Menu
News

LEAKED: 1 in 10 Australians' medical records exposed

Confidential patient health data has been released in a major blunder by the Department of Health.
Confidential patient health data has been released in a major blunder by the Department of Health.

ONE in 10 Australians' private health records have been exposed in a major error by the Department of Health that shows what medication patients are on and whether they are seeing a psychologist.

Heath data from the Medicare Benefits Scheme and Pharmaceutical Benefits Scheme released in August 2016 can be traced back to the individual, University of Melbourne researchers found.

The data was supposed to be anonymised when it was released in August 2016, but the report found it could easily be traced back to the owner by linking a record with known information such as date of birth and medical procedures.

The study revealed unique patient records matching the online records of seven prominent Australians, including three former and current MPs and an AFL footballer.

A team from Melbourne's school of computing and information systems warned that similar problems could exist with other de-identified government data, from the Census, tax or Centrelink, for example.

"We found that patients can be re-identified, without decryption, through a process of linking the unencrypted parts of the record with known information about the individual such as medical procedures and year of birth," said Dr Chris Culnane, who conducted the study with Dr Benjamin Rubinstein and Dr Vanessa Teague.

"This shows the surprising ease with which de-identification can fail, highlighting the risky balance between data sharing and privacy."

The health records of one in ten Australians can potentially be matched up to the individual, exposing any medication they are taking and whether they are seeing a psychologist.
The health records of one in ten Australians can potentially be matched up to the individual, exposing any medication they are taking and whether they are seeing a psychologist.

The researchers found they could narrow down the individual using commercial datasets, such as credit history.

A private medical insurer, for example, could then look through decades of health records for around 2.5 million people, including information about births, terminations and surgeries.

Dr Teague said that while there were good reasons to release data for research and policy purposes, the report showed there were "important technical and procedural problems to solve".

She said a "much more controlled release in a secure research environment" was required, along with "the ability to provide patients greater control and visibility over their data."

The Department of Health said in a statement that it "takes this matter very seriously" and had already referred this to the Privacy Commissioner.

"The project was halted and remains halted, and the dataset was removed immediately," a spokesperson added.

"This matter dates back to 2016 and since then the Australian Government has taken further steps to protect and manage data.

"The Department is working with the University of Melbourne and has already acted to improve its processes.

"The Department has not been aware of anyone being identified."

Topics:  blunder department of health editors picks information leak private data



Coffs Harbour feels the earth shake as 4.2 quake hits

COFFS QUAKE: A waveform image of the 4.2 magnitude earthquake which struck the Coffs Coast on Wednesday, January 24, 2018.

It is the biggest to have hit Australia in the past few days

Bigger earthquake possible after swarm of quakes hit

SHAKY GROUND: Multiple earthquakes have been recorded in Bellingen and Dorrigo in the past few days.

COFFS Harbour has been rocked by a magnitude 4.2 earthquake.

This angler has a better 'one that got away' story than you

LUCKY ONE: Billy Avery had a 4-5 metre steal his spanish mackerel. Fortunately his mate caught caught another to provide a feed.

Fisherman battles big mackerel and even bigger shark

Local Partners