You can download or share the PDF at http://mref.me/1A3sSpH
The Privacy Act is constantly getting updated and Australian healthcare professionals need to ensure they stay on top of it when it comes to storing and sending their patients' heath information.
We have created a short guide that summarises the key points from all the government resources out there. We have also added references to all these resources so that you can go deeper if you wish for a more thorough reading.
Any feedback and comments much appreciated: www.mediref.com.au
Electronic Patient Health Information - Australian Privacy Laws
1. EMAILING PATIENT INFO
What All Health Professionals Must Know
About How The Privacy Act Affects Electronic
Health Correspondence
A Publication of Mediref
Reading time: Approx 10 mins
Importance rating: High
Available to share/re-download at any time at: vip.mediref.com.au/privacy
2. Introduction
Patient correspondence is increasingly becoming electronic. The speed, cost and
reliability benefits make it extremely convenient.
We have researched the Privacy Act, and information from different government
bodies, to give you a summary on what guidelines are to be used when sending patient
information via electronic channels.
Our goals:
1. Simplify privacy laws relating to electronic communication so that you can make
your own informed decisions when sending patient information.
2. Examine the use of email in healthcare - Its popularity, its appropriateness,
security risks and how to control them.
3. Mediref - Our solution to maintaining ease of use without compromising security.
Disclaimer - We built Mediref for patient correspondence and have an interest in
practitioners considering it as an alternative to email. We have clearly marked the
section on Mediref if you wish to limit your reading to just the privacy laws and email
sections. 2
3. Table of Contents
1. Privacy Act _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 4
Key points on how it relates to electronic communication
2. Email _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 11
How does its use comply (or not comply) with legislation
3. Mediref _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _20
An alternative for sending patient health information
4. How to make email safe _ _ _ _ _ _ _ _ _ _ _ _ _ _32
How to use email to be compliant with privacy laws
3
5. The Privacy Act and APP’s
The original Privacy Act written in 1988 naturally contains little
information specific to electronic transmission of patient
correspondence. It has therefore been updated with APP’s
(Australian Privacy Principles) that are published by the Office
of the Australian Information Commissioner.
There are 3 key messages we can take from these sources.
5
6. “Sensitive information is a type of personal information and
includes information about health information.”
- Source - The Office of the Australian Information Commissioner (linked here)
The first key point is something we are all familiar with and it
cannot be overstated. Health information is sensitive and needs
to be treated securely and thoughtfully.
Key Point 1
6
7. “The Privacy Act requires entities to take ‘reasonable
steps’ to protect the personal information that they hold.”
Source - The Office of the Australian Information Commissioner
(link to PDF about ‘reasonable steps’)
Secondly, we (health professionals) are required to take
‘reasonable steps’ when handling such sensitive information. This
includes storage and transmission.
Key Point 2
7
8. “Ensure information is transferred securely (for example,
not transmitting health information via non-secure e-
mail)”
Source - The Office of the Australian Information Commissioner (link here’)
Lastly, plain text email* is explicitly considered not reasonable. If
email is to be used, encryption is a minimal requirement (more
detail on email encryption to follow).
*All email is plain text by default, unless you have taken specific steps to
add encryption.
Key Point 3
8
9. So, how do we treat patient information reasonably?
Key points:
● Restrict access using, for example: passwords, security
tokens, biometrics (one or more of the three)
● Use encryption
● Back up sensitive information frequently
● Have measures in place for data breaches
● Use email validation and authentication systems to ensure
your firewall is not bypassed
Source: This PDF from the OAIC covers this in full detail and, if you have the
time, we highly recommend reading it. Software specific section starts on page
19.
‘Reasonable Steps’
9
10. NEHTA Guidelines
NEHTA (National Electronic Health Transition Authority) is a
body created specifically for electronic health. There are
some specific rules that they have put in place with regards to
sharing patient information online. The information should
1. Contain the relevant patient identifying details.
2. Contain the relevant practitioner identifying details.
3. Be digitally signed, and encrypted.
4. Have accessibility restricted to persons of relevance.
5. Be stored on Australian Territory.
Source: NEHTA (linked)
10
12. E-mail Popularity
Email is the most popular means by which electronic health
information is currently exchanged. There are some clear
benefits to it:
1. Universal - Everybody has one.
2. Free - Paid email clients or specialised encryption/security
software aside, email offers excellent value.
3. Easy to use - Even for the baby boomers!
4. Quick - Delivered within seconds.
5. Attachments - Medical correspondence is often clearer
with images and other attachments, and discounting size
limitations, email allows this.
12
13. E-mail Security Issues
In spite of its convenience, there is little doubt that email’s
popularity within the medical sector is largely due to its
popularity overall i.e. - Everybody has an email address so it is
convenient to use it as your primary form of communication.
Once you relate the attributes of standard email to the
Privacy Act (chapter 1), it does not conform on many
accounts, and leaves practitioners on no man’s land.
13
14. “Indeed, a person has no legitimate expectation of
privacy in information he voluntarily turns over to third
parties”
Source - Quote from Google regarding their own services!
An email travel vast distances (often around the globe) before
getting to its recipient. Multiple servers and access points in this
journey potentially have access to that email and have the
capacity to treat it as per their terms and conditions, often
violating the confidentiality of the contents within.
We are also required to keep all sensitive data within Australia,
which does not happen if the email provider or either the sender
or the recipient is not Australian (e.g. Gmail/Hotmail).
Email Security 1: Privacy
14
15. To compound the issue of privacy, emails tend to duplicate
themselves. A copy is made of each email that is sent out and
back and forth replies each contain the entire history of the
preceding conversation.
Multiple copies like this means you have virtually zero control over
the contents of that email once the send button has been
pressed.
Email Security 2: No control
15
16. Heard of phishing scams?
Defined as “attempts to acquire sensitive
information by masquerading as a trustworthy
entity in an electronic communication”. In the
case of email, malicious links are commonly
sent by seemingly trusted acquaintances.
You cannot be certain who an email is from
and that lack of authenticity and
accountability makes it unsuitable for sensitive
information.
Email Security 3: Authenticity
The infamous Acai berry phishing
scam
16
17. Closely related to authentication is validation via signatures. This
enables the recipient to be certain about the senders identity.
Correspondence must be signed as per NEHTA’s guidelines.
While digital signatures can be incorporated into email, the
process can be cumbersome and is ignored the majority of the
time.
Note that digital signatures (a secure means of verifying sender
identity) are different from encryption (a secure means to prevent
those with unauthorised access to your email, from reading the
contents).
Email Security 4: Verification
17
18. We’ve mentioned encryption several times already, but what is it?
Simply put, encrypted data is ‘scrambled’ so that anybody who
does not have the decryption key to unscramble it (e.g. parties
with unauthorised access to an email), cannot see or make use of
it.
A diagram on the next page explains the process in a simple
manner with an example to further illustrate how the process
works.
Email Security 5: Encryption
18
19. Example scenario: Sam wants to
send an encrypted email to Jane.
Step 1 - Both must agree on
which encryption method to use
and implement it. Note - You
cannot send an encrypted email
to just any email address.
Step 2 - Each party will generate
a private and a public key.
Step 3 - Sam will encrypt the
message using Jane’s public key.
She will be able to decrypt the
message with her private key,
without which the message will
not be accessible to anyone.
Step by step instructions on email
encryption in appendix at the end.
Diagram Source
19
20. CHAPTER THREE
Mediref
20
All Mediref specific slides have this
logo at the bottom. Skip to chapter
4 if your interest is only on the
Privacy Act and emailing patient
information
21. On Mediref
After studying email and other software, there are 3 major
categories we focused on to create a killer patient
correspondence system:
1. Ease of use - It should be intuitive without having to resort
to instruction manuals
2. Security - So that it complies with all privacy laws
3. Versatility - Correspondence must not be limited to those
on the same system
21
22. Mediref: Ease Of Use
New technology will only be used if it is intuitive. We recognise
that and have made Mediref easier to use and more
convenient than email.
How?
● Integrating a smart directory
● Providing standardised organisation
● Automated tracking of referrals
● Tailor made for multiple practitioners
22
23. Smart Directory
● Address correspondence using
just your recipient’s name
● Directory has thousands of
practitioners and practices and
grows everyday
● Includes practitioners not on
Mediref (you can still use Mediref
to securely communicate with
them!)
● No need to look up fax numbers,
email addresses or postal
addresses.
SEE EXAMPLE
23
24. Effortless Organisation
Patient details
frozen on
upper left
hand corner
All
practitioners
listed in a
single column
Entire history
of
attachments
visible at a
single click
All updates to
the case in an
easily
followed,
chronological
order
Easily add
your own
updates
Easily import
threads to
your patient
management
system
A standard format means all important information is visible at a glance
24
25. Tracking Correspondence
Has your patient followed instructions? Did they book an appointment
with the specialist?
● Referring practitioners - No need to guess anymore
● Specialists - No need to send back unbooked referrals every
few months
● Urgent cases can easily be followed up as needed
Unbooked
Patients
Booked
Patients
Mediref’s dashboard keeps the
status of all correspondence
updated automatically for all
practitioners
25
26. Multiple Practitioners
Patient management is becoming
increasingly collaborative. Clear
communication is integral to avoiding
fragmentation of care and information.
● Each patient case has only one copy,
which is updated and visible to all
practitioners
● Extra practitioners can be added at
anytime
○ Full history (including attachments)
becomes available to them in an
organised format
● Almost zero chance of anyone missing an
update
Collaborate easily with multiple
colleagues.
Add
practitioners
to a case with
one click.
26
27. Security
We designed Mediref with security in mind from the start.
Everything is in line with the Privacy Act, the APPs and NEHTA’
s guidelines.
Privacy & Control:
● All data is stored within Australia
● Mediref does not make or distribute multiple copies of
sensitive information, providing excellent control:
○ Authority (with patient consent) to share access to a
case with other relevant practitioners
○ All practitioners with access organised in an easily
visible list
27
28. Security
Authenticity & Verification:
● Mediref users are verified Australian health practitioners
and practices - nobody else is allowed access to the
system
● All correspondence is accompanied with a digital
signature by way of a PIN number
Automatic Encryption:
● Access to Mediref is only possible via encrypted channels.
This is automatically put in place by us and the end-user
does not have to do anything (software
installation/manual encryption, public/private key
generation etc)
28
29. Versatility
Not everyone is on Mediref (yet!). It is important to enable easy and
secure communication channels with those outside of Mediref.
1. Send messages to outside Mediref
2. Receive messages from outside Mediref
Communicate with practitioners outside of Mediref
29
30. Versatility
● If recipient is not on Mediref, message will be
delivered by fax or a secure email token
● Secure email token:
○ Recipient will receive a secret link plus a
password
○ Combination of the two will give only the
recipient access to the correspondence
○ No sensitive information transmitted within
the email
○ All health information kept within Australian
encrypted servers
● Input of fax/email a one time thing - after
verification, recipient will become a part of our
extensive directory to enable recipient selection
using just their name
1. Send messages outside of Mediref
30
31. Versatility
● The easiest way is to embed Mediref within your website. This will enable
other health practitioners to send correspondence directly into your
Mediref portal:
○ All senders are verified by Mediref (so you don’t get spam)
○ You keep all your correspondence organised within Mediref
● For practices and practitioners without a website, Mediref also has
public profile pages:
○ Showcase your expertise
○ Receive correspondence from non-Mediref users
Want an example of Mediref embedded in a site? Click below.
2. Receive messages from outside Mediref
TRY NOW
31
33. How to use email
Email is here to stay. So the next few pages are about
email best practices, focusing on:
1. Email encryption
2. Digital signatures*
*See page 9 for a more complete list of reasonable
steps.
33
34. 1. Email encryption
34
We have already explained the basic encryption process on page 19.
What we will describe in more depth are step by step how-to’s on
encryption.
A. PGP
B. SendInc
C. Virtru
Note - This is not an exhaustive list but a selection based on ease of
use & popularity. There are far too many to cover them all.
35. A. PGP/GPA
1. PGP is the encryption method used to
generate private and public keys.
2. GPA is a program enabling use of PGP.
Download GPA here.
3. Install GPA and create your private and public
keys (ensure you back these up!)
4. Share your public keys with your email
network (otherwise they will not be able to
send you encrypted messages you can open,
nor will they be able to read yours).
5. When composing an email, encrypt it using
GPA/PGP.
6. Select your recipient (from a list of recipients
who have shared their public keys with you).
7. Hit send and you’re done!
The above guide in more depth with images here.
35
Advantages
1. Encryption happens locally
ensuring sensitive data stays
in Australia as per NEHTA
2. Extremely secure
3. Free
Disadvantages
1. Requires a bit of technical
know how to install.
2. Both sender and recipient
have to install and use it.
3. Public keys will need to be
exchanged with your entire
email network.
Final thoughts
Recommended, if your entire
practitioner network agree to use
it. Combined with a digital
signature, you will be keeping
onside of all privacy laws.
36. B. SendInc
Sendinc, in a nutshell, provides the
encryption you need without requiring you
to exchange public and private keys with
your entire email network. Instead you
create just one secure link with SendInc
themselves and they relay your message -
the tradeoff being that your recipients will
need to create an account to read your
email.
1. Create account at SendInc
2. Set-up the connection with SendInc (e.
g. via their outlook add-on)
3. Done. You are ready to send
encrypted emails.
36
Advantages
1. Easy to set-up
2. Most users will be happy with
their free package
Disadvantages
1. Recipients will be required to
create a Sendinc account to
view your messages
2. Data not stored locally
3. Only slightly less convenient
than Virtru (next page)
Final thoughts
Not recommended as your stand-
alone program because of location
of data, but vastly superior to plain
text email so should be used if that
is your only alternative.
37. C. Virtru
An excellent concept.
Simply put, instead of sending a copy of your
email to your recipient, Virtru will host that
email on their own encrypted servers and grant
your recipient access to that email. This is, in
many ways, very similar to what Mediref does
when sending correspondence to those not on
Mediref.
The drawbacks are that your data is not kept in
Australia and it only supports Gmail, Outlook
and other global email providers. So if you use
iiNet/Bigpond, it is out of the question.
Setup is a simple case of downloading and
installing their software.
37
Advantages
1. Extremely easy to set up
2. Very easy to use
3. Recipient does not need to be
using Virtru as well
Disadvantages
1. Only supports the ‘big’ global
email providers
2. Data not stored locally
3. Need premium subscription
for full utility
Final thoughts
Excellent idea but not
recommended due to data stored
internationally and being limited to
only the ‘big’ email providers.
However, it is better than using a
vanilla version of gmail/outlook!
38. 2. Digital Signatures
38
This is not the same as putting your name at the end of the email but a means to let
your recipient identify you as the sender (and not someone pretending to be you).
1. Generate and obtain a digital certificate. Free one available here.
2. Install the certificate on your computer* by:
○ On Outlook 2010, click on File and then Options
○ Click on Trust Center and click on Trust Center Settings
○ Click on E-mail Security
○ Outlook populates the Change Security Settings dialog box with default
information. Click OK to accept the defaults
○ Click OK
Done! When composing a message in Outlook, simply select the Digital Signature
button to Digitally Sign your email.
● Note 1 - Each email client is different. The above is for Outlook 2010. Instructions are similar but email
us if you need help with a specific email client.
● Note 2 - Each separate computer will require its own installed certificate.
39. Keep Patient Health Information Secure
We have done our best to arm you with the knowledge about
how to securely transmit patient information. Let it be a guide
when deciding on what channels you use to send
correspondence.
Mediref is based on this knowledge and our practical
experience as healthcare professionals. If you wish to give it a
try then click the button below.
TRY MEDIREF
39