The Australian Medical Association (AMA) has called for stronger safeguards to protect patient data, saying laws must be in place to prevent security breaches and the use of health data to boost private profits.
In a new position paper, the AMA pointed out the need for a broader national discussion on health data governance and ownership of data in digital health systems.
The organisation called on the government to look into European-style privacy laws and transparent limits on how, when, and by whom patient data can be accessed.
“Effective data governance will ensure the appropriate collection and use of data,” AMA President Professor Stephen Robson said.
The AMA expressed its concerns about access to health data by private health funds and technology companies. It said that government must boost efforts to thwart cyberattacks and any attempts to monetise patient data.
“The AMA does not support sharing health information (particularly MBS and PBS data) with private health funds outside the existing statutory schemes,” Robson said.
“Patients’ medical information must be protected to maintain the clinical independence of their healthcare pathway.”
Robson emphasised that the AMA was strongly against the use of health data to increase the profits of privately-owned entities, and said that this move was “unethical.”
He added that health data custodians — including doctors, healthcare providers, private health insurers, and clinical software developers/operators — should be subject to strong mechanisms to prevent data hacking and misuse of patient data.
AMA’s call comes on the heels of a high-profile data breach that affected 9.7 million Medibank customers.
The health insurer has confirmed that last year’s massive cyberattack also involved data from people who requested quotes with its health insurance brand ahm.
The names, dates of birth, addresses, phone numbers, and email addresses of customers were stolen and posted online by hackers believed to be from Russia.