Daily Bulletin

The Conversation

  • Written by The Conversation Contributor

The Department of Health recently announced that Telstra had won a A$220 million contract to manage the register for the National Bowel Cancer and Cervical Screening Programs.

Telstra Health – the company’s health arm – will aggregate and manage data currently held by various state registries into one national database. There is potential that other cancer screening registries, such as breast screening, might also be contracted to Telstra Health in the future.

The registries not only contain personally identifying information, such as names and addresses, but also the results of pap smears that allow inferences about a person’s sexual status.

When Telstra Health’s venture into the market place was first foreshadowed in late October 2014, commentators highlighted potential issues around the privacy of Australians' personal information. So it was no surprise that this first Australian outsourcing provoked consumer advocates to highlight similar concerns.

Why outsource?

In 1993, two American management gurus, David Osborne and Ted Gaebler, proposed a magic pudding recipe for what they termed as Reinventing Government. In their model, government could set its objectives and use market-based approaches – including contracting out functions to private companies – to provide services to achieve them.

More than 20 years later, the waters of government contracting out are lapping at the gates of Medicare. The 2014 federal budget proposed outsourcing, or “market testing”, the processing of Medicare payments. And while we wait, the Telstra contract has become the first such outsourcing in Australia.

Private registry operators have been established in the United States for a number of years and have won contracts to run cancer registries in some states. So far, no data security breaches have been reported in these. But this doesn’t stop Australian health experts from worrying.

Privacy concerns

The Department of Health has taken the unusual step of issuing a media release in the middle of an election campaign to assuage concerns. It confirmed that Commonwealth privacy legislation will apply to the cancer registry data managed by Telstra Health and that “any misuse of data could be an offence under the Criminal Code”.

Although that language sounds strong, criminal prosecutions usually require proof of malicious intent, recklessness or negligence – a high standard that isn’t always likely to be obtained.

What is more likely is that well-meaning staff might not be scrupulous in rejecting data requests from those who, on first glance, appear to have a legitimate reason for knowing personal details. They might, for instance, release an address to a police officer hunting for a missing person who sought the information without a warrant. Or they might release data by mistake.

Concerns about privacy are exacerbated by the fact that Telstra has breached its customers' privacy before. In 2011, around 60,000 BigPond users' passwords were temporarily displayed on the internet, leading to an investigation by the Privacy Commissioner for security breaches.

And in January this year, personal voicemails of one Telstra user were mistakenly sent to another. This may be a small example of a data breach, but everyone is entitled to their privacy.

Contractual protections

Beyond legislative threats, privacy concerns can only be assuaged through contractual provisions, whether in the cancer registry contract or with the processing of Medicare payments. Unfortunately, we don’t know how strong the provisions are in the proposed contract and what the renewal provisions are.

Unauthorised release of data potentially costs registries in terms of investigations and regulatory compliance, but these costs should be increased to ensure managers have even greater incentives to take strong action to protect patient privacy.

The automatic consequences of release of data – inadvertent or not – must be made so great that any risk-management matrix will ensure the organisation and its managers always have patient privacy at the forefront of their mind. It will not be good enough to do the standard dance after the data is released, or inappropriately used, where the contracting organisation (in this case, the Department of Health) tut-tuts, and the contractee (in this case Telstra Health) issues a mea culpa.

The contract should prescribe tough financial penalties that have automatic effect after any data release, allowing little discretion for the penalties to be lobbied away with promises of future good behaviour. The contractual penalties need to be strong enough (A$1 million per person identified or data element used, for instance) so management ensures that patients’ rights and privacy are protected.

Consumers might also be given a right to sue for breach of their privacy to further focus management’s mind.

Clearly, the cancer screening registry contract is only the first of the potential outsourcing of health programs. It creates a precedent that needs to be right.

Authors: The Conversation Contributor

Read more http://theconversation.com/telstra-health-will-hold-australians-cancer-details-so-we-need-to-ensure-their-privacy-is-protected-60104

Writers Wanted

Bob Brown is right – it's time environmentalists talked about the population problem


Housing a sense of self: for migrant communities, bilingual school programs are about more than learning


The Conversation


Prime Minister Interview with Kieran Gilbert, Sky News

KIERAN GILBERT: Kieran Gilbert here with you and the Prime Minister joins me. Prime Minister, thanks so much for your time.  PRIME MINISTER: G'day Kieran.  GILBERT: An assumption a vaccine is ...

Daily Bulletin - avatar Daily Bulletin

Did BLM Really Change the US Police Work?

The Black Lives Matter (BLM) movement has proven that the power of the state rests in the hands of the people it governs. Following the death of 46-year-old black American George Floyd in a case of ...

a Guest Writer - avatar a Guest Writer

Scott Morrison: the right man at the right time

Australia is not at war with another nation or ideology in August 2020 but the nation is in conflict. There are serious threats from China and there are many challenges flowing from the pandemic tha...

Greg Rogers - avatar Greg Rogers

Business News

Digital-based strategies that grow and expand your business

Small and medium-sized businesses are increasingly relying on new technology solutions to strengthen their product development, marketing, and customer engagement activities. Technology adoption...

News Co - avatar News Co

What Few People Know About Painters

What do you look for when renting a house? Most potential tenants look for the general appearance of a house. If the house is poorly decorated, they are likely to turn you off. A painter Adelaide ...

News Co - avatar News Co

Important Instagram marketing tips

Instagram marketing is one of the most important approaches for digital advertisers. If you want to promote products online, then Instagram along with Facebook is the perfect option. After Faceboo...

News Co - avatar News Co

News Co Media Group

Content & Technology Connecting Global Audiences

More Information - Less Opinion