health Provider Identifier-Individual (i.e., who provided the service)
The Health Provider Identifier-Individual (HPI-I) is allocated to healthcare providers involved in providing patient care. Healthcare providers belonging to the Australian Health Practitioner Regulation Agency (AHPRA) have automatically been registered for their HPI-I.[25] This unique number allows healthcare providers to access patients PCEHR and also acts as a tracking tool of who has accessed what, what edits were made etc.
Health Provider Identifier-Organisation (i.e., where the service was provided)
The Health Provider Identifier-Organisation (HPI-O) is a unique code for organisations that provide healthcare services. An HPI-O may be linked to several HPI-I's, but an organisation can not have more than one HPI-O.[22]

eHealth Practice Incentives Program (ePIP)

edit

The eHealth Practice Incentives Program (ePIP) aims to encourage GP's to adopt and embrace the latest technology and developments within the eHealth industry as they occur. GP's are only eligible for ePIP if they are already registered in the Practice Incentives Program (PIP) administered by the Australian Government Department of Human Services (Human Services) on behalf of the Department of Health and Ageing(DoHA).[26] There are five further requirements for this incentive:

  1. Integrating Healthcare Identifiers into Electronic Practice Records
  2. Secure Messaging Capability
  3. Data Records and Coding
  4. Electronic Transfer of Prescriptions
  5. Personally Controlled Electronic Health (eHealth) Record System[27]

The benefits of participation in this incentive is practices can receive a maximum of $12,500 per quarter, based on $6.50 per Standardised Whole Patient Equivalent (SWPE) per year.

System Operator

edit

The System Operator is the entity that is responsible for creating and operating the PCEHR. This position was held by the Secretary of the Department of Health and Ageing. The System Operator during their duties must have regard to the advice and recommendations (if any) given by the PCEHR Jurisdictional Advisory Committee and the PCEHR Independent Advisory Council.[28]

Software

edit

PCEHC was based on the XDS (Cross Enterprise Document Sharing) Profile published by Integrating the Healthcare Enterprise (IHE). However, the usual IHE Patient Management system (PIX/PDQ) has been replaced by the National Health Identity (HI) Service. In addition the usual authentication and security IHE profiles have been replaced by, or significantly modified to work with, existing infrastructure.[citation needed] HL7 CDA format is used to transfer information between different healthcare clinical systems whilst still allowing information to be accessed and viewed.

National Authentication Service for Health Public Key Infrastructure (NASH PKI)

edit

National Authentication Service for Health Public Key Infrastructure (PKI) is a certificate that authenticates healthcare professionals accessing the eHealth records system. These certificates can be loaded onto smart cards which are then used in combination with the healthcare professionals HPI-I to log on to patients who have a PCEHR using the patients IHI. This system also facilitates secure electronic communications with other healthcare provider organisations.[29]

The PKI allows users to know:

  • who sent the message
  • the message hasn't been altered between sending and receiving it.
  • the sender can't dispute the message they created and sent
  • that only the person the message is directed to can open it[30]

These benefits allow users to securely and confidently relay patient information to trustworthy sources.

For the PKI to work there must be a Chain of Trust on your computer. This Chain of Trust is composed of three certificates, namely:

  1. Medicare Australia Root CA
  2. Medicare Australia Organisation CA
  3. Medicare Australia Organisation CA2[30]

The PKI Certificates are based on the Australian Gatekeeper framework and met the International Organization for Standardization (ISO) Health Informatics-Public Key Infrastructure technical specification (ISO/TS 17090).[31]

Vendors

edit

The six GP Desktop Vendor Panel members are :-

  • Best Practice Software Pty Ltd
  • Communicare System
  • Genie Solutions
  • iSoft
  • Medtech Global
  • Zedmed[32][33]

Legality

edit

On 16 August 2012 the Hon. Tanya Plibersek, the then Minister for Health announced the Personally Controlled Electronic Health Records Act 2012 (PCEHR)[34] The legislation was amended in late 2015 to be known as the My Health Records Act 2012 (Cth)[35]

Patients can read in full everything that is added to their eHealth record. They may choose to include additional information in their own local clinical information system that is not included in the eHealth record. In any event, patients have a right under the Privacy Act 1988 (Cth) to access the personal information that healthcare professionals hold about them.[36]

From November 2015 the My Health Records Act 2012 (Cth) was amended to reflect that representatives of persons who require decision-making support related to the Act must support the person to make decisions, or make decisions on their behalf, reflecting the individual's "will and preferences". This reflects the principle that people with disability or varied capacity have an equal right to have their decisions respected.[37]

Healthcare Identifiers Act 2010[38] This Act outlines how unique identifying numbers are allocated to each health provider and individuals as healthcare recipients to provide a way of ensuring that health information is correctly matched to the individual that received healthcare or the entity that provides healthcare.

Healthcare Identifiers Regulations 2010[39] regulates the collection, use and disclosure of healthcare record identifiers and information.

PCEHR Jurisdictional Advisory Committee (PCEHR JAC)

edit

The PCEHR Act established the PCEHR Jurisdictional Advisory Committee (PCEHR JAC) to advise the System Operator on matters relating to the interests of the Commonwealth, States and Territories in the PCEHR system. The PCEHR JAC meets at least four times per year, or more frequently as agreed between the System Operator and the Chair. The PCEHR JAC has nine members, a member to represent the Commonwealth and a member to represent each State and Territory.[40]

PCEHR Independent Advisory Council (PCEHR IAC)

edit

The PCEHR Independent Advisory Council (PCEHR IAC) was established under the PCEHR Act to advise on the operation and participation in the PCEHR system, clinical, privacy and security matters relating to PCEHR system operations. The PCEHR IAC meets at least four times per year.[40]

Criticism

edit

Security and privacy concerns have been raised about the platform. Originally, participation of the system was to opt-in by each person giving consent, however due to low participation rates, the platform moved to become opt-out instead. Each Australian had until 31st of Jan 2019 to opt-out. After 31st of Jan 2019, however, any user can delete their My Health Record, as well as restrict access to providers. In a life-threatening emergency, certain providers (like hospital emergency departments) can access a patient's My Health Record without being given explicit access.[41] There are 13,000 health providers involved, from specialists and general practice doctors to pharmacies and hospitals.[needs update]

Additional concerns have been raised around warrant-less law enforcement access to health data. The health minister Greg Hunt requested the deletion of advice indicating that police would have access to health record data, before promising a redraft of the legislation to explicitly curtail warrant-less access.[42][43][44][45] Additionally cybersecurity audits have remained incomplete.[46] Further concerns have surrounded the inappropriate access of health record data.[47][48][49]

Additionally uptake amongst health care providers has remained low with half of all records standing empty, and with poor uptake and usage by health care providers.[50][51]


Similar initiatives

edit

MediConnect was an early program that provides an electronic medication record to keep track of patient prescriptions and provide stakeholders with drug alerts to avoid errors in prescribing.[52]

Patent Issues

edit

MyMedicalRecords.com, a subsidiary of MMRGlobal began investigations about the PCEHR use of its intellectual property.[53]

See also

edit

References

edit
  1. ^ a b "e-Health". The Australian Nursing Journal. 20 (2): 20.
  2. ^ Spriggs, Merele; et al. (2012). "Ethical Questions Must be Considered for Electronic Health Records". Journal of Medical Ethics. 38 (9): 535–539. doi:10.1136/medethics-2011-100413. PMID 22573881. S2CID 19771269.
  3. ^ "What is a PCEHR?". NEHTA. Retrieved 12 May 2013.
  4. ^ "PCEHR". Retrieved 12 May 2013.
  5. ^ "Australia's Health". AIHW. Retrieved 13 May 2013.
  6. ^ For your Information, Australian Audit Commission
  7. ^ "Personally Controlled Electronic Health Records for All Australians". Department of Health and Ageing. Retrieved 13 May 2013.
  8. ^ "Personally controlled electronic health records". Department of Health and Ageing. Retrieved 13 May 2013.
  9. ^ "My Health Record". Australian Digital Health Agency. 6 October 2018.
  10. ^ Greenwood, Stephen (April 2012). "Political capital: The electronic health record challenge". The Australian Journal of Pharmacy. 93 (1103): 18–19. ISSN 0311-8002. Retrieved 13 May 2013.
  11. ^ "Federal Budget 2012–13: Health initiatives & expenditure Aged care support, NDIS, dental, Health and Hospital Fund (HHF) projects, PCEHR and PHIAC". Deloitte. Retrieved 13 May 2013.
  12. ^ "Expected benefits of the national PCEHR system". Department of Health and Ageing. Retrieved 13 May 2013.
  13. ^ McDonald, Kate (14 February 2013). "Half a million PCEHR registrations still achievable: DoHA". Pulse+IT. Retrieved 13 May 2013.
  14. ^ Hilvert, John (14 February 2013). "NEHTA shrugs off health records patent threat". itNews. Retrieved 13 May 2013.
  15. ^ "My Health Record launched". Aboriginal Medical Services Alliance Northern Territory (AMSANT). 2016.
  16. ^ "Stakeholders". E-health.standards.org.au. Retrieved 4 September 2013.
  17. ^ "About Us". Standards.org.au. Retrieved 4 September 2013.
  18. ^ "Home". E-health.standards.org.au. 30 August 2013. Retrieved 4 September 2013.
  19. ^ "e-health". Retrieved 8 May 2019.
  20. ^ "General consumer FAQs". Department of Health and Ageing. Retrieved 13 May 2013.
  21. ^ "Prepare to register". Department of Health and Ageing. Retrieved 13 May 2013.
  22. ^ a b "About the Healthcare Identifiers Service". eHealth. Archived from the original on 27 April 2013. Retrieved 13 May 2013.
  23. ^ "Healthcare Identifiers for Healthcare Professional" (PDF). eHealth. Archived from the original (PDF) on 27 April 2013. Retrieved 13 May 2013.
  24. ^ "What is an individual healthcare identifier?". Retrieved 26 May 2013.
  25. ^ "Healthcare Identifiers". AMSANT. Retrieved 13 May 2013.
  26. ^ "Practice Incentives Program (PIP)". Medicare. Retrieved 13 May 2013.
  27. ^ "Getting ready for the PIP eHealth incentive and PCEHR". Australian Medical Association. Retrieved 13 May 2013.
  28. ^ "PCEHR Governance". Department of Health and Ageing. Archived from the original on 13 May 2013. Retrieved 12 May 2013.
  29. ^ "NASH". Retrieved 25 May 2013.
  30. ^ a b "Public Key Infrastructure". Retrieved 25 May 2013.
  31. ^ "Public Key Infrastructure". Medicare. Retrieved 13 May 2013.
  32. ^ "GP Vendor Panel". Retrieved 26 May 2013.
  33. ^ Kate, McDonald (17 December 2012). "Practice guide to clinical software PCEHR functionality". Pulse+IT. Retrieved 26 May 2013.
  34. ^ "Personally Controlled Electronic Health Records Act 2012". Australian Government. Retrieved 13 May 2013.
  35. ^ "My Health Records Act 2012 (Cth)". Federal Register of Legislation. Australian Government. 6 March 2017.
  36. ^ "Managing a patient's eHealth record". Department of Health and Ageing. Retrieved 13 May 2013.
  37. ^ This followed Recommendation 4-8 of the Australian Law Reform Commission, Equality, Capacity and Disability in Commonwealth Laws, Report No 124 (2014). Further information is available at the explanatory memorandum to the amending legislation. Explanatory Memorandum, Health Legislation Amendment (eHealth) Bill 2015 (Cth) found at https://www.legislation.gov.au/Details/C2015B00163/Explanatory%20Memorandum/Text.
  38. ^ Healthcare Identifiers Act 2010 (Cth) Australian Government. Federal Register of Legislation. Retrieved 6 March 2017 https://www.legislation.gov.au/Details/C2016C00920
  39. ^ Health Identifiers Regulation 2010 (Cth) . Federal Register of Legislation. Australian Government. Retrieved 6 March 2017. https://www.legislation.gov.au/Details/F2016C00096
  40. ^ a b "PCEHR Governance". Archived from the original on 13 May 2013. Retrieved 26 May 2013.
  41. ^ "Who can access your record". Australian Digital Health Agency. 8 February 2019. Retrieved 21 July 2019.
  42. ^ "Law enforcement access to My Health Record data". Australian Parliamentary Library. 26 July 2018. Retrieved 3 October 2024.
  43. ^ "Law enforcement access to My Health Record data". Guardian Australia. 26 July 2018. Retrieved 3 October 2024.
  44. ^ "My Health Record: Greg Hunt promises to redraft legislation after public outcry". Guardian Australia. 31 July 2018. Retrieved 3 October 2024.
  45. ^ "Parliamentary library was pressured on My Health Record advice, emails reveal". Guardian Australia. 3 October 2018. Retrieved 3 October 2024.
  46. ^ "My Health Record failed to manage cybersecurity and privacy risks, audit finds". Guardian Australia. 25 January 2019. Retrieved 3 October 2024.
  47. ^ "My Health Record failed to manage cybersecurity and privacy risks, audit finds". Guardian Australia. 25 February 2019. Retrieved 3 October 2024.
  48. ^ "UnitingCare cyber attack prompts suspension from My Health Record system, affects staff pay". Australian Broadcasting Company. 1 May 2021. Retrieved 3 October 2024.
  49. ^ "Doctors resisting health records being sent to insurance companies". Australian Broadcasting Company. 8 September 2017. Retrieved 3 October 2024.
  50. ^ "My Health Record: after 12 years and more than $2bn, hardly anyone is using digital service". Guardian Australia. 6 June 2022. Retrieved 3 October 2024.
  51. ^ "My Health Record: almost $2bn spent but half the 23m records created are empty". Guardian Australia. 23 January 2020. Retrieved 3 October 2024.
  52. ^ Mason MK (2005). "What Can We Learn from the Rest of the World? A Look at International Electronic Health Record Best Practices". {{cite journal}}: Cite journal requires |journal= (help)
  53. ^ Foo, Fran (12 February 2013). "PCEHR patent probe to take weeks". The Australian. Retrieved 12 May 2013.
edit