1 in 10 Aussies' health records exposed

By Dylan Bushell-Embling
Monday, 18 December, 2017

1 in 10 Aussies' health records exposed

The federal Department of Health has inadvertently exposed the private health records of 1 in 10 Australians by releasing them as de-identified patient data that can be re-identified without decryption, researchers have found.

Researchers from the University of Melbourne’s School of Computing and Information Systems have published a report detailing how published historical health data from the Medicare Benefits Scheme and Pharmaceutical Benefits Scheme released last year can be used to identify patients.

The process involves linking the unencrypted parts of the record with known information about an individual, such as the date of individual medical procedures and year of birth.

For the study the unique patient records were matched against online public information of seven well-known Australians, including three current or former MPs and an AFL player.

Confidence in matches can be further improved by cross-referencing data with a second public dataset of population-wide billing frequencies, as well as commercial datasets such as bank billing data.

According to report co-author Dr Vanessa Teague, the incident highlights that there are important technical and procedural problems to solve before the release of de-identified data can meet its potential in facilitating research, innovation and public policy development.

“Open publication of de-identified records like health, census, tax or Centrelink data is bound to fail as it is trying to achieve two inconsistent aims: the protection of individual privacy and publication of detailed individual records,” she said.

“We need a much more controlled release in a secure research environment, as well as the ability to provide patients greater control and visibility over their data. Legislating against re-identification will hide, not solve, mathematical problems, and have a chilling effect on both scientific research and wider public discourse.”

Image credit: ©stock.adobe.com/au/Jürgen Fälchle

Follow us and share on Twitter and Facebook

Related Articles

Exploring the subtleties of data sharing

Frameworks for data sharing, as opposed to data release, need to be developed to preserve...

US federal agencies have poor cyber risk management

The US Government Accountability Office (GAO) has uncovered major issues during an audit of 23...

Public sector organisations vulnerable to cyber attacks

Nearly half of security professionals at public sector organisations in markets including...

  • All content Copyright © 2019 Westwick-Farrow Pty Ltd