Key Issues

Introduction

2.1        While the expansion of the screening programs for bowel and cervical cancer has received widespread support, the establishment of the Register to support this has caused some public comment. This chapter outlines the key issues arising from evidence to the committee's inquiry.

Public health and cancer prevention

2.2        The committee recognises the overwhelming support from stakeholders for the new National Bowel Cancer Screening Program (NBCSP) and renewed National Cervical Screening Program (NCSP), given their important role in public health in Australia.

2.3        The two cancer types included in the National Cancer Screening Program – bowel and cervical – present significant health risks to Australians and therefore pose substantial challenges from a public health perspective. The improved screening programs, supported by the Register, will address these challenges and save the lives of hundreds of Australians every year.

2.4        The School of Public Health and Preventative Medicine at Monash University noted the significance of the Register:

Screening is one of the most effect ways of reducing the incidence of cancer in our community. At a time when treatment options for many cancers are limited and increasingly expensive, the role of screening has an increasingly important role to play.[1]

2.5        Similarly, the Victorian Cytology Service (VCS) – a not-for-profit health‑promotion charity which has operated cervical cancer screening registers – argued that the Register will play a vital role in supporting the two screening programs:

The role of screening registers has never been more critical than in this time of transition. This is of particular importance in the current time period as the National Cervical Screening Program, which has proven so successful over the past 25 years, is due to transition to a new screening method, age group and screening frequency ('Renewal') on 1 May 2017. Ensuring that women with cervical pre-cancers and cancers are tested and managed properly during the transition from the current program to the new program is vital, as is a strong and effective registry infrastructure to closely monitor and evaluate the new program in real time. Similarly, the National Bowel Cancer Screening Program is expanding to be offered to more Australians more frequently, also requiring effective and increasingly efficient registry support.[2]

National Bowel Cancer Screening Program

2.6        Bowel cancer is the second most common cause of cancer deaths in Australia, responsible for approximately 4 000 deaths per year. Australia has one of the highest rates of bowel cancer in the world.[3]

2.7        The expanded NBCSP encourages every Australian aged between 50 and 74 to undertake an at-home screening test every two years. The Department of Health (the department) predicts that this will prevent 300-500 deaths per year.[4]

2.8        Cancer Council Australia noted that current participation in the NBCSP is 37% and that expansion of the program could see a rise to 60% participation by 2020. This in turn would prevent 84 000 premature bowel cancer deaths by 2040. As Cancer Council Australia argued:

... evidence show[s] that optimal bowel cancer screening (apart from tobacco control) is the single most effective intervention available to the Australian Government to reduce cancer death and disease burden.[5]

National Cervical Screening Program

2.9        Cervical cancer causes 250 deaths per year in Australia. While it is considered one of the most preventable forms of cancer, 80 per cent of women diagnosed with cervical cancer had either never been screened or were not regularly screened prior to diagnosis.[6]

2.10      While the NBCSP focuses on expanding coverage of the screening test, the renewed NCSP takes advantage of medical advances. The previous program was based on a two-yearly Pap smear test; but from 2017 will be based on the Human Papillomavirus (HPV) screening test, conducted every five years. This change was based on the recommendation of the Medical Services Advisory Committee.[7]

2.11      Currently, the NCSP is based on separate registers in each of the eight states and territories. One function of the renewed NCSP will be consolidating those registers into one Register, as each of the states and territories opts into the national Register.

Data privacy

2.12      A key concern for several stakeholders was that of data security and privacy for the personal information to be contained within the Register. The committee heard that concerns about data security and privacy may affect people's confidence in the Register and therefore its success.

2.13      For instance, the Menzies School of Health Research noted that the public –and particularly Aboriginal and Torres Strait Islander people – would need to be assured that their personal information was secure to encourage participation in the Programs.[8]

2.14      Similarly, Bowel Cancer Australia referred to their own research which reveals high levels of reluctance to discuss the disease or take action including screening. They argued:

Layering privacy concerns for participants and patients on top of a disease with a considerable stigma can undermine confidence in the Program and ultimately its life-saving potential. We therefore need to strike the right balance between participant and patient privacy and population screening.[9]

2.15      A key concern is that people's data must not only be secure but seen to be secure if the Register is to succeed.

2.16      In response to such concerns, the department pointed out that Section 95B of the Privacy Act 1988 (the Privacy Act) requires external service providers – such as Telstra Health in this instance – to abide by the same standards as the contracting agency. Therefore, the department gave evidence that the contract between the department and Telstra Health imposes Commonwealth-standard privacy obligations on the latter. Included in these obligations are requirements that Telstra Health:

• build and operate the Register in accordance with Commonwealth cybersecurity guidelines for new ICT infrastructure, taking into consideration sensitivity and classification of the information it stores;
• at all times comply with and adhere to the stringent controls of the Commonwealth Protective Security Policy Framework (PSPF) which sets out mandatory requirements to:
  • manage security risks to their people, information and assets;
  • provide assurance to the government and the public that official resources and information provided to the Register are safeguarded; and
  • incorporate protective security into the culture of the Register; and
• at all times, comply with the Information Security Manual (ISM) and the National Identity Security Strategy.[10]

2.17      Telstra Health specified their process for assuring data security, noting its compliance with the Australian Government's Protective Security Policy Framework. This includes certification through the Australian Signals Directorate (ASD) assessment program and implementation of a continuous review and assessment program to ensure ongoing protection of information, constant auditing of access to the Register,[11] alongside a requirement that all personnel with access to the Register have security clearance and are bound by confidentiality clauses:

The Register will follow the same three layered accreditation process that is used for all Australian Government solutions, including My Health Record. The process includes an audit of the solution architecture and controls, and certification that the controls have been implemented and are operating effectively, by an independent Australian Government certified auditor through the Australian Signals Directorate assessment program.

This accreditation and assessment process will provide independent assurance that appropriate and effective security controls have been implemented and operating to effectively process, store and transmit sensitive health information. It also provides assurance that a continuous review and assessment program has been implemented to ensure the ongoing protection of information.

All Telstra personnel who are involved in managing or operating the Register are bound by strict confidentiality undertakings. In addition, Telstra personnel who have access to or are likely to have access to the Register's data must possess appropriate security clearances.[12]

2.18      Telstra Health also confirmed that all data, by requirement, will be stored in Australia.[13]

2.19      Pathology Australia noted that, while data privacy is an important consideration:

We believe this legislation puts in place the necessary patient privacy and confidentiality mechanisms that are seen in other parts of the public – private partnership that Australia's healthcare system is built on.[14]

2.20      Other witnesses, such as Cancer Council Australia, argued that privacy and data issues should not obscure the Bills' function of establishing a Register with an important role in Australia's public health:

Concerns about issues such as privacy are often raised when a major public health initiative, underpinned by the management of population-level health data, is introduced or reformed. While such concerns might in some cases be in the public interest, the core priority of any Parliament should be the saving or extending of its constituents' lives. To this end, concerns about the bills should not have a flow-on effect of delaying the advancement of the NBCSP or the Renewal.[15]

2.21      The committee also heard evidence about the reporting of breaches of the security of data. Telstra Health's contract obliges them to report data breaches to the department, and prevents reporting data breaches to affected individuals.[16] However Telstra Health further noted that broader Telstra practice, which is also in line with a separate piece of legislation currently under the Attorney-General's consideration, mandates the notification of affected individuals.[17]

2.22      The committee notes the high standards of data security under which Telstra Health are obliged to maintain the Register. While agreeing with witnesses that the security of personal medical information is of the utmost importance, the committee notes assurances from both the department as the responsible agency and Telstra Health that they as the operator have put in place the highest possible security standards.

Timing

2.23      Several submitters emphasised the importance of the Bills' passage, given that delays in the passage of the enabling legislation would cause delays in the roll-out of the screening programs from May 2017. The department's submission noted that:

Sufficient lead time is required for data migration, merging, de-duplication, system testing and quality assurance processes prior to commencement of the Register. However, with the lapsing of the NCSR [National Cancer Screening Register] Legislation in May 2016, the lead time has been reduced by approximately five months. Implementation of the Register is reaching its critical point for meeting the go live date of the Register on 20 March 2017 for the NBCSP and the commencement of the renewed NCSP on 1 May 2017.[18]

2.24      Since the existing state registers are not equipped to handle the new NCSP, a delay in the Register's establishment would result in a late implementation of the new NCSP. The NBCSP would incur additional costs by continuing in its current form as managed by the Department of Human Services.[19]    

2.25      Cancer Council Australia expressed the concern that:

Delays to the passage of the bills could delay essential program improvements needed to increase participation, such as an enhanced screening pathway and extensions to the screening age cohort (scheduled to take effect from 1 January 2017). Moreover, the history of the NBCSP shows that exaggerated concerns about any aspect of its integrity discourages participation – compounded by an overall lack of bowel cancer awareness.[20]

2.26      Similarly, the Royal College of Pathologists in Australia argued that 'time is of the essence' in the passage of the Bills and noted that 'there may be health consequences for Australian patients if there are disconnects during the crucial transition phase from the current to the future program'.[21]

2.27      The committee sought clarification regarding the reason why the department's contract with Telstra Health had been finalised before the enabling legislation had been passed. Ms Bobbi Campbell, representing the department, explained that the amount of work required to establish the Register would mean there would be significant delays in implementing the programs if the contracted operator could not begin work until after the legislation had been passed:

That would be an issue in terms of migration of the data. That would be an issue in terms of actually getting to the deadline that we need to get to. Contracts for IT require quite a lot of build, design and specification. There is a big process involved in essentially getting up to speed so that the service provider can be in a position to be able to then migrate data and provide the register. Generally speaking, Commonwealth standard contracts have provisions in place which allow contracts to have this necessary build process and build milestone and also allow flexibility for those sorts of contracts to be able to be varied, amended or even terminated should they need to be terminated.

[...]

Waiting for the legislation to be passed for the contract to be signed would have significantly delayed the implementation of the register.[22]

2.28      In addition to that concern, several witnesses noted that the sector has anticipated the change in screening methods, since the new test has a much lower level of labour intensity. As a result, the workforce no longer exists to continue supporting the current program. Pathology Australia noted that the industry has been preparing for the transition from Pap smear tests to the new HPV test for the past two years. As a consequence, many cytologists previously performing Pap smear tests have moved to alternative careers and therefore the workforce 'no longer has the ability to adequately support the current program'.[23]

2.29      This concern was also noted by Professor Annabelle Farnsworth, Director of Douglass Hanly Moir Pathology, providers of the largest cervical cancer screening service in Australia. Professor Farnsworth argued that: 'It needs to be clearly understood that the remaining workforce will not have the capacity to support the current program beyond the proposed start date of the Renewal'.[24]

2.30      The committee notes the serious concerns stakeholders have raised regarding potential delays to the passage of the Bills and the effects those would have on the roll-out of the screening programs. The committee concurs that the Bills should be passed expeditiously.

Contract with Telstra Health

2.31      A key area of interest for many submitters and witnesses to this inquiry was the department's contract with Telstra Health, a commercial, for-profit operator, to manage the Register.

2.32      Of particular concern for some witnesses was that Telstra Health may have conflicts of interest between its obligation to resource and operate the Register to the necessary standards and its duties to its shareholders to run its business profitably. For instance, public health academic Professor Bruce Armstrong argued in his submission:

It is so far unprecedented, to my knowledge, that the contract for provision and management of any screening register in Australia has been awarded to a stock-market-listed public corporation. Invariably such registers have been provided, managed or both by a directly government controlled entity or by a not-for-profit, non-government organisation with a primary interest in cancer control. I believe that this has been the case because of the perception that the operations of these entities would be largely, if not completely, free of conflict between the public interest in the registers' operations and any private interest the managing entities might have.[25]

2.33      When asked about this at the committee's public hearing in Sydney on 29 September, Telstra Health Chief Executive Officer, Mr Shane Solomon, responded that it is in the best interests of Telstra Health's shareholders for the Register to operate without failures or compromises:

I would have to say that I do not see the difference, because our responsibility to our shareholders—and there are many in Australia—is to provide these sorts of services. The net effect of any of these kinds of breaches, for example, both legislatively and contractually, would adversely affect our shareholders. I think Telstra has a very strong view around serving customers and that is the best way to serve shareholders. The Commonwealth is our customer here.[26]

2.34      The School of Public Health and Preventative Medicine at Monash University also supported Telstra Health's contract to operate the Register, noting that the complexity of the system required would be 'well beyond the capacity of any academic institution'.[27]

2.35      Of the process for forming the contract with Telstra Health, the department noted:

The process for identifying a suitable Register Operator was undertaken as an open competitive process with rigorous checks and balances in accordance with the [Commonwealth Procurement Rules], to ensure the Register is delivered on time, within budget and to a very high standard. The Services Agreement between the Commonwealth and Telstra Health provides the operational requirements for Telstra Health as the service provider for the Register, including contractual obligations for operator personnel to protect the ICT infrastructure and personal information held in the Register.[28]

2.36      The committee notes the department's assurances about the procurement process and Telstra Health's capacity to operate the Register. Telstra Health is a standalone business arm of Telstra and won a competitive tender process to operate the Register.

Recommendations from the Office of the Australian Information Commissioner

2.37      Noting that data privacy and security was one of the main issues raised by submitters and witnesses, the committee took particular interest in the recommendations made by the Office of the Australian Information Commissioner (OAIC) in its submission and evidence at the public hearing. The OAIC made a series of specific recommendations for amendments to improve the Bills. This section outlines those suggestions.

Relationship to Privacy Act

2.38      In its submission, the OAIC noted that there may be an unintentional bypassing of the requirements of the Privacy Act 1988 (Privacy Act) relating to the use of data held in the Register for the use of researchers. The OAIC therefore recommended that the Bill be amended to clarify that access to data held in the Register must comply with information-handling requirements as established in the Privacy Act:

This is because, the purposes of the Register, which are set out in clause 12 include 'research relating to healthcare, screening or a designated cancer.' Clause 17 then permits 'certain persons' to collect, disclose and use 'protected information' (which includes personal information) for the purposes of the Register. As such, clause 12 together with clause 17, appear to authorise the use of personal information in the Register for research purposes without specifically requiring compliance with the s 95 Guidelines or s 95A Guidelines [of the Privacy Act].

Having said that, I acknowledge that the Explanatory Memorandum to the NCSR Bill does state that where research requires identifiable information from the Register and it is impracticable to obtain individuals' consent, researchers will be required to comply with the guidelines under sections 95, 95A or 95AA of the Privacy Act. However, I recommend that this requirement be made explicit in the NCSR Bill in order to provide a clear and unambiguous information-handling requirement.[29]

Direct purposes

2.39      The OAIC further noted that the privacy concerns regarding the Bill could be improved by tightening the purposes of the Register contained in clause 12.  Currently the Bill allows for use of the Register's data for purposes 'incidental' to the specified purposes. The OAIC recommended that the provision be redrafted to allow use or disclosure only for reasons that are directly related to the purposes of the Register:

Authorising the information to be handled for any purpose that is 'incidental' to the other purposes may be too broad and presents a risk that information may be used or disclosed for more expansive purposes than initially intended. Therefore, I recommend that the wording of the provision be narrowed to only allow uses or disclosures that are directly related to the purposes of the Register. This would also reflect the terminology of the [Australian Privacy Principles] which limit secondary uses and disclosures of sensitive information (such as health information) to purposes directly related to the primary purpose.[30]

Medicare claims information

2.40      Similarly, the OAIC's submission noted some ambiguity in the wording of the Explanatory Memorandum (EM) around Medicare claims information. While the Bill itself (in clause 11) states that the Register would contain 'claims information which may indicate whether or not the individual has undergone or should undergo screening', the EM outlines broader guidelines that: 'Medicare claims information of individuals who are within the coverage of the Register will be collected as part of the establishment and ongoing operation of the Register'.[31]

2.41      The OAIC recommended that the Bill be redrafted to clarify that only Medicare claims information related to whether or not the individual has undergone or should undergo screening will be contained within the Register.[32]

Mandatory breach reporting

2.42      The OAIC also recommended that the Bill's provisions regarding data breach reporting should be made consistent with those in the My Health Records Act 2012, which mandates disclosure to affected individuals as well as the Privacy Commissioner:

The Register operator's security requirements could be strengthened by requiring the operator to report data breaches and specifying requirements around the handling of data breaches in a manner consistent with the data breach requirements in section 75 of the My Health Records Act 2012 (My Health Records Act).

Consistency with the My Health Records Act requirements is particularly important if the Register will link to the My Health Record system and if information in the Register will be made available through that system.[33]

Opt-out terminology

2.43      The OAIC also pointed out that there was some ambiguity with the wording in the Bill's process for individuals removing themselves from the Register, noting that the phrase 'opt-off', as used in the EM, is inconsistent with other Commonwealth legislation. This ambiguity could be reduced by amending it to instead use the phrase 'opt-out', a more consistently used term:

The My Health Record system uses the terminology 'opt-out', where relevant. Whilst I appreciate that it is the correct use of language to opt-off a register and opt-out of a system, I see value in describing the concept of withdrawing participation in both the My Health Record system and the Register in similar terms. This will ensure that consistent language is used to explain that individuals have a choice about whether or not to include their personal information in the Register or the My Health Record system.[34]

2.44      Australian Privacy Commissioner and Acting Information Commissioner Mr Timothy Pilgrim confirmed that he had no concerns with the opt-off provisions of the Bill, but noted that a clarification of the terminology, making it consistent with other legislation, would be a positive step. Mr Pilgrim also noted that the existence of the provision should be well publicised, ensuring that people are aware of their options.[35]

Recourse through the OAIC

2.45      A further suggestion from the OAIC is that the Bill could include a provision classifying a breach of the proposed legislation as an 'interference with privacy' for the purposes of the Privacy Act. That would ensure that the OAIC had the power to investigate any such breach.

Departmental response

2.46      The committee notes that the department is 'actively considering' all six of the OAIC recommendations as summarised below:

1. Amend clause 12(1)(n) to expressly require that research relating to healthcare, screening or a designated cancer comply with s95, s95A and s95AA of the Privacy Act.
2. Amend clause 12(1)(0) to replace 'anything incidental' with 'anything directly related' or remove this clause altogether.
3. Amend sub-clause ll(e) regarding contents of the Register to make it explicit that collection of Medicare claims information is limited to screening information for the designated cancers.
4. Amend the terminology in the NCSR Explanatory Memorandum to refer to Opt-out, consistent with the terminology used for the My Health Record.
5. Amend the NCSR Bill to include provision for a breach of the Bill to constitute interference with privacy for the purpose of the Privacy Act.
6. Amend the NCSR Bill to include a provision requiring the Register Operator (and others dealing with the Register) to notify breaches to the Information Commissioner consistent with section 75 of the My Health Record Act 2012.[36]

Committee view

2.47      Bowel and cervical cancer collectively take the lives of hundreds of Australians each year. Expanding and updating the existing screening programs for each will have a marked and significant improvement on Australia's public health, along with the lives of the individuals it directly affects. The committee therefore whole-heartedly supports the expansion of these programs and the establishment of the National Cancer Screening Register.

2.48      While recognising the concerns brought forward by some witnesses regarding data security and privacy, the committee notes assurances from both the Department of Health and Telstra Health that they have put in place appropriate safeguards to ensure that the Register is safe, effective and maintains Australians' privacy. Telstra Health's outlining of its security process, including constant monitoring and certification by the ASD, demonstrates the high standard of security safeguards under which they intend to keep the Register.

2.49      The committee also notes the many witnesses who emphasise the importance of the Bills passing Parliament without undue delay and the negative ramifications if that were not to happen.

Recommendation 1

2.50      The committee recommends that the Government closely consider amending the National Cancer Screening Register Bill 2016 in line with the recommendations from the Office of the Australian Information Commissioner.

Recommendation 2

2.51      The committee recommends that the Bills be passed.

Senator Jonathon Duniam
Chair

Navigation: Previous Page | Contents | Next Page