Bills Digest No.
66, 2019–20
PDF version [660KB]
Jennifer Phillips
Social Policy Section
5
December 2019
Contents
Purpose of the Bill
Structure of the Bill
Background
Committee consideration
Policy position of non-government
parties/independents
Position of major interest groups
Financial implications
Statement of Compatibility with Human
Rights
Key issues and provisions
Date introduced: 23
October 2019
House: House of
Representatives
Portfolio: Health
Commencement: The
day after the Act receives Royal Assent.
Links: The links to the Bill,
its Explanatory Memorandum and second reading speech can be found on the
Bill’s home page, or through the Australian
Parliament website.
When Bills have been passed and have received Royal Assent,
they become Acts, which can be found at the Federal Register of Legislation
website.
All hyperlinks in this Bills Digest are correct as
at December 2019.
The purpose of the Health Legislation Amendment
(Data-matching and Other Matters) Bill 2019 (the Bill) is to amend the National Health Act
1953 and the Health
Insurance Act 1973, to enable a data-matching scheme for permitted
Medicare compliance and related purposes. The Bill will also make minor
amendments to the Privacy
Act 1988, the Private Health
Insurance Act 2007, the Therapeutic Goods
Act 1989 and the Military
Rehabilitation and Compensation Act 2004.
The Bill contains two Schedules:
- Schedule
1 amends the National Health Act to:
- give
the Chief Executive Medicare the power to undertake data-matching
- enable
the disclosure of therapeutic goods and private health insurer information to
the Chief Executive Medicare and
- require
the Minister to make data-matching principles by legislative instrument.
Schedule
1 also makes consequential amendments to the Health Insurance Act,
the Privacy Act, the Private Health Insurance Act and the Therapeutic
Goods Act.
Schedule
2 amends the Health Insurance Act to enable services
involving a professional attendance provided under certain laws administered by
the Minister for Veterans’ Affairs to be considered for a prescribed pattern of
service for the purposes of the Professional Services Review scheme. Schedule 2
also amends the Military Rehabilitation and Compensation Act to enable
the disclosure of information to the Chief Executive Medicare.
In 2017–18, Commonwealth expenditure on Medicare and
Department of Veterans’ Affairs health services was over $36 billion.[1]
Ensuring that health practitioners and providers claim for Medicare Benefits
Schedule (MBS), Pharmaceutical Benefits Scheme (PBS) and other health benefits
appropriately is essential for maintaining the integrity of these programs. In
the 2018–19 Budget, the Government announced funding of $9.5 million over five
years from 2017–18 to continue to improve Medicare compliance arrangements.[2]
This followed an earlier announcement in the 2017–18 Budget, ‘Guaranteeing
Medicare—Medicare Benefits Schedule—improved compliance’, to support the
integrity of health benefit claims under Medicare services through improved
compliance arrangements and debt recovery practices.[3]
The legislation introducing these changes came into effect on 1 July 2018.[4]
The 2018–19 Budget Measure ‘Guaranteeing
Medicare—improving safety and quality through stronger compliance’, seeks to
improve compliance arrangements and debt recovery practices through better
targeting investigations into fraud, inappropriate practice and incorrect
claiming and will use data analytics and behavioural driven approaches to
compliance.[5]
It was announced at the time that legislation would be introduced to support these
aims.[6]
The majority of health practitioners, providers and
patients claim MBS, PBS and Child Dental Benefits appropriately; however a
small number do not. Fraudulent, or non-compliant, activities can include making
Medicare claims for services that are not received or provided and inappropriate
practice, among other things.[7]
The Department of Health (the Department) estimates that two to five per cent
of claiming may be non-compliant.[8]
The Department currently has a well-established Medicare
compliance program which encompasses a range of compliance activities,
including:
- provider
education
- audits
where sustained or opportunistic non-compliance is identified
- targeted
letter campaigns where unintentional non-compliance is identified
- professional
review where inappropriate practice is identified
- investigations
of suspected fraudulent activity and prosecution of fraud through the
Commonwealth Director of Public Prosecutions and
- the
recovery of debts that have been identified as a result of incorrectly claimed
benefits.[9]
The Department uses a combination of tip-offs and data analysis
of existing Medicare datasets to detect fraud and incorrect claiming.
According to the 2017–18 Department of Health Annual
Report, in 2017–18 the Health Benefit Compliance program resulted in ‘20
fraud cases successfully prosecuted; 109 requests to the Director of
Professional Services Review to review the appropriateness of services of
health practitioners; and 3,074 completed audits and reviews of health
providers. A total of $48.7 million of debt was raised for recovery.’[10]
The 2018–19 Department of Health Annual Report did not report on the
amount of debt recovered through the Health Benefit Compliance program.[11]
The Australian National Audit Office is currently
undertaking an audit to assess the effectiveness of the Department of Health’s
approach to health provider compliance which is due to be tabled in May 2020.[12]
Data matching is the comparison of two or more sets of
data to identify similarities or discrepancies. Data matching is currently used
by a number of Government agencies for compliance purposes including Centrelink
and the Australian Taxation Office.[13]
The Bill will enable the matching of a number of datasets,
including MBS and PBS information, Therapeutic Goods information, and
information provided by private health insurers (see ‘Key issues and
provisions’ for further information).
Currently, given the sensitive nature of the information
they contain, under section 135AA of the National Health Act and the
associated National
Health (Privacy) Rules 2018 (the Privacy Rules) linkage of PBS and MBS data
is only permitted in a narrow range of circumstances, including:
- if
it is necessary to comply with the law
- for
the purpose of determining an individual's eligibility for a benefit under one
program, where eligibility for that benefit is dependent upon services provided
under the other program
- where
the Chief Executive Medicare believes on reasonable grounds that the linkage is
necessary to prevent or lessen a serious and imminent threat to the life or
health of any individual or
- for
disclosure to an individual where that individual has given their consent.[14]
These limitations mean that the MBS and PBS cannot
currently be linked for compliance purposes. The authorisation for data
matching contained within the Bill will exempt data matching from these
restrictions when data is matched for a permitted purpose as defined in the
Bill.[15]
Similar restrictions do not apply to other datasets that
may be matched under the Bill.[16]
The Department undertook a consultation on the proposed
legislative change in late September 2019, releasing a consultation guide,
an exposure draft of the Bill and associated Regulations, and the executive
summary of a Privacy Impact Assessment (PIA).[17]
The PIA made a number of recommendations including:
- improved
transparency and openness regarding privacy policies and data sharing/matching,
in particular by amending existing privacy policies
- minimisation
of data collection (only collecting what is necessary)
- establishing
a security compliance framework for all participating entities
- expansion
of data destruction and
- the
establishment of privacy governance arrangements, including regular reviews.[18]
The Department agreed to all recommendations, with the
exception of establishing a security compliance framework, to which it agreed
in principle noting that it already has ‘strong security measures in place to
safeguard data received and retained by the Department’ as do other agencies
and that a security compliance framework will be established.[19]
As a result of the consultation and the PIA, some changes
were made to the Bill prior to its introduction. These included changes
relating to data disclosure and the introduction of the requirement for the
Minister to make data matching principles.
Stakeholder submissions in response to the consultation
paper are outlined in the ‘Position of major interest groups’ section below.
In its report on 28 November 2019, the Senate Selection of
Bills Committee recommended the Bill not be referred to committee for inquiry.[20]
In its report on 13 November 2019, the Senate Standing
Committee for the Scrutiny of Bills (the Committee) raised two concerns about
the Bill relating to the use of delegated legislation to develop the data matching
principles and the broad delegation of administrative powers.[21]
The Minister’s response was provided in the Committee’s report on 27 November
2019.[22]
For information on the Committee’s concerns and the Minister’s response, see
the discussions on ‘Data matching principles’ and ‘Other amendments’ in the
‘Key issues and provisions’ section below.
The Australian Labor Party supports the Bill.[23]
During the second reading debate, the Shadow Minister for Health stated that
‘this [Bill] is this is about cracking down on fraud’ and ‘Government agencies
should have the ability to compare data to deal with that...’. The Shadow
Minister also noted that there is a ‘small risk that data matching presents to
the privacy and security of patients' and doctors' information’ and that this
needs to be managed effectively through the proposed data matching principles.[24]
At the time of writing, no comments by independents
specifically on the Bill had been identified.
As already noted, the Bill has been amended since an
exposure draft was released for consultation in September 2019. At the time of
writing, there were few comments by key interest groups on the Bill as
introduced into Parliament; however, a number of stakeholders provided
submissions during the consultation period.
All key stakeholders that responded during the
consultation period were supportive of ensuring accountability in the health
benefits system, by identifying, managing and preventing fraudulent and
incorrect claiming; however, a number of submissions raised concerns with the exposure
draft. Issues which have been addressed through changes from the exposure draft
are not discussed in this digest.
The Australian Medical Association (AMA) expressed concern
that the Bill will override the existing Privacy Rules governing the matching
of MBS and PBS data, noting the sensitivity of the data and the privacy issues
that can be experienced with large Medicare datasets.[25]
The AMA also raised concerns relating to data sharing, such as the ability for
the Chief Executive Medicare to authorise any Commonwealth entity to undertake
data matching for a permitted purpose, and delegation, noting that the Chief
Executive Medicare can delegate their powers to ‘any person’.[26]
The AMA noted that the revised Bill addressed many of the concerns
raised in their submission.[27]
Both the Royal Australian College of General Practitioners
(RACGP) and the medical indemnity insurer MIGA expressed concern about the
breadth and scope of the data matching in compliance activities.[28]
While the consultation guide stated that the proposed data-matching and sharing
arrangements would not change the powers or approach taken by the Department in
conducting its compliance activities,[29]
the RACGP considered that data matching would allow examination of outliers,
rather than targeting of fraudulent activity, stating:
On several occasions, the RACGP has expressed concerns to the
Department about the compliance measures currently in place, including the
impact of lengthy investigative processes on the health and wellbeing of
providers.
Member feedback has also indicated that there is a growing
perception that compliance activities are designed to monitor and target
statistical outliers, as opposed to targeting fraudulent activity. Providers
are concerned that they may be identified as an outlier due to their patient
population and be subjected to a stressful process of proving that they are not
guilty of inappropriate billing.
High billing is not necessarily an indication of incorrect
billing. Many providers have legitimate reasons for billing particular item
numbers at rates higher than their peers. Should the Bill pass into law, it
should seek to address incorrect billing as opposed to over-billing, and
incorrect billing should be based on Medicare rules and regulations as opposed
to outlier statistics.[30]
MIGA noted:
On MIGA’s assessment of the Medicare data matching proposals
they appear to allow for the Department to take a very different approach in
its compliance activities.
Proposed Section 132B of the National Health Act 1953
(Cth) allows Medicare data matching using any information lawfully provided to
Medicare, except for that collected for the purposes of the My Health
Records Act 2012 (Cth).
The proposals would permit large scale ‘compliance’ focused
programs looking to financial recovery from large numbers of doctors and other
health practitioners who act in good faith, reasonably believe they are meeting
Medicare requirements and provide appropriate clinical care, but have not
followed each and every aspect of complex Medicare item requirements, making small,
unintentional errors.[31]
MIGA and the RACGP also questioned the costs of
implementing further compliance measures. The RACGP noted that only a small
proportion of medical practitioners intentionally commit fraud and that
‘[w]hile the consultation paper notes that $180 million in funding would be
lost if only one half of a percent of Medicare payments are fraudulently,
incorrectly or inappropriately billed, it does not indicate how much has
actually been saved as a result of Medicare compliance measures’.[32]
MIGA considered that fraudulent, inappropriate and incorrect claiming is likely
to be ‘much less’ than $180 million.[33]
Both the Aboriginal Health Council of Western Australia
(AHCWA) and the Queensland Aboriginal and Torres Strait Islander Health Council
(QAIHC) supported the intent of the Bill, but expressed concern about the impact
on Aboriginal Community Controlled Health Services.[34]
AHCWA noted that the Bill may have unintended consequences for health services
in remote areas due to differences in service provision, for example:
Another key challenge for the ACCHS sector is managing a
highly mobile workforce. Many ACCHSs rely on part-time fly-in, fly-out doctors
and, in some places, services depend significantly on locums.
This fragmented medical workforce can cause particular
problems for Medicare billing for work done by [Aboriginal Health Workers] AHWs,
[Aboriginal Health Practitioners] AHPs and practice nurses ‘on behalf of the
doctor’. Some ACCHSs choose to bill these items in the name of the doctor who
provides, and continues to provide, the majority of care to the patient. Under
this arrangement, billing may occur while the doctor is briefly on leave and
being covered by a locum whose job would include the supervision of AHWs, AHPs
and practice nurses. Other ACCHSs choose to bill in the name of the “duty
doctor” for the day, even though that doctor may be temporary, has never seen
the patient before, and may never do so again.[35]
Other stakeholder concerns raised during the consultation
process can be found in the ‘Provisions and key issues’ section.
The Bill implements aspects of the 2018–19 Budget Measure Guaranteeing
Medicare — improving safety and quality through stronger compliance, which
invested $9.5 million over five years from 2017–18 to continue to improve
Medicare compliance arrangements.[36]
It is not clear what the cost of the specific measures in the Bill is likely to
be.
As required under Part 3 of the Human Rights (Parliamentary
Scrutiny) Act 2011 (Cth), the Government has assessed the Bill’s
compatibility with the human rights and freedoms recognised or declared in the
international instruments listed in section 3 of that Act. The Government considers
that the Bill is compatible, as any limitations on human rights are reasonable,
necessary and proportionate to ensuring the integrity of Medicare and enabling
greater access to healthcare for Australians.[37]
At the time of writing, the Parliamentary Joint Committee
on Human Rights had not considered the Bill.
The Bill provides for data matching to be undertaken by
the Chief Executive Medicare, or another Commonwealth entity authorised by the
Chief Executive Medicare, for specified compliance-related permitted purposes
aimed at maintaining the integrity of the Medicare program.[38]
This is a key component of the Bill, which arose from a measure announced in
the 2018–19 Budget, as highlighted in the ‘Background’ section.
Currently, under the National Health Act and the
associated Privacy Rules, the matching of MBS and PBS data is restricted to a
narrow range of circumstances, which excludes matching for the purposes of
compliance.[39]
Schedule 1 of the Bill introduces proposed Part VIIIA into the National
Health Act to allow data matching across a range of datasets, including the
MBS and PBS. As noted in the Explanatory Memorandum, ‘the authorisation for
data matching contained within the Bill will exempt data matching from the
current restrictions when the matching is for a permitted purpose as defined in
the Bill’.[40]
Item 1 of Schedule 1 inserts proposed
section 132A into the National Health Act. This proposed section
provides definitions to be used within proposed Part VIIIA, including
the definition of a permitted purpose for data matching. Under
this definition, purposes permitted for the matching of data include:
- identifying
whether a person may have claimed or been paid in excess of what was payable
under a Medicare program and recovering overpayments of benefits
- detecting
or investigating contraventions of a federal law relating to a Medicare program
- detecting
or investigating whether a person may have engaged in inappropriate practice
- analysing
services, benefits, programs or facilities provided under a Medicare, in
connection with one of the above purposes and
- educating
healthcare providers about Medicare program requirements.
The Explanatory Memorandum states that these permitted
purposes are specific to Medicare compliance;[41]
however, while most of the purposes are confined to the Medicare program, proposed
paragraph (d) of the definition of permitted purpose, ‘detecting
or investigating whether a person may have engaged in inappropriate practice’
may create the potential for broader use of the data.
Concern regarding this part of the definition was raised
by the New South Wales Council of Civil Liberties in its submission to the
consultation process, which stated ‘[t]his purpose is not limited to Medicare
programs or health care providers and has the potential for wider applications,
other than ensuring the integrity of the system’.[42]
The MIGA and the RACGP also expressed concern, as outlined in the ‘position of
major interest groups’ section above, about the scope of the data matching
permitted under the Bill, with the RACGP stating ‘there is a growing perception
that compliance activities are designed to monitor and target statistical outliers,
as opposed to targeting fraudulent activity’.[43]
In the second reading speech, the Minister for Health
stated:
While data matching permitted by the bill will enhance my
department's ability to detect Medicare fraud and noncompliance, it will not
expand its existing compliance powers. Nor will it change the approach taken by
the department in conducting its compliance activities which are designed to be
proportionate to the type of noncompliance detected.[44]
Proposed section 132B enables the Chief Executive
Medicare to match data, to which he or she has lawful access, for a permitted
purpose. Proposed subsection 132B(1) outlines the information
that the Chief Executive Medicare is permitted to match. This includes the
following information/datasets:
- MBS
- PBS
- Therapeutic
Goods Information
- information
provided in accordance with the Health Practitioner Regulation National Law
- information
voluntarily provided by private health insurers
- information
provided in accordance with certain laws administered by the Minister for
Veterans’ Affairs
- any
other information that can be lawfully provided to the Chief Executive Medicare
(excluding information that is held or has been obtained by the Chief Executive
Medicare exclusively for the purpose of performing functions under the My
Health Records Act 2012) and
- information
held by Chief Executive Medicare for the purposes of a Medicare program.[45]
The Minister outlined the rationale for the matching of
these data sets in the second reading speech:
The bill will permit data matching across the MBS and PBS for
Medicare compliance purposes. This will enable, for example, the identification
of instances where the Commonwealth pays for a PBS medicine that is not
actually supplied.
The bill also provides for data matching between the
Department of Health and the Australian Health Practitioner Regulation Agency
to ensure that restrictions placed on registered healthcare providers by their
professional board are adhered to in Medicare claiming.
It would also allow for therapeutic goods information to be
used by the Department of Health to help ensure Medicare claims in relation to
unapproved medical devices are appropriate.
...
The bill supports matching of data from Medicare and the
Department of Veterans' Affairs to ensure that services provided under both
programs are considered for the purposes of the prescribed pattern of services,
where exceeding a certain number of services on a certain number of days may be
considered inappropriate practice.
Data matching with records held by the Department of Home
Affairs that indicate whether a person is overseas will allow confirmation that
both the healthcare provider and patient were in Australia at the time of their
claimed services.
...
The bill also allows private health insurers to voluntarily
share information with the Department of Health for the purposes of detecting
fraud and recovering incorrect payments.[46]
The Bill does not allow access to My Health Record data
for the purposes of Medicare compliance activities.[47]
Proposed subsection 132B(2) will enable the Chief
Executive Medicare to authorise, in writing, any Commonwealth entity to match
data on the Chief Executive Medicare’s behalf. The consultation guide produced
by the Department of Health for the exposure draft indicates that data matching
is intended to occur with datasets from the following Commonwealth agencies:
the Department of Veterans’ Affairs, Department of Home Affairs, Australian
Health Practitioner Regulation Agency and the Therapeutic Goods Administration;
however, the Bill does not limit authorisation for data matching to these
agencies.[48]
As such, data matching could be undertaken by any authorised Commonwealth
entity for a permitted purpose. The AMA and the NSWCCL expressed concern at the
breadth of this subsection given the sensitive nature of the data involved.[49]
Proposed subsection 132B(3) provides that a Commonwealth entity
authorised to match data on the Chief Executive Medicare’s behalf must comply
with any terms or conditions that the Chief Executive Medicare imposes. In
addition, entities would be required to disclose the results of any data matching
undertaken to the Chief Executive Medicare on request.
Proposed subsection 132B(4) provides that
information must not be data matched until the principles made by the Minister
under proposed subsection 132F(1) have commenced (see ‘Data matching
principles’ below).
Item 4 of Schedule 1 is an application
provision which provides that proposed section 132B ‘applies in relation
to information collected, accessed or obtained before, on or after the
commencement of this item’.[50]
This allows data collected prior to the commencement of legislation to be used
in data matching.
Currently, under section 135A of the National Health
Act, the provision or communication of information in relation to a
Medicare program is prohibited except in limited circumstances. Item 2
inserts proposed subsection 135A(5D) into the Act to enable the
Secretary of the Department of Health or the Chief Executive Medicare to
disclose protected information to an authorised Commonwealth entity for the
purposes of data matching under proposed subsection 132B(1).
Proposed sections 132C and 132D provide for
the disclosure to the Chief Executive Medicare of therapeutic goods information
by the Secretary and of treatment information by private health insurers,
respectively. The Bill does not permit any patient information collected by the
Government to be shared with private health insurers.
A private health insurer—either on request from the Chief
Executive Medicare or on their own initiative—may disclose information relating
to hospital treatment or general treatment provided to a person they insure,
for the purposes of facilitating data-matching, if either:
- the
insurance policy is taken out after the Bill’s commencement
- the
insurance policy provided that information of that kind could be disclosed if
authorised under an Australian law or
- the
insurer had notified the person under the Australian Privacy Principles that
information of that kind could be disclosed if authorised under an Australian
law.[51]
Information disclosed in such circumstances will be taken
to be authorised for the purposes of the Private Health Insurance Act.[52]
Proposed section 132E clarifies that the Australian
Information Commissioner has privacy functions in relation to proposed Part
VIIIA, to the extent that it relates to information about an individual and
‘provides that a breach of a provision of the new Part VIIIA, in relation to an
individual, constitutes an act or practice involving interference with the
privacy of an individual for the purposes of section 13 of the Privacy Act.’[53]
The Explanatory Memorandum notes that individuals can make a complaint to the Australian
Information Commissioner if they believe their privacy has been interfered
with.[54]
Item 3 of Schedule 1 inserts proposed
subsection 135AA(5C) which provides that none of the privacy restrictions
regarding data matching and storage under section 135AA, or in the Privacy Rules
issued under that section, prevent data matching being carried out under proposed
section 132B.
The Privacy Act 1988 and Australian Privacy
Principles (APPs) regulate the handling of personal information by Commonwealth
government agencies and certain private sector organisations.[55]
Under the Privacy Act, health information is considered ‘sensitive information’
and is therefore afforded a higher level of protection than other types of
personal information.[56]
Limitations include that sensitive information can only be collected with
consent (unless a specified exception applies) and can only be used or disclosed
for a secondary purpose to which it was collected if this is directly related
to the primary purpose of collection.[57]
However, it is an exception to these restrictions if the collection, use or
disclosure is required or authorised by an Australian law.[58]
This means that, in relation to the current Bill, disclosure and use of
information for the purposes of data matching would not constitute an
interference with privacy if it was done in accordance with proposed Part VIIIA
of the National Health Act.
Item 7 of Schedule 1 makes a consequential amendment
to the Privacy Act to allow the Australian Information Commissioner to
conduct an assessment of whether information matching and handling under proposed
Part VIIIA is occurring in accordance with that Part.
Proposed subsection 132F(1) requires the Minister
to make principles, by legislative instrument, in relation to the matching of
information under proposed subsection 132B(1). The principles are
intended to provide governance of the data matching process. Proposed
subsection 132F(2) sets out the requirements for the principles, including
appropriate record keeping; ensuring that the information matched is accurate
and up to date; ensuring data matching is necessary and the destruction of
personal information when no longer needed. Proposed subsection
132F(3) provides that the principles must take into account any guidelines
on data matching made by the Australian Information Commissioner under
paragraph 28(1)(a) of the Privacy Act.[59]
Proposed section 132F is significantly amended from
that presented in the exposure draft, which did not include provision for the
making of publicly-available principles. The Explanatory Memorandum notes that
the principles will be subject to stakeholder engagement as the ‘rules are
subject to Parliamentary oversight as a disallowable instrument and are subject
to the consultation requirements of the Legislation Act 2003.’[60]
The Senate Standing Committee for the Scrutiny of Bills
(the Committee) expressed concern regarding proposed section 132F. While
proposed subsection 132F(2) sets out a number of requirements for the
principles, the Committee considered that ‘significant matters, such as the
principles for how a data‑matching scheme will operate, should be
included in the primary legislation unless a sound justification for the use of
delegated legislation is provided’.[61]
In particular, noting that the data matching scheme will involve the use and
disclosure of large amounts of personal information and that the principles
will provide one of the main safeguards to ensure this information is handled
appropriately, the Committee considered that having the principles in delegated
legislation may result in Parliament not having ‘appropriate oversight of
whether the safeguards for the data matching scheme are sufficient’.[62]
The Committee requested the Minister's advice as to ‘why it is considered
necessary and appropriate to leave the data-matching principles to delegated
legislation’.
In response, the Minister stated that a number of
operational provisions that govern the data matching scheme are set out in
primary legislation, including:
- the
restriction to data matching for specified compliance-related permitted purposes
only (defined in proposed section 132A)
- existing
secrecy provisions in the Health Insurance Act and the National
Health Act which govern disclosure of information obtained in the course of
duties
- oversight
by the Australian Information Commissioner in relation to a breach of proposed
Part VIIIA and
- minimum
requirements for the data matching principles, including undertaking reasonable
steps to ensure data accuracy, the destruction of personal information when no
longer needed and a requirement to take into account the Australian Information
Commissioner’s Guidelines to Data-matching in Australian Government
Administration (proposed section 132F).[63]
The Minister noted that the technical nature of the
principles would not be appropriate for the primary legislation, and having the
principles in a legislative instrument would allow greater flexibility to
respond to changes in best practice. Further,
it was noted that the principles will sunset in ten years, allowing a review of
their appropriateness.[64]
The Committee noted the Minister’s response and requested
that the key information provided by the Minister be included in the
explanatory memorandum, ‘noting the importance of this document as a point of
access to understanding the law and, if needed, as extrinsic material to assist
with interpretation’.[65]
Item 5 inserts proposed subsections
6(9)–(12) into the National Health Act which provide that the Chief
Executive Medicare can delegate any of their powers or functions under the Act
to any person. The Explanatory Memorandum states that this delegation would be
in line with the Secretary’s existing powers of delegation within the National
Health Act and would allow delegation, for example, to officers for the
purposes of undertaking data matching.[66]
Both the AMA and the Senate Standing Committee for the Scrutiny of Bills (the
Committee) raised concerns with the breadth of this item. The AMA noted in its
submission to the consultation process:
New amendments have been included in the Bill which allow the
CEO Medicare to delegate their powers to “any person”. Unlike other recent
legislation (such as the Medical Indemnity changes) there is no requirement
that the person be a member of the Senior Executive Service.
There is also no requirement that the person be a public
servant. Theoretically the CEO Medicare could delegate their data matching
powers – including their powers to determine the systems and processes – to
private health insurers or a foreign government.
The sensitivity of MBS and PBS information makes it
appropriate the legislation requires the CEO Medicare to maintain a public
register of all organisations authorized to data match under delegated powers.[67]
The Committee expressed concern about the broad powers of
delegation under item 5 of Schedule 1 of the Bill, stating that
there should be ‘a limit set either on the scope of powers that might be
delegated, or on the categories of people to whom those powers might be
delegated’.[68]
The Committee further considered that the explanatory memorandum did not
provide a sufficient justification for such a broad delegation of
administrative powers. The Committee requested the Minister’s advice as to ‘why
it is necessary to allow all of the Chief Executive Medicare's powers
and functions to be delegated to any person’.[69]
The Minister noted that the powers in the Bill relate to
the task or act of matching data rather than the making of decisions. Further,
the Minister stated that ‘data matching is highly technical and specialised and
carried out by data experts who may not be holders of nominated office and
unlikely to be Senior Executive Service officers.’ As such, the Minister
considered that the powers of delegation cannot be limited to certain office
holders.[70]
The Committee noted the Minister’s response, but
reiterated its preference that delegations of administrative power be confined
to the holders of nominated offices or members of the Senior Executive Service.
Alternatively, the Committee considered a limit could be set on the scope and
type of powers that may be delegated. The Committee remained concerned that it
appeared that ‘any of the Chief Executive Medicare's existing or future
powers under the National Health Act 1953 (and Regulations and
legislative instruments made under the Act) will be able to be delegated to any
person.’[71]
The Committee considered that it may be appropriate to
amend item 5 of Schedule 1 to the Bill to limit the delegation of
the Chief Executive Medicare's powers to the delegation of the proposed new
data-matching powers in proposed Part VIIIA of the National Health Act.
In addition, the Committee stated:
The committee otherwise draws its scrutiny concerns to the
attention of senators and leaves to the Senate as a whole the appropriateness
of allowing all of the Chief Executive Medicare's powers and functions
under the Act to be delegated to any person.[72]
Schedule 2—Other amendments
The Professional Services Review Scheme, established in
1994, aims to protect the integrity of Medicare and the PBS by reviewing and examining
possible inappropriate practice by health practitioners when they provide
Medicare services or prescribe PBS medicines.[73]
Inappropriate practice, as defined in section 82 of the Health Insurance Act,
includes:
- unacceptable
conduct—situations where a practitioner’s practice or conduct in providing
Medicare services or prescribing PBS medicines would be considered unacceptable
to the general body of their peers and
- prescribed
patterns of services—rendering 80 or more professional attendance services on
20 or more days during a 12 month period.[74]
The Professional Services Review Scheme is governed by
Part VAA of the Health Insurance Act.
Proposed amendments to the Health Insurance Act
under Schedule 2 of the Bill will improve the Commonwealth’s ability to
deal with inappropriate practice,[75]
by enabling services involving a professional attendance provided under certain
laws administered by the Minister for Veterans’ Affairs to be considered for a
prescribed pattern of service.[76]
Currently the Professional Services Review Scheme does not consider services
provided by the Department of Veterans’ Affairs (DVA) when determining whether
a practitioner has engaged in prescribed patterns of service and as such, the Department
of Health has limited visibility of whether a simultaneous claim has been made
with the DVA for a service where an MBS claim was made.[77]
The proposed amendments made by items 1–7 insert
references to the relevant DVA laws to be considered under the Professional
Services Review Scheme into the Health Insurance Act and are adequately
described in the Explanatory Memorandum.[78]
Item 8 of Schedule 2 amends the Military
Rehabilitation and Compensation Act to enable the disclosure of information
to the Health Secretary for a purpose of the Health Department or to the Chief
Executive Medicare for a purpose relating to the Chief Executive Medicare’s
powers and functions.
[1]. Explanatory
Memorandum, Health Legislation Amendment (Data-matching and Other Matters)
Bill 2019, p. 1.
[2]. Australian
Government, Budget
measures: budget paper no.2: 2018–19, p. 109.
[3]. Australian
Government, Budget
measures: budget paper no.2: 2017–18, pp. 108–109.
[4]. Health
Legislation Amendment (Improved Medicare Compliance and Other Measures) Act
2018. Also see: K Ramesh, Health
Legislation Amendment (Improved Medicare Compliance and Other Measures) Bill
2018, Bills digest, 124, 2017–18, Parliamentary Library, Canberra,
2018.
[5]. Australian
Government, Budget
measures: budget paper no.2: 2018–19, p. 109.
[6]. Department
of Health (DoH), ‘Health
professional compliance’, DoH website, last updated 28 September 2018.
[7]. Inappropriate
practices are defined in Part VAA of the Health Insurance
Act 1973, and include situations where a practitioner’s practice or
conduct in providing Medicare services or prescribing PBS medicines would be considered
unacceptable to the general body of their peers.
[8]. S
Cotterall, ‘Medicare
compliance: what providers need to know’, Australian Medical Association
website, 20 May 2019.
[9]. DoH,
Consultation
guide: The Health Legislation Amendment (Data-Matching) Bill 2019 and associated
Regulations, September 2019, p. 2.
[10]. DoH,
Department
of Health annual report 2017–18, DoH, Canberra, 2018, p. 92.
[11]. DoH,
Department
of Health annual report 2018–19, DoH, Canberra, 2019, p. 95.
[12]. Australian
National Audit Office (ANAO), ‘Managing
health provider compliance’, ANAO website.
[13]. Department
of Human Services (DHS), ‘Centrelink
data matching activities’, DHS website, last updated 13 September 2019;
Australian Taxation Office (ATO), ‘Data
matching’, ATO website, last modified 29 May 2018.
[14]. National Health
(Privacy Rules) 2018, subsection 9(1).
[15]. Explanatory
Memorandum, op. cit., p. 2.
[16]. Ibid.,
p. 12.
[17]. DoH,
‘Health
Legislation Amendment (Data-matching) Bill 2019’, DoH website.
[18]. King
& Wood Mallesons, Privacy
Impact Assessment (PIA) for the Data Matching proposal, PIA: Fraud detection
and compliance activities, report prepared for DoH, Sydney, 12
September 2019, pp. 8–15.
[19]. DoH,
Response
to Privacy Impact Assessment for Fraud detection and compliance activities:
Health Legislation Amendment (Data-matching) Bill 2019, DoH, Canberra,
2019, p. 4.
[20]. Senate
Selection of Bills Committee, Report,
9, 2019, The Senate, Canberra, 28 November 2019, p. 3.
[21]. Senate
Standing Committee for the Scrutiny of Bills, Scrutiny
digest, 8, 2019, The Senate, 13 November 2019, pp. 21–23.
[22]. Senate
Standing Committee for the Scrutiny of Bills, Scrutiny
digest, 9, 2019, The Senate, 27 November 2019, pp. 21–25.
[23]. C
Bowen, ‘Second
reading speech: Health Legislation Amendment (Data-matching) Bill
2019’, House of Representatives, Debates, (proof), 27 November 2019,
p. 214.
[24]. Ibid.
[25]. Australian
Medical Association (AMA), Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft], October 2019, pp. 1–2.
[26]. Ibid.,
pp. 2–3.
[27]. AMA,
‘AMA
submission on the Federal Government’s new Data Matching arrangements’, AMA
website, 28 October 2019.
[28]. Royal
Australian College of General Practitioners, Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft], 18 October 2019, p. 1; MIGA,
Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft], 11 October 2019, pp. 3–4.
[29]. DoH,
Consultation
guide: The Health Legislation Amendment (Data-Matching) Bill 2019 and associated
Regulations, op. cit.,
p. 3.
[30]. Royal
Australian College of General Practitioners, Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft] , 18 October 2019, p. 1.
[31]. MIGA,
Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft], 11 October 2019, p. 4.
[32]. Royal
Australian College of General Practitioners, Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft] ’, 18 October 2019, p. 2.
[33]. MIGA,
Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft], 11 October 2019, p. 3.
[34]. Aboriginal
Health Council of Western Australia, Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft], 18 October 2019, p. 1;
Queensland Aboriginal and Torres Strait Islander Health Council, Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft], 11 October 2019, pp. 1–2.
[35]. Aboriginal
Health Council of Western Australia, Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft], 18 October 2019, p. 2.
[36]. Explanatory
Memorandum, op. cit., p. 3.
[37]. The
Statement of Compatibility with Human Rights can be found at pages 4–5 of the Explanatory
Memorandum to the Bill.
[38]. Explanatory
Memorandum, op. cit., p. 1.
[39]. National Health
(Privacy Rules) 2018, subsection 9(1).
[40]. Explanatory
Memorandum, op. cit., p. 2.
[41]. Explanatory
Memorandum, op. cit., p. 6.
[42]. New
South Wales Council of Civil Liberties (NSWCCL), Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft], 11 October 2019, p. 3.
[43]. Royal
Australian College of General Practitioners, Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft], 18 October 2019, p. 1; MIGA,
Submission to the Department of Health, Consultation on
Health Legislation Amendment (Data-matching) Bill 2019 [Exposure draft], 11
October 2019, pp. 3–4.
[44]. G
Hunt, ‘Second
reading speech: Health Legislation Amendment (Data-matching) Bill
2019’, House of Representatives, Debates, 23 October 2019, p. 5086
[45]. DoH,
Consultation
guide: The Health Legislation Amendment (Data-Matching) Bill 2019 and associated
Regulations, op. cit.,
p. 4; Explanatory
Memorandum, op. cit., p. 7.
[46]. Hunt,
‘Second
reading speech: Health Legislation Amendment (Data-matching) Bill
2019’, op. cit., p. 5085.
[47]. Australian
Digital Health Agency (ADHA), My
Health Record, ADHA website.
[48]. DoH,
Consultation
guide: The Health Legislation Amendment (Data-Matching) Bill 2019 and associated
Regulations, op. cit.,
p. 5.
[49]. AMA,
Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft], October 2019, p. 3.; NSWCCL, Submission to the Department of Health, Consultation on
Health Legislation Amendment (Data-matching) Bill 2019 [Exposure draft], 11
October 2019, p. 1.
[50]. Explanatory
Memorandum, op. cit., p. 9.
[51]. Proposed
subsections 132D(1) and (2). The Australian Privacy Principles are in
Schedule 1 to the Privacy
Act 1988.
[52]. Proposed
subsection 132D(3). Item 8 of Schedule 1 inserts a note into
section 323-1 of the Private Health Insurance Act to this effect.
[53]. Explanatory
Memorandum, op. cit., p. 8.
[54]. Ibid.,
p. 8. Section 36 of the Privacy Act allows an individual to complain to
the Privacy Commissioner about an act or practice that may be an interference
with their privacy. The Commissioner may then investigate the act or practice,
and may issue a non-binding determination regarding whether there has been an
interference with the individual’s privacy, and specifying reasonable and
appropriate remedial steps to be taken (section 52). Also see: Office of the
Australian Information Commissioner (OAIC), ‘Chapter
1: Privacy complaint handling process’, Guide to privacy regulatory
action, OAIC website, last updated 7 November 2019.
[55]. Privacy Act 1988
(Cth); Office of the Australian Information Commissioner (OAIC), ‘Privacy Act’, OAIC
website, last updated 21 November 2019.
[56]. Privacy
Act, section 6; OAIC, ‘Chapter
B: key concepts’, Australian Privacy Principles guidelines, OAIC
website, version 1.3, 22 July 2019.
[57]. Privacy
Act, Schedule 1, APP 3 and APP 6.
[58]. Ibid.,
Schedule 1, APP 3.3 and 3.4(a), APP 6.1 and 6.2(b).
[59]. These
are currently the OAIC, ‘Guidelines
on data matching in Australian Government administration’, OAIC website,
18 June 2014.
[60]. Ibid.,
p. 9. Section 17 of the Legislation Act
2003 provides that before a legislative instrument is made, the
rule-maker must be satisfied that any appropriate consultation, which is
reasonably practicable to undertake, has been undertaken. However, under
section 19, the fact that consultation does not occur does not affect the
validity or enforceability of a legislative instrument.
[61]. Senate
Standing Committee for the Scrutiny of Bills, Scrutiny
digest, 8, 2019, op. cit., p. 21.
[62]. Ibid.,
p. 22.
[63]. Senate
Standing Committee for the Scrutiny of Bills, Scrutiny
digest, 9, 2019, op. cit., pp. 21–23.
[64]. Ibid.,
pp. 22–23.
[65]. Ibid.,
p. 23.
[66]. Explanatory
Memorandum, op. cit., p. 9.
[67]. AMA,
Submission
to the Department of Health, Consultation on Health Legislation Amendment
(Data-matching) Bill 2019 [Exposure draft], op. cit., pp. 2–3.
[68]. Senate
Selection of Bills Committee, op. cit., p. 22.
[69]. Ibid.,
p. 23.
[70]. Senate
Standing Committee for the Scrutiny of Bills, Scrutiny
digest, 9, 2019, op. cit., p. 24.
[71]. Ibid.,
pp. 24–25.
[72]. Ibid.,
p. 25.
[73]. Professional
Services Review (PSR), ‘About
the PSR Scheme’, PSR website, n.d.
[74]. PSR,
‘What
is inappropriate practice?’, PSR website, n.d. Also see Health Insurance
Act 1973, sections 82, 82A; Health Insurance
(Professional Services Review Scheme) Regulations 2019, Regulation 8.
[75]. As
defined in Part VAA of the Health Insurance
Act 1973.
[76]. Explanatory
Memorandum, op. cit., p. 1.
[77]. DoH,
Consultation
guide: The Health Legislation Amendment (Data-Matching) Bill 2019 and associated
Regulations, op. cit.,
p. 6.
[78]. Explanatory
Memorandum, op. cit., p. 11–12.
For copyright reasons some linked items are only available to members of Parliament.
© Commonwealth of Australia
Creative Commons
With the exception of the Commonwealth
Coat of Arms, and to the extent that copyright subsists in a third party,
this publication, its logo and front page design are licensed under a Creative Commons
Attribution-NonCommercial-NoDerivs 3.0 Australia licence.
In essence, you are free to copy and
communicate this work in its current form for all non-commercial purposes, as
long as you attribute the work to the author and abide by the other licence
terms. The work cannot be adapted or modified in any way. Content from this
publication should be attributed in the following way: Author(s), Title of
publication, Series Name and No, Publisher, Date.
To the extent that copyright subsists
in third party quotes it remains with the original owner and permission may
be required to reuse the material.
Inquiries regarding the licence and
any use of the publication are welcome to webmanager@aph.gov.au.
Disclaimer: Bills Digests are prepared to support the work of the Australian Parliament.
They are produced under time and resource constraints and aim to be available
in time for debate in the Chambers. The views expressed in Bills Digests do
not reflect an official position of the Australian Parliamentary Library, nor
do they constitute professional legal opinion. Bills Digests reflect the
relevant legislation as introduced and do not canvass subsequent amendments
or developments. Other sources should be consulted to determine the official
status of the Bill.
Any concerns or complaints should be
directed to the Parliamentary Librarian. Parliamentary Library staff are
available to discuss the contents of publications with Senators and Members
and their staff. To access this service, clients may contact the author or
the Library’s Central Enquiry Point for referral.