SRI Security Research Institute, Edith Cowan University, Perth, Western Australia
While electronic medical records have the potential to vastly improve a patient’s health care, their introduction also raises new and complex security and privacy issues. The challenge of preserving what patients’ believe as their privacy in the context of the introduction of the Personally Controlled Electronic Health Record (PCEHR), into the multi-layered and decentralised Australian health system is discussed. Based on a number of European case studies the paper outlines the institutional measures for privacy and security that have been put in place, and compares them with the current status in Australia. The implementation of the PCEHR has not been as straight forward, holistic or as uniform as in the European countries’ studied. This has meant that issues around personal privacy and security have not been addressed in an effective and functional manner. Surprisingly, the researchers found that the patient is absent in the PCEHR privacy and security discussion; and their perceptions of, and requirements for privacy and secure management of their medical information is absent. The concept of personal privacy and security has yet to be fully explored from the patient’s perspective, despite it being a Personally Controlled Health Record.