Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Privacy not at risk in Medicare, Centrelink merger: OAIC

Privacy Commissioner, Timothy Pilgrim, said done correctly, internet protocols and secrecy provisions will prevent any privacy risk

The impending merger of Medicare Australia and Centrelink under new legislation will not trample Australians' privacy according to the Office of the Australian Information Commissioner (OAIC).

In its submission to the Senate community affairs committee (PDF) Australian Privacy Commissioner, Timothy Pilgrim - one of three commissioners at the OAIC - argued the merger would continue to ensure citizens' privacy under existing strictures on the way government agencies could use personal information, as well as requirements to ensure secrecy provisions could operate effectively post-integration under the bill.

“In light of the new departmental arrangements, and the increased capacity for personal information sharing under [Service Delivery Reform] programs… It is expected that DHS [Department of Human Services], in consultation with the OAIC and others will continue to have in place appropriate internal protocols for the handling of customers' personal information associated with different programs within [the department],” he wrote.

According to the OAIC, these internal protocols would ensure personal information is only collected or used if authorised by law, with sensitivity in cases such as domestic violence, in line with government policy to seek consent in “any new sharing of customer data”.

The commissioner argued also noted the bill's proposed amendments to the Medicare Australia Act 1973, which would limit required authorised officers to notify patients when examining a record with clinical data.

“The OAIC considers that, from the information provided, the provision appropriately balances privacy protection and the efficient and effective conduct of relevant investigations,” Pilgrim said. “In particular the OAIC notes the extensive security arrangements that apply to such investigations - including legal (eg search warrants), technical (IT safeguards), physical (storage) and operational(eg training and certification).”

The merger of the two agencies into the Department of Human Services, effected under the Human Services Legislation Amendment Bill 2010, forms part of the Gillard Government’s service delivery reform (SDR) program and will result in a consolidation of the agencies’ IT platforms under a single banner led by deputy secretary of ICT infrastructure, John Wadeson.

Despite the bill continuing to undergo examination, the department has finalised some consolidation aspects, virtualising its hosting environment with Macquarie Telecom, and in-sourcing some of the infrastructure of smaller agencies.

However, in its submission to the committee (PDF), the department argued Medicare should be excluded from sharing some clinical health data with Centrelink and other encompassing agencies under the reform.

“The Government is conscious of the need to protect customer data, therefore the individual databases of each agency will not be merged,” the submission reads.

“The Department of Human Services will not use customer information collected for the purposes of one program for another program, unless the use of information in this way is authorised by law and already occurs or, alternatively, the customer gives informed consent to the additional use.”

To deliver the government's reforms, the DHS will oversee the rollout of co-located offices in an effort to extend the portfolio’s reach by providing one-stop-shops in more places. It will also increase self-service options to enable people to manage their own affairs, including through expanded online services.

Follow Chloe Herrick on Twitter: @chloe_CW

Follow Computerworld Australia on Twitter: @ComputerworldAu

Tags Office of the Australian Information Commissioner (OAIC)centrelinkgovernmentDepartment of Human Servicesmedicareprivacy

More about BillCentrelinkf2Macquarie Telecom

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Comments

Comments are now closed

Computerworld
ARN
Techworld
CMO