The Access Card Debate Begins in Earnest.

ABC Radio National today broadcast a very useful review of the proposal for an Access Smartcard which is currently under development by the Commonwealth Government with the pointman being the Minister for Human Services, Joe Hockey.

The show, Background Briefing, is summarised by the ABC as follows:

“Getting smart: the Access Card

The government is bringing in a new national card, called the Access Card. Everyone who uses Medicare, Centrelink, or any government service, will have one. And they're not just normal cards. They have mini-computers inside them that can store data about your name, address and anything else. The government says they're like mp3 players, and big business loves them, but opponents say they're a new version of the Australia Card - an ID card in disguise. And they say that privacy is in peril. Reporter: Sharona Coutts”

The fifty minutes of audio, suitable for playing on both a PC or portable .mp3 player can be found here:

http://mpegmedia.abc.net.au/rn/podcast/current/audioonly/bbg_20061210.mp3

Among the interesting points made in the show were the following:

1. Enabling legislation for the Access Card has not been passed and is due to be introduced in the first half of 2007. Mr Hockey recognises that this will be the time when the project will be under most challenge. It would be a ‘courageous decision’ to spend too much before that approval is obtained. At present the Opposition is saying they don’t have enough detail to be sure which way they will vote. It seems unlikely the Greens or Democrats will support the proposal so the numbers in the Senate are likely to be tight. In the House of Representatives it is hard to know how things will play out with some Liberals being philosophically opposed to ID cards or anything like them.

2. The Government has developed a Privacy Impact Assessment for the Access Card proposal (with the assistance of Clayton Utz, a major national law firm), but it is not being released for reasons which have to be very hard to understand.

3. The Government asked a Privacy Task Force to review the proposal and when the Task Force said the individuals signature and ID number should not be human readable (i.e. written in clear text) on the card these recommendations were rejected. The concern with this information being readable is that this will make it easy for anyone to obtain (or demand) an individual’s key number and maximise the risk of “function creep” of the card. Over time it is feared everyone from the video shop up will want to record the card number and use the signature to verify identity.

4. The Government (and Mr Hockey) are not prepared to disclose even his estimates how long and complex the access card enrolment process for each citizen. This leads to concern about just how accurate the start up costing estimates and the actual proposed start date are.

5. Mr Hockey claims the Secure Customer Registration System (SCRS) will hold less information than an individual’s driver’s license but fails to disclose the range of linkages to other huge databases (e.g. CentreLink and Medicare) that will be required for the system to work.

6. It does seem that it will be technically very difficult to have citizens use their Access Card and their PC to securely store information on their card without creating highly exploitable security weaknesses as Mr Hockey has been suggesting.

7. A system as centralised as the one proposed here, but having so many users, is inevitably going to be abused by Departmental insiders for profit, curiosity or worse. (Witness the breaches at the ATO, CentreLink and the Child Support Agency). There seems to be an emerging sense of concern in the community regarding the risks such systems pose to some vulnerable parts of the population (e.g. separated wives who are being sought by their abusive husbands etc.)

As I have pointed out before, those of us who are interested in the deployment and use of Health IT have a vested interest in this project and similar identity management efforts. If the public and political contention around the Access Card becomes significant there will be negative impacts on all efforts to improve access to, and the flow of information, in other domains – including health.

It seems unlikely, for example, that NEHTA’s plans for an Individual Health Identifier (IHI), delivered as a web service it is assumed, would not be caught up in any Access Card contention and debate. It is interesting that NEHTA plans have thus far not attracted much, if any attention from the various privacy and security lobbies.

Equally, concern may emerge regarding the efforts of the various State Health Departments to deploy State-Wide universal identifiers (I wonder how many State Health Departments would want to record the Access Card Number once it becomes available? Unless they were legislatively barred I suggest the number would be close to 100%).

It seems to me that if both the privacy and function creep issues around the proposed Access Card are not handled both more robustly and more sensitively that presently appears to be the plan E-Health may wind up a major collateral casualty of a potentially failed Access Card implementation.

I commend the show as a very good listen.

David.