The Medibank healthbook is a personally controlled electronic record of an individual’s health information and history. healthbook will be overseen by 100 Medibank Health Solutions nurses who are already registered with their Healthcare Provider Identifier - Individual (HPI-I).
According to Isabel Frederick, general manager for eHealth at Medibank, the portal will enable customers to record their medical information, so it will act as a supplement to the larger PCEHR.
“healthbook will be an important tool for maintaining and collecting health information that will enable a person and those authorised by them to access useful health information, online, anytime and anywhere,” Ms Frederick says.
“Over time, users will also be able to have access to chronic disease management information and support, take part in health risk assessments, and connect to many other offerings available to members and customers of Medibank.”
It will be different from other consumer health portals like Microsoft’s HealthVault and the now-defunct Google Health, she says, in that the initial users of the product will already have established relationships with Medibank, so healthbook will be an extension of that customer relationship.
Medibank is building the solution but is partnering with IBM Australia, which has been engaged to provide system integration and project support capabilities.
“Underpinning the capabilities of healthbook is an important security, privacy and audit layer,” Ms Frederick says. “This will ensure that only authorised customers, Medibank health providers and, in the longer term, external health service providers will have access to view and create health content on customers’ records.
“Importantly, the user will control their own health information and control who can view that information.”
In the initial stages, the consumer will post health information to the website manually but will eventually be able to import images. When healthbook links up to the national PCEHR infrastructure, GPs will then be able to access data from the repository, with the consumer’s consent.
“The security system has been designed by architects with a defence background,” Ms Frederick says. “Furthermore, the level of security will exceed current Medibank levels, which are approved and audited.”
It will in due course connect with the PCEHR, via suitably secure communication channels, including the secure shell (SSH) network protocol for secure data communication, hypertext transfer protocol secure (HTTPS) and SSH file transfer protocol (SFTP). She says different encryption will be used at different levels, including “encryption at rest”, which she described as being similar to that used in the banking and finance sectors.
“In short, the security will meet or exceed the national PCEHR requirements. The project is running on track and is scheduled for a soft launch in May 2012, with the intention to go live in June.” Initially, it will be available to a small subset of Medibank customers, who are enrolled in chronic disease management and coaching programs, she says.
“It will in due course be expanded to Medibank’s 3.7 million private health insurance customers and hopefully the broader public.”