ACHI criticises lack of technical regulation in PCEHR rules
The Australasian College of Health Informatics (ACHI) has criticised the exclusion of rules and regulations covering the technical design and operational control of the PCEHR from a consultation paper released by the Department of Health and Ageing (DoHA) last month.
In its response to the paper outlining the proposed rules and regulations for the PCEHR, ACHI called for more time for consultation before the legislation underpinning the system is debated in the Senate. The legislation has passed the House of Representatives and a majority Senate community affairs committee last month recommended it be passed.
ACHI said the exclusion of any rules or regulations relating to the technical design or administrative operations of the system was a “significant omission”.
“There will be no independent review of the terms and conditions to participate, which will be at the sole discretion of the system operator (DoHA),” ACHI said in its comments.
It also said that the draft terms and conditions for technology companies participating in the PCEHR were held on a section of the National E-Health Transition Authority's (NEHTA) website specifically for vendors.
“The site is not readily available to consumers, particularly those who may be considering the security of their information and whether to use advanced access controls,” the submission said.
“We note that at the time of writing the terms and conditions have been withdrawn for further consultation.”
The Australian Medical Association (AMA) has also strongly objected to the proposed terms and conditions for participation from a practitioner perspective, warning last week that it would recommend its members not participate in the PCEHR unless its registration conditions were changed.
The AMA said the proposed terms and conditions “place extraordinary obligations on healthcare provider organisations for matters that are largely out of their control” and that healthcare providers would be liable for failures and breaches of the PCEHR, not the system operator, which is DoHA.
The ACHI has called for more time for consultation and said the short time frame had “limited the capacity for broad consultation”.
It also said it was disappointing that the proposed rules paper “does not include the actual drafts of the proposed regulations and rules rather than simply providing commentary on the drafting intentions”.
The college has made 13 recommendations, including that the regulations and rules involve some mechanism to provide medico-legal protection “for users acting in good faith to acceptable clinical standards”.
It criticised the “very limited information” provided on the rules governing the operations of repository operators, portal providers and contracted service providers.
“As these type of organisations are new concepts in the context of the PCEHR it is essential for the protection of both the organisations and consumers that the regulations and rules governing their operations are appropriate to the need and are transparent.”
It also said the proposed rules conflated security provisions with privacy, saying these were two separate concepts in terms of information technology.
The college called for the proposed Independent Advisory Council be formed as soon as possible, and that the Minister for Health to be required to consult with this council prior to making rules under the legislation.
It also took issue with the complex proposals for access to documents in the PCEHR, which its says “appear to have been over-engineered with insufficient consideration of the target audience”.
Posted in Australian eHealth