The Pirate Party is concerned about the ongoing attempts by Australian state and federal government to centralise and make available the private health data of ordinary Victorians as seen in the recent Health Legislation (Information Sharing) Bill 2023 (Vic).
Quote by Miles Whiticker, Pirate Party Australia National President:
“The current form of the bill is a significant threat to Victorians’ right to privacy. By not allowing patients to opt out of the scheme, we are creating a dangerous precedent that undermines the autonomy and privacy of every individual in the public health system.”
In 2018 the Pirate Party participated in the national campaign to encourage an individual opt out of MyHealthRecord[1], raising concerns about privacy and data security. We recognise the same issues re-emerging with this information sharing bill, particularly regarding the lack of an opt-out option and the implicitly increased risk of such a centralised data repository.
Quote by Simon Gnieslaw, spokesperson for the Pirate Party in Victoria:
“The Optus, Medibank and Latitude Financial data breaches are just the tip of the iceberg. Well before that, Medicare was compromised too. Data security in this country is an absolute joke, governments don’t even pay bug bounties – leaving no incentive for the “good guys” to find the problems first. This is not a question of “if”, but “when” this data will be hacked, or even be abused by the Government itself.
WorkSafe Victoria[2] started a legal battle in 2021 to get access to contact tracing data to investigate a workplace safety issue, despite assurances that this data would only be used for contact tracing. The Victorian Government’s response to this was to attempt to suppress the fact that WorkSafe were requesting the data, instead of blocking the request. Had they been successful, we wouldn’t even have known that this data was being abused. How are we meant to trust government with our data?
The risk of our personal health information falling into the wrong hands, aside from being ‘none of their business’, is that if that data gets into the hands of private health insurers, they could essentially cheat the system by jacking up the premiums for people who they know are high-risk to unaffordable levels, which defeats the whole purpose of what insurance is for.”
The Pirate Party joins with Liberty Victoria [3], the Law Institute of Victoria [4], Australian Doctors Federation [4], Australian Privacy Foundation [4], , and Digital Rights Watch [5] in voicing concerns over the lack of patient privacy protections in the proposed bill. In particular we support the proposal of Liberty Victoria by calling for best practices in data protection, minimising data collection, requiring an opt-in for data sharing and supporting an explicit right to privacy.
Whiticker added, “At Pirate Party Australia, we have always stood for the protection of digital rights and privacy. This bill, in its current form, goes against our core values. We urge the Victorian Government to reconsider the bill and implement stronger privacy safeguards, including the ability for patients to opt out of the system.”
“We understand the need to improve efficiency and coordination within the healthcare system but this cannot come at the cost of sacrificing the privacy of Victorians. We must find a balanced solution that protects both the welfare of patients and their personal information.”
[1] https://pirateparty.org.au/2018/08/21/pirate-party-australia-supports-opting-out-from-federal-governments-myhealth-record-system/
[2] https://www.abc.net.au/news/2021-12-28/victorian-government-covid-contact-tracing-legal-fight/100728412
[3] https://libertyvictoria.org.au/content/liberty-victoria-comment-health-legislation-amendment-information-sharing-bill-2023-vic, accessed 2/4/2023
[4] https://www.theage.com.au/national/victoria/absolute-authority-call-to-halt-plan-to-collect-all-victorians-medical-records-20220309-p5a33m.html, accessed 2/4/2023
[5] https://digitalrightswatch.org.au/2023/02/23/vichealthinfosharing/, accessed 2/4/2023
Data needs to be obfuscated and readily available for all-round commodification of research. Refer numer.ai. Although very thorough obfuscation ( like zero knowledge proofs ) is not necessary because research can be affected.
Just add no column for personal details. No column for race even though it would have been very useful for research.
Further a metric completely opposite to what is being proposed here, which is what is the heterogeneity / decentralisation of the research on the national data.
Otherwise it’ll just be private cronies who “dispense” their closed research on unsuspecting public.
Death of the public sector.
It has to be illegal to customise insurance upwards, otherwise insurance discounts to healthy individuals cannot be given.
The word “health” has no meaning in other nations where it’s just incident management for profit. Less contractors reduce corruption ( yes healthcare is an obnoxious maze of contractors who are currently skimming trillions capitalising on fear ) and more employees reduce healthcare costs. Yes, you can have a 50% performance bonus so that public sector doesn’t become a fat cow which is the excuse that is most commonly quoted to kill the public sector.
Medical research is like an anti-pig, ugly when born, and some turn out beautiful. Protections need to be in place so that public judgement is illegal to lynch medical research in it’s infancies in any form.
Hi pirates
What we the consumer needs in Oz is a self sovereign digital commons aka GDPR. As being implemented by ngi.io in Europe. A commons will let the consumer manage their digital consent supported by a digital record.
With a commons then the Vic health record would have the infrastructure to deliver an opt out or in.
Currently the digital custody of my medical scans is held by the commercial provider in their digital record. It’s not as if Vic health record holds my data behind an admin’s key, it’s all held by the commercial service providers as a commercial asset.
Any way, the best place to start a commons here is with the Vic SEC thought bubble, start the commons with the 25 point powerbill ID as an energy data right with each consumer able to manage their own consent record with their self sovereign ID.
If this makes sense to you and you can stir, then haul away hearties.