Among the clinical stakeholders of the HI Service there is a strong perception that the balance between privacy and clinical utility in the HI Act has swung too far to ensure privacy, to a level that it impacts efficient clinical processes and has resulted in systems that are difficult to use and processes that are cumbersome for healthcare providers and consumers. It was highlighted in a number of interviews that privacy protections need to be appropriate to the level of risk to an individual that would occur from disclosure of information. The risk associated from disclosure of an IHI number (or HPI-I) (as opposed to the health information attached to it) is seen as minimal by most stakeholders. Stakeholders also emphasised that Healthcare Identifiers need to be seen as an integral component of a much larger system and the way they are handled has to be considered in this context.
Many of the issues that were raised are more a result of misinterpretation or lack of knowledge of the Act than actual legislative barriers. There is a high level of variability in the way that the Act is interpreted among HI Service stakeholders, particularly in relation to what are permitted uses and disclosures, generating lack of confidence in using the system.
A number of legislative issues identified by stakeholders were referred to Minter Ellison Lawyers for advice on potential options to address these constraints, any potential legal risks or implications associated with these options and suggested amendments to the Act that would be required. This section contains extracts from this advice.