– Parliament of Australia

Senate Community Affairs Committees

REPORT ON ACCESS TO MEDICAL RECORDS

Navigation: Previous Page | Index | Next Page

CHAPTER 5 - LEGISLATIVE OPTIONS FOR THE CREATION OF AN ACCESS SCHEME

Cooperative Commonwealth/State agreement

5.4 A cooperative Commonwealth and State scheme is an alternative legislative option for ensuring patients' right of access to medical records on a national basis. The advantages of a cooperative scheme would be the provision of a uniform set of laws throughout Australia for all Australian health consumers. Once a cooperative agreement was struck, the Commonwealth would establish an independent body such as a Commission for Health Records whose role would be to oversee the operation of the laws in each State and Territory.

5.5 This independent body might also act as a central registry of health records and as an independent review tribunal. The advantage of uniformity in State and Territory laws would be that health consumers would have certainty about their rights of access and privacy. Such a body might have a charter which would set out the provisions of access and any exemptions clearly. The charter would also set out provisions for any appeals and review process. Health consumers' and providers' rights and obligations would be identified and uncertainties and disparities would be removed.

5.6 Grants to finance the administration and operational costs of State (and regional) offices of the independent body (for example, the Commission for Health Records) would be made under s. 96 of the Constitution. Health consumers and providers would have access to this independent body in offices established around the nation. If such a Commission were established, Health Care Complaints Commissioners in the States and Territories might have a distinct role, acting as the appropriate conduit to the Commonwealth's Commission.

5.7 One difficulty facing the establishment of a cooperative scheme might be the time such a scheme could take to coordinate and implement. However, once a workable legislative model was adopted in one State, others would be encouraged to introduce the same model legislation speedily. Another difficulty might be the time taken to agree upon subsequent amendments to the scheme which would require unanimous agreement and enactment. The need for amendments must be borne in mind, particularly with regard to the changing nature of IT and electronic record keeping.

5.8 Commonwealth and State cooperative schemes are already in operation in Australia. Notably, in the areas of credit reporting as referred to earlier, housing assistance and, more recently, with the introduction of uniform firearm laws, cooperative agreements have enabled nationally-consistent operations to function. [3]

5.9 The Australian Securities Commission, discussed in some detail earlier, has been created by the Commonwealth as a Commonwealth agency and its nationwide functions are conferred upon it by both the Commonwealth and the States. The Corporations Law replaced the cooperative scheme companies and securities code that had been in operation since 1982. Like that scheme, the national operation of the Corporations Law is achieved by the existence of uniform legislation in each State. This is achieved by the simple expedient of each State and Territory having a law that says that the Corporations Law (contained in s. 82 of the Corporations Act 1989 (Clth)) is the law of that State. [4]

5.10 In developing a cooperative scheme for access to medical and health records across the private health sector, extensive consultation and consideration would be required. However, working formulas and guiding principles have already been achieved in the State and Territory Health Care Complaints Commissions. Much of the groundwork on access to medical records has already been achieved in the public health sector taking into account existing privacy legislation and access requirements.

5.11 Health Care Complaints Commissioners operating under separate State legislation have already taken on a conciliation role in relation to the private health sector. Should a decision be made to institute a Commonwealth/State cooperative scheme, remedies and mechanisms already developed by Commissioners are in place. Utilising this accumulated expertise and effective processes already developed would enable efficient and timely consultation between State and Territory governments and the Commonwealth. The reference of appropriate powers by State and Territory jurisdictions to the Commonwealth would ensure a nationally-consistent access to medical records regime.

Proposed ACT legislation

5.12 The ACT Government has already moved positively towards preparing a legislative regime which will enable all health care consumers to access their health records in the public and private health care sector, whatever the nature of the health services used. The proposed legislation will ensure that the privacy of the health records of all health consumers is adequately protected. As noted earlier, the ACT Government has indicated its desire to establish a set of privacy principles consistent with the eleven principles enacted in section 14 of the Commonwealth's Privacy Act. The ACT Government has argued that even if the Commonwealth's Privacy Act was extended, it is likely that the Commonwealth's constitutional powers would be inadequate to cover all health services in the ACT and other states and territories, without separate ACT and state and territory government action as well. [5]

5.13 Furthermore, the ACT Government has suggested that:

Given the broad scope of the current Commonwealth Privacy Act, it is also arguable that specific issues for health records will still need to be addressed in the development of any voluntary code. [6]

Extension of Freedom of Information (FOI) legislation

5.18 In relation to access to medical records, the Committee did not extensively canvas the possibility of extending Freedom of Information (FOI) legislation into the private health sector at its hearings, in relation to an access to medical records scheme. The Freedom of Information Act 1982 (Clth), like the Privacy Act 1988 (Clth), only applies to the public and Commonwealth government sector. Currently, the FOI Act applies only to documents in the possession of government or Commonwealth agencies and contract case managers under the Employment Services Act 1994 (Clth). This includes documents originating in the private sector which are in the possession of a government department or body. [11]

5.19 In the ALRC report, Open Government: a review of the federal Freedom of Information Act 1982, [12] significant linkages were identified between the FOI Act and the Privacy Act. The connections relate to invasions of privacy (that is, unreasonable disclosure of personal information about any person (including a deceased person), [13] and access to, and amendment of, one's own personal information. [14] In the ALRC and Administrative Review Council Discussion Paper Freedom of Information, while rejecting the concept of extending the FOI legislation to the private sector, it considers the power of the FOI Act to provide access to and corrections of a person's own personal information and the person's ability to protect privacy through these processes. [15]

5.20 The Commonwealth has not envisaged extending FOI provisions into the private sector and, indeed, there would be the same, or similar, constitutional and commercial obstacles to overcome as discussed earlier regarding the extension of privacy legislation into the private sector. Extension of legislation is not impossible, however, and many see such a move as desirable in view of recent policy decisions.

5.21 The Senate's Finance and Public Administration References Committee is, for example, currently conducting an inquiry into the contracting out (outsourcing) of government services. As part of that inquiry, the Committee is considering whether the jurisdiction of the Ombudsman Act should be extended to ensure that it covers all contracted out government services, and whether government, to meet its responsibilities for policy making, should have access to all files, information etc, generated by private sector contractors in meeting their contractual obligations. The operation and extension of FOI into the private sector as a result of outsourcing which is being considered by the Finance and Public Administration Committee, could have implications for medical and other health records in the private sector.

Adoption of United Kingdom or New Zealand-style legislation

5.22 The Australian Law Reform Commission (ALRC) made its position clear on the matter of access to medical and health records during the Committee's public hearing. The ALRC stated its view that:

[t]he best way to in which to approach privacy protection in the private sector, including access to health and medical records, would be to institute an extension of the Privacy Act into the private sector. [16]

5.23 As noted in Chapter 4, other countries have already extended privacy legislation into the health care area. In its evidence, ALRC stated that in the international context, Australia will be under greater pressure on the issue of privacy through its commitments made under the International Covenant on Civil and Political Rights, and OECD's guidelines. [17] The European Union's privacy Directive on data protection which comes into force on 1 July 1998 will have a direct bearing upon Australia's ability to trade and exchange data. [18]

5.24 Australia can benefit from the experience of the legislative approaches adopted by other countries for access to medical and health records. The access regimes referred to in this report, notably the United Kingdom legislation and the New Zealand Health Information Privacy Code, both contain elements which may be pertinent to the Australian situation. The Committee is, however, mindful of the ALRC's proviso:

Overseas ideas need to be drawn upon selectively. When transplanted to Australia, and applied in the context of Australian attitudes, conditions and practices, they may have unexpected and unfortunate effects. Legal systems tend to be strongly influenced by the cultural and economic conditions of the country in which they have been developed, and all of those conditions need to be closely examined when assessing the likely effect of particular overseas procedures and processes if applied in Australia. [19]

5.25 It is important to note that since the late 1940s the United Kingdom has had a national health system, and in that sense, there has been a system of direct accountability to a centralised health system. In the UK, medical records are `owned' by the British national health system. There has been private medical practice, but the bulk of the population have been under the care of general medical practitioners and specialist practitioners working within the National Health system. Times have changed, however, and many health care consumers pay health insurance and opt for private medical services. The UK legislation, however, covers all personal information records held by all registered health practitioners and professionals.

5.26 The UK legislation came into effect in 1991, a result of a decision by the European Court of Human Rights which held that the refusal to allow access by the application to certain health records was in breach of the European Convention for the Protection of Human Rights and Fundamental Freedoms (1950).

5.27 New Zealand has a national health system made up of public, private and voluntary sectors which interact to provide and fund health care. Over seventy-five per cent of health care is publicly funded. [20]

5.28 In 1992, the NZ Privacy Commissioner, commenced discussions on a code of practice for the health sector with the Department of Health, followed by wide discussions and consultations. The statute law exists in New Zealand in the form of the Privacy Act which came into force on 1 July 1993. The Health Information Privacy Code is made under the authority of the Privacy Act under powers delegated to the Privacy Commissioner. It applies to public and private health agencies. [21]

5.29 The ACT Health Complaints Commissioner advised the Committee that the United Kingdom and New Zealand legislation had been examined as part of the process of preparing recommendations for ACT legislation on access to medical records. Ms Fiona Tito, for the ACT Health Complaints Commissioner made the following points in relation to the ACT's proposed legislation, and the UK and NZ legislation:

The difference between the two is that the English legislation is specifically about patient access to their records. It is not part of a broader privacy piece of legislation. I believe that there are omissions ... in that piece of legislation.

We have looked at both pieces of legislation and, while we have not used exactly the same format as the New Zealand one because it is, again, a legislative code from a big piece of privacy legislation with a code underneath just for the health care area, what we have done is try to design a piece of legislation which is actually about patient access to health records, but with underlying privacy principles so that we could have national consistency if we were to go down that route. It is [an] amalgam of the two. [22]

5.30 The ACT Health Complaints Commissioner, confirmed the ACT's approach to the legislation:

More than anything else we have tried to ensure that whatever we do is consistent with the Australian Commonwealth Privacy Act because that is the thing that we would like to tie in with most. [23]

The `Senator Neal' option

5.33 It was amendments proposed by Senator Neal which led to the issue of access to medical records being referred to the Committee. The scheme proposed by Senator Neal involved a contractual arrangement between medical providers and the Health Insurance Commission under which providers would guarantee patients access to their medical records. Essentially, failure to provide access would involve the forfeiture of payment of Medicare benefits.

5.34 Although the scheme as proposed was minimalist in its scope, the intention was to bring about a national access regime. Linking an access scheme to Medicare benefits limited the scope and range of the legislation. The format of the proposal was determined by the procedural limitations of the Senate and the limits of the Constitution, rather than a view that it was the most desirable avenue. The scheme as outlined in the amendment aimed to utilise an existing mechanism and operate on a `national' basis. The limitations, however, were recognised and it is accepted that the scheme as proposed, acted as a positive catalyst in focusing debate on the issue of access to medical records through reference of the issue to the Committee.

5.35 During the Committee's public hearings, comments upon the proposed amendments were received, and the major areas of concern are set out briefly below.

Limitations of a scheme linked primarily to Medicare payments

5.36 The proposed scheme had a number of shortcomings which were acknowledged. It failed to take into account those medical practitioners who legitimately provide services which fall outside the Medicare rebate system, services which, for example, include elective procedures; it also failed to take into account the potential difficulties in persuading medical practitioners to sign new agreements with access conditions attached, with the Health Insurance Commission. Furthermore, the scheme did not set out conditions relating to the collection, storage, security and disposal of medical records, or regulate the use of disclosure of medical records. The amendments did, however, refer to exemptions, sanctions and other privacy issues.

5.37 The ALRC, while agreeing that the proposed amendments were `a valiant effort to address the problem', observed that the scheme as proposed was constrained because it was tied to the Medicare health insurance scheme and thus covered only those eligible under Medicare rebate arrangements. The ALRC indicated that the scheme as proposed did not provide uniform coverage for all patients and health consumers and did not cover the whole range of medical procedures. Further, the ALRC considered that the exemptions as proposed were `too unstructured' and granted `too broad a discretion' to health care providers with respect to denying access to individuals. [24]

5.38 The Federal Privacy Commissioner expressed similar concerns, particularly related to the narrow application of the scheme administered through agreements with medical practitioners and the Medicare benefits program. As noted, is would be unlikely that all health providers would come within the scope of such a scheme. Further, the Federal Privacy Commissioner expressed concern that the scheme did not refer specifically to the modern concepts of information privacy practice which should cover all aspects of the handling of personal information. It was suggested that the `Senator Neal' option might work as an `interim partial solution' if there were significant delays in introducing a comprehensive and coherent extension of privacy legislation into the private sector, including the private health sector. [25]

5.39 The Health Insurance Commission (HIC) referred to administrative, resource and policy considerations in its submission. The HIC referred in particular to the role the HIC would be required to play under the `Neal' proposal in determining whether a doctor had refused access to medical records. The HIC was also concerned about the punitive effect upon patients for a medical practitioner's failure to enter into an access agreement with the HIC. The allocation of resources for appeals and review processes also presented a major problem.

5.40 The HIC noted that the proposal had the potential `to have a huge administrative impact on the operations on the HIC' `Substantial resourcing would be required to enable the HIC to put such administrative processes into effect'. [26] Overall, the HIC felt that under the scheme as proposed, the Commission would be placed in an invidious position, operating in conflicting roles as administrator, contractor, assessor, arbitrator and, in certain instances, a disciplinary body.

5.41 The Department of Health and Family Services (DHFS) made its submission in the knowledge of the Commonwealth's announced preference for a voluntary code of practice. For the Committee's benefit, DHFS provided a list of the disadvantages of the scheme as proposed, noting its reservations. These were in line with those expressed above incorporating the issues of contractual arrangements, compliance and enforcement, and the question of sanctions. [27]

5.42 While the Committee noted critical comments on points of administration, it also noted there was consensus on the need for a national access to medical records regime.

Other options for an access to medical records scheme

5.43 In addition to the various options for schemes which are outlined above, two other options were proposed to the Committee.

5.44 The first option was to place the onus of record keeping (as opposed to recording), on the State. In her evidence to the Committee, Professor Deborah Saltman suggested that one option for patient access was to keep the patient record in the ownership of the State. Reference was made to NHS pharmaceutical prescription records:

That brings me back to the question of who should own the record. I think the state should own the record. ... I think the state should own the record and give a licence to doctors. If you look at the UK example, that is exactly what happens there. If you look at our current example in relation to prescription pads, that is what happens there, too. We have a model in Australia that works in terms of writing prescriptions. [28]

5.45 The second option was patient-held records. Patient-held were suggested as a way of ensuring access to medical records. Health Issues Centre (HIC) (Vic) reported that in Australia, some precedents for patient-held or consumer-held records exist. Parents are often the custodians of their children's vaccination and immunisation records and keep their children's records from baby health centres. According to HIC (Vic) a review of birthing services in Victoria recognised the advantages of the consumer-held record in improving continuity of care. The final report of that review, Having a Baby in Victoria, recommended that such a system be introduced for expectant mothers `to ensure that the health information was integrated and accessible as the women moved through the health system during pregnancy'. [29]

5.46 While there is a trend towards patient-held records in certain areas of patient care, eg, infant health care, ante-natal care, and in community nursing care, the Committee noted that the issue remained unresolved in Australia. [30] The option for patient-held records places responsibilities on patients who receive treatment and care in highly specific health care arenas. In the case of electronically-held records, it would not be possible for patients to maintain such records.

5.47 The issue of so-called computer `smart' health cards was not examined in depth by the Committee, but it was raised briefly by the Chairman, NSW Privacy Committee. [31] A Smart Card could, in future, be another type of patient-held record. Smart Cards, like credit cards, act as a storage medium for personal health information and might contain personal health information which could be carried by an individual. A Smart Card could carry information on, for example, allergies, drug intolerance, blood group, hospitalisations, pharmaceutical needs. No trials have been conducted in Australia. [32]

5.48 The Royal College of Nursing Australia (RCNA) also submitted that there are moves towards `patient-held' records throughout Australia. They noted that in many circumstances of community nursing, patient notes are held by patients in their homes with entries made by health professionals when they visit the patient. [33]

5.49 The Professional Indemnity Review (PIR) made a formal recommendation on the issue of patient-held records in its final report, Compensation and Professional Indemnity in Health Care (1995). PIR recommended that the Commonwealth Department of Human Services and Health (now Health and Family Services), examine the option of a patient-held record as a matter of urgency. PIR argued:

The needs of both health care professionals and patients could be satisfied, for example, by the provision of a copy of the notes taken at the time of their consultation and copies of all test results. Patient-held records can overcome problems where continuity of care is not possible. Patients often consult many doctors and other health professionals. ... Patients may wish to seek a second or further opinion. ... Patients may be admitted to hospitals or not be able to contact their normal health care professional. The health care professional may have disposed of the practice, including health care records, or he or she may have retired or died. Patients often change home and work locations. [34]

5.50 Patient-held records, while possibly desirable and effective in particular areas of health care such as ante-natal, infant health or home nursing, are not a feasible alternative. Furthermore, there appears to be no national consistency across States and Territories, nor professional guidelines or standards applied to the ways in which patients may hold their own records. Such limited access as does exist does not alter the fact that, on a national basis, patients in the private health sector do not have a legitimate right of access to their records.

Navigation: Previous Page | Index | Next Page

FOOTNOTES

[1] The `Bennett' Bill was passed into legislation by the US Senate as the Medical Records Confidentiality Act of 1995. The Bill was presented to the federal legislature in the United States as previous attempts to introduce laws to ensure confidentiality and access have `died on the vine', or have only been adopted in a minority of States. For a full explanation of the Medical Records Confidentiality Act of 1995 and the arguments which have ensued, see Judith Mair, `Access and confidentiality of medical records: a legislative response in the United States', Health Information Management, Vol. 26, No. 1, 1996, pp. 33-40.

[2] Submission No.25A, p.11 (Federal Privacy Commissioner).

[3] Housing Assistance Act 1989; National Firearms Program Implementation Act 1996.

[4] `Origins of the Law', Australian Corporations & Securities Legislation, 8th edition, CCH Australia Ltd, NSW, 1997, p.1.

[5] Health Records: Privacy and Access an ACT Government Position Paper, May 1997, p.18.

[6] ibid, p.22.

[7] ibid, p.24.

[8] ibid, pp.12, 22.

[9] ibid, p.24.

[10] `Privacy protection in Australia', background information from the Federal Privacy Commissioner, April 1997, p.1.

[11] Review of Professional Indemnity Arrangements for Health Care Professionals: Compensation and Professional Indemnity in Health Care, A Final Report, November 1995, AGPS, 1996, (4.85), p.82.

[12] Australian Law Reform Commission, Report No. 40, Open government: a review of the federal Freedom of Information Act 1982, 1995, p.54.

[13] ibid, p.125.

[14] ibid, p.54.

[15] ALRC, Discussion Paper 59, Freedom of Information, May 1995, Note 74, p.23.

[16] Transcript of Evidence, p.22 (ALRC).

[17] ibid, p.23.

[18] In October 1995, the European Union passed a Directive on data protection. Under the terms of the Directive, transborder flows of personal data to non-European Community nations without an adequate level of protection would, in some cases, be prohibited.

[19] ALRC, Additional Information, 10 April 1997, p.7.

[20] New Zealand Official Year Book, `Organisation of health services', p.151.

[21] `Privacy Issues in Medicine', Notes for an address by the Privacy Commissioner to the Third Annual Medico-Legal Conference, Wellington, 30 March 1995, p. 103.

[22] Transcript of Evidence, p.195 (ACTCHC).

[23] ibid.

[24] Transcript of Evidence, pp.20-21 (ALRC).

[25] Submission No.25, p.4 (Federal Privacy Commissioner, HREOC).

[26] Submission No.30, p.3 (HIC).

[27] Submission No.54, p.11 (DHFS).

[28] Transcript of Evidence, pp.168-9 (Professor Deborah Saltman).

[29] The Power of Information: Health Providers, Consumers and Treatment Records, Health Issues Centre, May 1993, p.23.

[30] In the medical literature, an argument for patient-held records is upheld in Mary L. Gilhooly & Sarah M. McGhee, `Medical Records: practicalities and principles of patient possession', Journal of Medical Ethics, 1991, 17, pp. 138-143. For a positive response, see Raanan Gillon, `Should patients be allowed to look after their own medical records?', loc. cit, pp. 115-116.

[31] Transcript of Evidence, p.52 (NSW Privacy Committee).

[32] `Although there have been many trials conducted around the world, few have shown the hoped for success. The major disadvantage is that compared to computerised systems, it is more difficult to restrict access to different types of information on the card, much of which may be highly sensitive'. Josephine Raw, `What is an Electronic Health Record?', Health Issues, 49, December 1996, p. 17.

[33] Submission No.24, p.1 (RCNA).

[34] Review of Professional Indemnity Arrangements for Health Care Professionals: Compensation and Professional Indemnity in Health Care, Final Report, November 1995, AGPS, pp. 83-84.