The Australian Dental Association (ADA) thanks the Department of Health (Department) for the
invitation to comment on the Electronic Health Records and Healthcare Identifiers: Legislation
Discussion Paper (Discussion Paper). The ADA is the peak national professional body representing
the vast majority of Australia’s dentists and dental students across both the public and private
sectors.
While the ADA overall supports the changes outlined in the Discussion Paper, the following
suggestions should be adopted by the Department. For convenience, the feedback is largely framed
around the headings of the Fact Sheets and the Discussion Paper.
Preliminary matters
While the Discussion Paper states that the new name for the Personally Controlled Electronic Health
Record (PCEHR) will be “My Health Record”, retaining the name “Record” risks being confusing for
health practitioners and patients alike. Given it is a summary and not a complete record the title “My
Health Summary” is more appropriate.
3.2 Governance
The ADA supports the formation of the Australian Commission for Electronic Health (ACeH).
However, the ADA urges that the ACeH Board and its advisory committees include representatives
from dentistry and also allied health as part of its membership. To date, work on progressing the
PCEHR system has focused primarily on engaging medical practitioners (namely General
Practitioners); which neglects the input of dental practitioners and allied health practitioners in
ensuring the system meets the needs of all within the health sector.
3.3 Participation
Ultimately participation in the PCEHR system will be best maximised when there is a concerted and
comprehensive public awareness and education campaign outlining the benefits of the record
system to healthcare providers and individuals alike. The Discussion Paper refers to feedback already
provided by stakeholders about the importance of supporting materials and on-the-ground training
to ensure maximum take-up by all health practitioners. This feedback also noted the importance of
the Department working with practice software vendors so there is adequate uniformity and
interoperability of software to support the PCEHR and its integration into, for example dental
practice patient management .
The ADA supports distinguishing between healthcare providers and organisations in the Healthcare
Identifiers Act 2010 (HI Act) so that there is no longer ambiguity about whether information about
organisations is considered to be ‘personal information’. However the legislation must ensure that
identifiers for healthcare provider organisations that will be publicly available (and not afforded the
same privacy protections as ‘personal information’) cannot be misused by those wishing to engage
in fraud.
The ADA supports the trial of an opt-out approach to the PCEHR and supports the one million people
sample size. However, the ADA would like to raise the following concerns with the proposed timing
for the opt-out trials:
1. “(b) Trial registration period”:
The ADA questions whether two weeks is an adequate amount of time to register eligible individuals
in trial regions (that is, to create PCEHRs). While it is expected that registration activities will draw
upon information already accessible to the Department and associated agencies, considering the
trial regions are intended to encompass a million people, the ADA suggests putting a longer time
period for this phase.
2. “(c) Transition period and (d) provider access”:
The Discussion Paper does not explain what is expected to occur in the intervening period between
phases (c) and (d).
Phase (d) states that from around July 2016 “healthcare providers can access PCEHRs created for
individuals in the trial regions and will be able to upload records” (ADA italics). While the ADA notes
that the trial of the opt-out is focused on individuals’ experience with having their record established
and using the system, there must be consideration as to the kinds of assistance and resources that
will be provided to assist healthcare providers to upload documents relating to their patients’
records. As referred to earlier, software vendors have indicated to the ADA that when it comes to
dental practice software, there will be little work done on developing interoperability with the
PCEHR until such a time as the Department and the then National E-Health Transition Authority
(NEHTA) provided clarity on how the PCEHR System was to work with dental practice software. Our
understanding is that other non-medical health practitioners’ software vendors have adopted similar
positions. Also more broadly, the dental profession is an example of a health profession that has to
date not been provided with targeted incentives and support to ensure that they are able to access
and use the system. Other non-medical health practitioners face similar constraints. If this situation
is not addressed, a large number of health practitioners will not be able to upload records as Phase
(d) envisages.
With respect to the section on registering healthcare provider organisations and other entities in
opt-out trials, it states “Healthcare provider organisations will be encouraged to use the system
through revised incentives, education and training services” (page 15). The ADA would like to
emphasise that these initiatives are critical for the trial, and ultimately, the overall operation and use
of the PCEHR by individuals and healthcare providers. Dental practitioners and allied health
practitioners must be provided with the same support and incentives as medical practitioners to
ensure that the benefits of the system can be realise for all participants and patients.
The ADA also suggests that a future education and awareness raising campaign also include
informing trial participants when they can revisit their PCEHR after the successful upload of
documents to that record by health practitioners. This way, trial participants can see that their
record is populated and will be used. A successful registration per se would not be sufficient to
convince individuals of the PCEHR’s value. Naturally, provided that all health practitioners are
provided with adequate training and support to use the PCEHR they will be able to demonstrate to
individuals how the system further supports their healthcare.
3.4 Obligations of parties
The ADA notes that:
… it is proposed to amend the PCEHR Act requirement to report data breaches to include healthcare provider
organisations and contracted service providers. This would help standardise the response of participants in the
PCEHR system should there be a breach and would rationalise obligations for healthcare provider organisations
and contracted service providers.
Amendments would also be made to clarify when data breach notifications must occur (page 17).
Should this requirement be implemented, there must be a concerted information campaign to
inform healthcare provider organisations of their reporting obligations and processes around this;
considering the potentially severe penalties for failing to do so. These penalties risk dissuading
practitioners from participating in the system; it further emphasises the importance of adequate
funding and educational support to ensure that all practitioners are able to be on the system and
use it effectively and appropriately.
Under “3.4.3 Obligation for organisations to have PCEHR policy”, the ADA is concerned that:
“… there is no requirement for this policy [that addresses PCEHR matters] to address how the organisation will
ensure data quality so it is proposed that this requirement be included. … This is to ensure that all participants
in the PCEHR system have appropriate security and information handling practices in place” (page 17).
This proposal adopts a ‘one size fits all’ approach which does not consider the fact that the majority
of dentists work in office based practices and as such the resources available to them are limited and
not the same as those for health practitioners in hospital or corporate organisations. The ADA urges
that any security and data quality requirements be reasonable and proportionate and take into
account that health practitioners work within a variety of organisational and business structures and
so they have varying levels of resources at their disposal to confirm to security/data requirements.
3.5 Privacy
The ADA supports SMS/email notifications to be given to individuals whenever their PCEHR is
opened; noting however there should be options to provide a gradation of types of notifications, on
what type of access and so on.
The ADA is not averse to including a range of criminal penalties in addition to the civil penalties
available to address misuses of PCEHR information and individuals’ healthcare identifiers; provided
that the threshold for what constitutes serious, criminal misuses of this information is reasonable
and reflected in other provisions that deal with misuse of such information on other contexts (such
as financial data and so on). Naturally these provisions must ensure that natural justice and
procedural fairness requirements with respect to investigations and enforcement are met.
The ADA supports changes to enable other Commonwealth entities to perform the role of HI Service
Operator.
Dr R Olive AM RFD Federal President, Australian Dental Association