Who owns your Big Data?

Transcription

1 Dr Steve Hambleton - NEHTA Chair Who owns your Big Data? Healthcare and Social Media Summit presented by Mayo Clinic 1 September National E-Health Transition Authority

2 About NEHTA The National E-Health Transition Authority (NEHTA) is a corporate entity owned by the Australian Federal, State and Territory governments. NEHTA was established to identify and jointly develop the necessary foundations and services for a national ehealth capability. Identifiers Authentication Terminology Secure Messaging Clinical Documents Supply Chain 2 National E-Health Transition Authority

3 Big Data vs Normal Data Big Data is no different to normal data in that there is a responsibility to ensure that information security is maintained around: Confidentiality. Ensuring that information is held in a manner that maintains the privacy and policy obligations that apply to it, i.e. the information is not disclosed to parties or for purposes other than for those of which are entitled to it. Integrity. Ensuring that the data is not modified, its integrity remains intact, and it can be validated as such. Availability. Ensuring that information is available for the purposes for which it was intended. 3 National E-Health Transition Authority

4 Meaningful Use of Data The computational power of analyzing clinical and patient data can help inform policy decisions and strategies on population-wide prevention programmes. To achieve this state, we need to strike a balance between privacy and security and the inherent benefits that can be gleaned from data. While the technologists have made enormous advances in collecting data, it s actually the healthcare providers who need access to the data to make enormous advances in the delivery of healthcare. 4 National E-Health Transition Authority

5 Does Big Data Exist The short answer is no. At present there is lots of data but it s often not connected. There are big databases Medicare Private Health Insurers Hospitals Public and Private Pathology Services Radiology Services Individual Health Care Providers 5 National E-Health Transition Authority

6 The benefits of an ehealth record Provider The biggest benefit of having an ehealth record is having access to accurate and up-to-date patient information. Patient/consumer This allows patients to be more involved in their health, and healthcare providers to deliver safer, better quality healthcare. 6 National E-Health Transition Authority

7 Privacy is Embedded in our Work NEHTA has a dedicated privacy team with deep expertise in privacy law and best practice privacy design. Every NEHTA product undergoes a privacy review before it is released. NEHTA has also engaged external lawyers to independently undertake privacy impact assessments on four occasions since National E-Health Transition Authority

8 Legislation The ehealth record system is supported by a legislative framework: Healthcare Identifiers Act Healthcare Identifiers Regulations Personally Controlled Electronic Health Records Act Personally Controlled Electronic Health Records Regulation The penalty under the legislation for unauthorised collection, use and disclosure of information in an ehealth record is currently up to $13,600 for an individual or up to $68,000 for a body corporate. ttp:// 8 National E-Health Transition Authority

9 Authentication Security measures are in place to prevent misuse of information. It is essential to authenticate users, i.e. organisations and people. This is achieved through the use of digital certificates that conform to Australian Government endorsed Public Key Infrastructure (PKI) standards. 9 National E-Health Transition Authority

10 Access Controls Other measures, including access controls (such as username and password) are also required to provide a comprehensive approach to the security of shared electronic healthcare information. This is irrespective of whether it is stored on computers in a general practice, in the ehealth record system, or exchanged electronically in other ways that have been enabled through the development of national ehealth standards and initiatives. 10 National E-Health Transition Authority

11 Individual Access Controls Limiting Access To the whole of their record and having a Record Access Code To specific documents in their ehealth record, and having a Document Access Code Turning off automatic checking for an ehealth record (hides the fact there is a record) Access Tracking Individuals can see and change the level of access they wish particular healthcare organisations to have, including revoking access (except in the case of an emergency); Individual can also be notified by or SMS when certain activities Refusal of consent to upload Removing Documents 11 National E-Health Transition Authority

12 National ehealth Security and Access Framework (NESAF) The Royal Australian College of General Practice (RACGP) has developed the Computer and Information Security Standards (CISS) to work concurrently with the NESAF, because they share the same goal of implementing safe security measures to protect patient information held and transmitted by electronic healthcare records. 12 National E-Health Transition Authority

13 We re committed to delivering a strong primary care system for all Australians and all of the feedback I ve received from doctors and patients throughout my recent Medicare consultations is that a functioning national ehealth system is critical to achieving this. The Hon Sussan Ley MP Minister for Health Media release 10 May National E-Health Transition Authority

14 Close the gap between what we know and what we do The Cardiothoracic Surgery in Great Britain and Ireland Reporting outcomes resulted in a 50% improvement in risk-adjusted mortality rates for cardiac surgery Collecting the data cost 1.5 million per year just 0.6% of the total spending on cardiac surgery, and much less than the 5 million saved in reduced bed-days for coronary artery bypass operations 14 National E-Health Transition Authority

15 Thank You! National E-Health Transition Authority