Opinion: Is the new PIP QI a back door to your personal health data?

Are you ready for your doctor to get paid for supplying your data to the government on August 1 without any need for your consent?

In an unexplained twist of federal health policy, the Department of Health through its community arm, the Primary Health Networks (PHNs), is set to gather your data regardless of your consent or not. This system is devised outside of the legislative frame of the My Health Record and has no oversight.

GPs across the nation have been awaiting the federal government’s new Practice Incentive Program (PIP) payment. This was announced in the 2017 budget but no details have been announced to the public about how the system was to operate.

In the last few weeks GPs have been offered local briefings from PHNs. This is the first information available. To date no public forums have been offered. However “consultations” have taken place with the AMA, RACGP and commercial interests with expertise in data extraction.

What has been announced to doctors is an entirely new system which empowers a limited range of commercial data extraction companies to extract patient data from your GP’s records. This data will go to PHNs and then to the federal government. PHNs are poised to sign agreements or insist practices make agreements with the PHNs preferred extraction company.

Patient consent is not required to supply this data. The GP practice will receive a payment for providing the patient data. Although patient names are removed, the types of data being extracted will endanger patient confidentiality in both small practices and communities.

Your doctor's surgery already receives some money from the federal government linked to Medicare billing records. The existing PIP enables accredited practices to receive payments after Medicare items are billed to the government. Absolutely no patient medical record data such as blood pressure or weight is transmitted by the GP, only the Medicare items billed when services are provided.

The new system will take data on details such as weight, smoking status, alcohol intake and other items directly from patient medical files held by the GP surgery. If your GP surgery does not do this then most will incur a substantial loss of income compared to pre 2017 budget arrangements.

In choosing to create a new system the government is bypassing patient safeguards and consent which is build into the My Health Record (MyHR). The existing My Health Record system has potential for collecting the data, removing the need for involvement of private data extraction companies and a multitude of persons handling and patient data at the PHN level.

The MyHR system has requirements for consent, no third party extraction process, and provides flexibility about what data the patient wishes to or not to share.

In contrast, under the new system, doctors and nurses are being advised by PHNs and the Department of Health that a small sign in the waiting room indicating your data is to be used in this way is sufficient to deem patients consent.

Government and the community at large are aware that 10 per cent of the population have actively opted out of the My Health Record system, largely as they do not want their data shared.

This new system which started on August 1 has no ability to opt out at the patient level or data level. If your doctor or nurse, striving to preserve your confidentiality, does not participate then the practice will be financially penalised by the government.

The Australian community has expectations that the government will act in the public interest in seeking to improve the population's health status. The planning of health services will require the use of data. However, this imminent new system disrespects the confidentiality of doctor-patient relationships.

One is left completely puzzled why the existing $2.5 billion dollar MyHR is not used to collect this data in clear sight of the patient, the medical profession and the community at large. Could it be the federal government is playing bully boy with the profession?

And that the professional colleges, being sensitive to the failure of Medicare to keep pace with the cost of providing medical services, will trade anything, even professionalism and confidentiality, to avoid loss of funding for GP surgeries.

At this time it is not expected that state government hospitals will be paid to share data in this way.

Given the community concerns already expressed about the mining of data and manipulation of social media data, the government is in danger of having similar accusations levelled against it. Most in the profession have no idea of the damaging ramifications for patient confidence in their doctor or nurse.

Could it be the real agenda is the government is looking for a back door way to your personal GP data without parliamentary oversight or MyHR safeguards?

Mr George Orwell is likely the only one laughing.

Dr Craig Barnett is a GP practising in Newcastle and director of Healthy One Medical.

Posted in Australian eHealth

Tags: PIP QI

Comments  

+3 # Paul Campbell 2019-08-06 10:55
FACT CHECK:
Where Dr. Barnett says "This data will go to PHNs and then to the federal government" is incorrect. The data does not go to the federal government. The de-identified data stays with the PHN.
Regards, Paul
+2 # Ian Mcknight 2019-08-06 16:21
FACT CHECK: Dr Barnett says: "the Primary Health Networks (PHNs), is set to gather your data regardless of your consent or not"
Simply not true, as with even the most minimal effort, (e.g. typing the word consent in at the PCS Website search engine) would reveal the following:
Patient ‘consent withdrawn’ or patient ‘opt-out’ for sharing data can be flagged within CAT. This is set from the patient list and should be used where a patient has requested their data not be used for research purposes. It removes a patient’s data completely from any deidentified data files that CAT creates.
There's plenty more exaggeration or slanted commentary here too. The mischievous assertion that MyHR should be used as a research tool bearing in mind that the government has worked really hard to get the message across that the MyHR is primarily designed to facilitate better individual health outcomes and that any research aims are purely a secondary usage, and subject to stringent approval processes, and only then when the system becomes available for this.
It is a fact that the MyHR collects none of this data currently, and it's pure conjecture that 10% of people opted out based on concerns over data sharing for research purposes. In fact no one that has opted out that I have spoken too as cited this as a reason. If anything they were often spooked by media commentary (usually incorrect or exaggerated) and decided that opting out was the safest/easiest thing to do.
What is a fact is that practices have been sharing de-identified data via different projects for several years, and this has been a big driver for more accurate medical records and better system usage.
If Orwell is laughing, it's because he recognizes the foolishness of the reference.
# Craig Barnett 2019-08-23 23:11
Mr Mcknight makes some strange remarks in a number areas:

SECONDARY DATA :The MyHR has facilities for secondary data use and , it does not use pencat or polar nor does it need PHN custodians. Most importantly the consumer has full control over both existence of their record and availability or otherwise of their file for secondary use. https://www.myhealthrecord.gov.au/sites/default/files/hd315_factsheet_secondary_use_of_data.pdf

CONSENT & transparency in medical practice is paramount. The circumstances of the consent need very careful consideration. It should near never be the situation that a doctor is involved in consenting the patient for actions outside of their direct clinical obligations and responsibilitie s. The suggestion that I as a GP / Doctor should / could discuss with the patient the matters of their secondary consent as the ONLY mechanism for the patient to "opt out" is fundamentally flawed. The gap in this knowledge of consent, as illustrated by the RACGP, PHN and Mr McKnight is embarrassing. (Frankly I've seen better thought and planning happen in my back yard chicken coop than this oxymoron called a "Quality Improvement" initiative;) . The Patients right; is to opt out of data at their determination and control. Given a risk for perceived or actual power inequality between a Doctor and the Patient the patient must at all times be able to remove consent for their data use WITHOUT talking to the doctor or the practice staff. Patient's (independent of any GP consultation), may, in privacy, remove MyHR consent or change privacy settings at their will. No communication to the GP, Practice or PHN or Pencat or.. . The MyHR allows a consent model to Opt out of the whole system, or opt out of secondary data use, or set items to "private". To help familiarise those unfamiliar ... https://www.myhealthrecord.gov.au/sites/default/files/hd315_factsheet_secondary_use_of_data.pdf Remind us Mr McKnight how your detailed PENCat proposal addresses this fundamental process.

COLLECTION GATHERING AND TRANSPORT: As for collecting data through MyHR, this system has encryption , realtime two way connections with the GP surgery, multiple levels of practice and user identifiers, Signal Directorate assessments and most importantly uploaded data is visible to both the clinician and patient / consumer -: no need for secrets ! In the event of an accidental upload - data can be readily recalled and retrieved. In circumstances where the Patient has a MyHR there are EMR interfaces which already allows separate atomic items to be uploaded or not uploaded. One interface - the EMR to MyHR. Mr McKnight implies another set of consent settings for PENCAT or some other data mining tool. Finally Mr McKnight seems to ignore a workflow matter and risk for inconsistency - if Mrs Jones withdraws her consent from MyHR - without notifying the practice - then one would reasonably expect this to means her secondary data to PIP-OI is also withdrawn. If the PIP-QI report is now run the updated status of Mrs Jones MyHR is not yet present in the EMR. Hence the EMR will need to be reconnect and assess the MyHR status before taking Mr Jones data?
USE CASE : Finally the cost of data collection through MyHR is minimal - sure software vendors likely need some assistance to define and secure the various variables such as Smoking status / BP or weight . However the code and process to do this (presuming the application has a good DB design) should be a minor tinker added to the existing schema and existing clinician education and knowledge/ Surprisingly simple. Strangely, the MyHR pathway mean a few very focused and enthused vested interests become very less important. EMR Software vendors have transparency in what they need to do to comply. CLINICAL use of the MyHR is increased and the availability of useful data such as usual BP or Weight is helpful to clinicians using MyHR for clinical care.

EXISTING PROCESS OF 50%* of SURGERIES ARE "ALREADY SHARING DATA" (*as per Mr Bailey radio interview - PHN in Newcastle region) The sharing of data, has been alleged to be occurring. What level of disclosure and consent and data has been shared seems a moot point. Perhaps the matter requires reporting to the federal (and state?) privacy commissioner. A phone call indicates the commissioners department have no knowledge of this data sharing occurring. The reader needs to consider that the PIP-QI data is not just a few ratios; the data for PIP-QI includes; relationship status, sexual identity, gender and postcode to name just a few of the "de identified" parameters being collected. These "de identified" tables of data are to be "aggregated" and "de aggregated" at the whim of the multiple tiers of "custodians" of the data. It is interesting Mr McKnight draws our attention very clearly that the MyHR has " stringent approval processes" for secondary data use. Remind us why this does not matter if 3rd party companies and 31 PHNs are involved in data mining of patient files. There is clearly an agenda afoot that direct data mining from GP surgeries by PIP - QI is to be much less stringent in the use of this data. I find this professionally disrespectful to my patients, risky to society at large and ethically indefensible.

I remain no less reassured by the comments of the opponents, they reveal great deficiencies in respect for Doctor Patient privacy and respect of the Consumer privacy. The PIP-QI supports an expensive & bureaucratic expansive process to gather data. It in a pragmatic sense PIP-QI duplicates functions capable of being absorbed by MyHR. The money spent of PIP-QI would be better spent increasing meaningful standardise data flow through MyHR and being used with "stringent" respect of the patients data. A PIP-QI Via MyHR would retain the transparency of the Doctor patient interaction - no social media like shady sale of "secondary data". This dramatically avoids expensive duplication of systems for carrying and storing data.
Further to this as a clinician concerns over the declining numbers of smokers for a "QI" process is rather trivial in contrast to the real patients unable to work because they are waiting 12-24 months of knee surgery, diabetics waiting more than 9 months to see a public funded endocrinologist . Some people at the RACGP and Fed Dept of Health need to leave the committee room and sit in regional public hospital clinics - overflowing and under resourced . Sadly maybe a USA style private health system and profit motive is our QI.
Dr Craig Barnett
# Ian Mcknight 2019-08-25 02:02
Yeah, I don't think I made any strange remarks. I did call out the innacuracy of the "...regardless of your consent.." comment in the 2nd sentence of the article. I don't think that should be construed as "strange", unless of course you are not used to being challenged...
SECONDARY DATA, yes I'm well aware of the MyHR rules on this. They are suitably robust, but the current MyHR data could not be used to meet the 10 outlined performance measures. Actually, the rate of influenza vaccination for certain cohorts could possibly be gleaned, but I would suggest that the habit of many practices to upload the bare minimum amout of shared health summaries would not really render a sufficient sample size.
CONSENT..There is obviously strong feeling and thought gone into this paragraph, and fair enough. I don't have this depth of feeling for how consent should be implemented when it comes to deidentified data, and for some reason I don't feel the level of alarm or disrespect as a citizen that Dr Barnett feels I should. I certainly didn't make any detailed PenCat proposal, I merely pointed out the mechanism that the tool gives to remove consent. It was warranted in the face of an incorrect assertion. Actually Dr Barnett's refrain has morphed subtly from "your consent will be ignored" to "I don't agree with the way consent is withdrawn, now that I'm aware there is a method". Again, I'm not endorsing the method, merely saying that there is one. And, as a citizen, I can promise you I would not be inhibited by any power dynamic with my GP if I wanted to withdraw my consent, I just can't conjure the requisite alarm!
COLLECTION GATHERING AND TRANSPORT. Yup, The MyHR holds much higher security standards because the data is identified, Because that is the core purpose of the MYHR, to improve an individuals health outcomes by informing the unfamiliar point of care clinician with quality information. If we are suggesting making BP and Smoking part of that upload, great bring it on. Trouble is, in my experience GPs haven't exactly been falling over themselves to contribute to the MYHR, dragged kicking and screaming more like. But I'm sure Dr Barnett's call for practices to curate and upload more individual data for the MYHR will be warmly received by his peers.
Existing Process. Yeah, I reckon plenty of deidentified data has been shared around the country over the last few years. NPS Medicinewise maybe. Or an absolute host of PHN, Medicare Local, Division of General Practice projects.
I have no problem at all with some sort of a qi feed through the MyHR, other than I think it may muddy the messaging around the MyHR. This would have been disastrous before the opt-out period finished, less so now. I also think that the great majority of practices would choose a scheduled transmission of deidentified data over the increased workload from manually uploading more individual information.

You need to log in to post comments. If you don't have a Pulse+IT website account, click here to subscribe.

Sign up for Pulse+IT eNewsletters

Sign up for Pulse+IT website access

For more information, click here.

Copyright © 2019 Pulse+IT Magazine
No content published on this website can be reproduced by any person for any reason without the prior written permission of the publisher.