Communist Party of Australia


The Guardian

Current Issue

PDF Archive

Web Archive

Pete's Corner


Press Fund


About Us

Why you should ...

CPA introduction

Contact Us

facebook, twitter

Major Issues





Climate Change



What's On






Books, T-shirts, CDs/DVDs, Badges, Misc


Issue #1852      December 12, 2018

My Health Record

Still time to opt out

You have up until January 31, 2019 to opt out of My Health Record (MHR). If you don’t opt out, then the government will automatically “opt you in”. My Health Record (MHR) is flawed in its design with no guarantee of privacy and lack of informed consumer choice. There is also the very real danger and likelihood of it being privatised at some point in the future.

MHR is an online summary of your health information, such as medicines you are taking, any allergies you may have and treatments you have received. It is not a full medical record.

The system involves a centralised database. It is designed for people who are computer literate. If you are not computer literate and have a MHR it will be up to others to assist you such as a GP who is not busy (!) or it operates by default and all the talk about you having control becomes nonsense.


Healthcare and social security groups have raised concerns about future use of MHR and the lack of privacy safeguards in the My Health Record Act 2012 which governs the system. They fear it could be used by other government departments such as Medicare, Centrelink, the Australian Taxation office, Defence Forces and others.

They have good reason to be concerned. There are many similarities with attempts to introduce centralised systems in the past.

In 1985, the Hawke Labor government attempted to bring in the Australia Card, a form of ID card which would be required to operate a bank account or receive social security payments and for taxation purposes. It was shelved largely because of its unpopularity and replaced by the Tax File Number.

The Howard Coalition government proposed the Health and Human Services Access Card in the early 2000s as a form of identity card. This was to address terrorism and cross-reference social security benefits with tax paid by individuals. The Howard government was thrown out of office in 2007, before passing the highly unpopular and controversial legislation.

The Access Card was presented as opt-in and voluntary but it was a pre-condition for access to health (Medicare, PBS, etc) and social service benefits. So much for voluntary!


There is also the very real possibility that personal information will be on-sold to the private sector – life and private insurance companies, workers’ compensation providers, employers, pharmaceutical companies, etc.

In Britain, a very similar scheme was abandoned in 2016 because it was discovered that medical records were being sold to private insurance and pharmaceutical companies, contrary to the privacy provisions of the Act.

Once registered with an MHR, there is little you can do when this or a future government changes to the rules or when any of the rules are breached. If you opt out later, then your data will become inaccessible to you and your medical practitioners but the government, researchers and others will still have access. It is still not deleted until 30 or more years after you die.

When a breach is not a breach

No matter what it says, the government is not in a position to guarantee the security of patient information. There are potentially 900,000 practitioners and organisations that could register as healthcare providers. According to the government’s MHR website around 14,000 of these have registered – hardly an overwhelming vote of confidence.

No audit has been done of how they protect data. The security of a system is only as good as its weakest link.

The government has anticipated security breaches at this level in its legislation for MHR. Where information in a MHR is obtained from a health carer who has downloaded the record, then it is not considered to be a breach of MHR!

In other words breaches on the edges of the system are not considered breaches, not punishable under the Act.

Better system

“The issue is not a resistance by the health profession to e-health; the fundamental issue is the centralised database model controlled by government and from which all other issues flow,” Marie Johnson, the former chief technology architect of the Access Card, said. (“Why My Health record is flawed”,, 21/08/2018)

The Australian Privacy Foundation takes a similar common-sense position: “Most clinicians already use an electronic medical record system. These can be improved by better communication between existing systems, not by introducing another, less useful, less secure copy in a system that has some of the hallmarks of a scheme designed for surveillance and less-controlled disclosure, rather than your healthcare.” (“The biggest privacy risks to your my Health Record – the Government”, 24/07/2018,

All you have to do is write your own, or get your GP to do it for you. It would also mean that, unlike My Health Record, you do actually have full access and control. If you wish, you can have different documents for different purposes.

You can carry a printed copy; put it on a memory stick along with a password; include details of how to get hold of the password in an emergency and hang the memory stick around your neck; if you are into high tech, you can encrypt it and put it in a cloud somewhere; your family and/or partner can have a copy.

Next article – Editorial – A momentous year

Back to index page

Go to What's On Go to Shop at CPA Go to Australian Marxist Review Go to Join the CPA Go to Subscribe to the Guardian Go to the CPA Maritime Branch website Go to the Resources section of our web site Go to the PDF of the Hot Earth booklet go to the World Federation of Trade Unions web site go to the Solidnet  web site Go to Find out more about the CPA