Showing posts with label data retention. Show all posts
Showing posts with label data retention. Show all posts

Sunday 16 April 2023

Services Australia can no longer off its own bat crack welfare recipients' PC, mobile, email & social media passwords in order to spy - since 13 October 2015 its been obliged to use the Australian Federal Police, an even more indiscreet Commonwealth agency.

 

On 17 July 2015 Deputy Secretary of the Dept. of Human Services (now Services Australia) Malisa Golightly, of ‘Robodebt’ notoriety, wrote to the Deputy Secretary of the National Security and Criminal Justice Group in the Attorney-General’s Department, seeking the department's continued inclusion as an enforcement agency under the Commonwealth Telecommunications (Interception and Access) Act 1979.


At that time the Dept. of Human Services employed 295 investigators and 89 intelligence analysts who typically conducted 3,000 criminal investigation per year – using the full range of powers available to an “enforcement agency” in the 1 July 2015 version of the Telecommunications (Interception and Access) Act.


Here is a potted history of what happened after that.


ITNews, 4 April 2022:


Services Australia is using telecommunications metadata and password-bypassing software to investigate welfare recipients suspected of claiming single payments while in relationships.


The Centrelink administrator told the Attorney General’s Department (ADG) that metadata is used to detect “people who receive payments as a single person while in a marriage-like relationship,” according to documents obtained by iTnews.


Submissions to AGD in 2015 and again in 2022 [pdf], obtained through a freedom of information request, list types of fraud the agency uses welfare recipients’ telecommunications metadata to detect.


A Services Australia spokesperson told iTnews that both telecommunications metadata and password-bypassing technology from Israeli vendor Cellebrite are only used when fraudulent claims trigger criminal investigations.


This contrasts with the more common non-compliance investigations, which prevent and recover debts resulting from over-payments, such as the notorious robodebt scheme.


However, the spokesperson would not say how much money a person needs to be suspected of being overpaid before a non-compliance investigation is tipped into a criminal investigation, making it hard to estimate the extent to which the technologies are used to determine relationship-status.


Moreover, welfare recipients told iTnews, while Services Australia has said that Cellebrite is only used for criminal investigations, data may be extracted from their devices before charges have been laid; and Services Australia may continue to pursue the debt as a non-compliance investigation even if the suspect is not prosecuted…...


Metadata and relationship-status


It is not clear what types of metadata are used to glean if welfare recipients are single, however criteria listed on Services Australia’s website for “how we assess if you’re a couple” includes: “financial aspects of your relationship, the nature of your household, social aspects of your relationship, [and] if you have a sexual relationship.”


The Services Australia spokesperson told iTnews that "the key metadata we request enables us to identify records linked to telephone numbers or IP addresses to support criminal investigations.”


The spokesperson did not answer whether it includes geolocation data on a device’s connection to the internet or the sender-recipient records of a user's communications.


Services Australia was cut off from directly asking telcos for metadata in late 2015, after having had the power since 2009.


It now makes requests for metadata, "where required", through the Australian Federal Police.


Services Australia has asked the government at least twice to have its powers back.


According to the FoI, Services Australia requested AGD declare it an 'enforcement agency' under Section 176A of the Telecommunications (Interception and Access) Act (TIA) in 2015 and made the same request seven years later during a current review of electronic surveillance laws…...


In response to its 2015 application, AGD suggested “joint investigations arrangements with a criminal law-enforcement agency” as an “alternative means of accessing historical telecommunications data.” The welfare provider took the advice.


Since Services Australia started accessing telecommunications metadata indirectly through the AFP, it is unclear how many investigations involved fraud claims based on relationship-status.


According to its most recent annual reports, in 2021–22 Services Australia conducted 709 criminal investigations, 988 administrative investigations and made 203 referrals to the CDPP.


A quick look at the Commonwealth Ombudsman' views on the often erratic response of the Australian Federal Police to its requirement to comply with telecommunication data law:

https://www.ombudsman.gov.au/__data/assets/pdf_file/0021/112476/Report-into-the-AFPs-use-and-administration-of-telecommunications-data-powers.pdf


There were several important factors that informed my decision to commence an investigation, including:

the covert and intrusive nature of this power

the duration and potential scale of non-compliance with the TIA Act as a result of ACT Policing accessing telecommunications data outside the AFP’s approved process

the omission of the affected records from our Office’s regular compliance inspections

previous recommendations our Office has made to the AFP about non-compliance with the TIA Act. 


Like law enforcement Services Australia is not eager to advertise the shortcomings of its own errant staff, but the character of this bureaucracy which uses covert surveillance on welfare recipients is not above interrogation. 


Services Australia is a federal government department which includes Centrelink.


A brief Internet search reveals for the most part sparsely worded information. The following is a compilation from government and media sources.


In a two year period covering 2005 to September 2006 Centrelink investigated 790 APS Code of Conduct complaints, with 766 referred for investigation and 585 staff found to have accessed the private information of welfare recipients or entered into a conflict of interest situation in breach of the code. Sanctions for these breaches reportedly ranged from 19 dismissals, 92 resignations and, more than 300 salary reductions or fines. Another est. 134 staff were demoted, reprimanded and warned. Five cases were referred to the AFP or Director of Public Prosecutions.


In 2006–07 Centrelink staff breached the information privacy principal in 367 instances, including 108 unauthorised access, 4 unauthorised disclosure and 10 unauthorised use. Another 17 new cases were opened with the Office of the Privacy Commissioner, bringing the total to 20 cases for the year. Centrelink finalised six cases with the office and as at 30 June 2007, 14 cases were still open.


By the next financial year 2007-08, Centrelink recorded 355 privacy breaches of which 100 were unauthorised access, 13 unauthorised disclosure and 1 unauthorised use. The remainder of breaches said to be primarily mailing errors.


In 2008-09 Centrelink found 368 proven privacy incidents of which 85 were unauthorised access of information, 14 were unauthorised disclosure and 1 was unauthorised use.


Financial year 2009-10 saw Centrelink admitted to 465 proven privacy incidents and it appears to have undertaken 286 staff code of conduct complaints investigations in which 187 staff member were found to have breached the code of conduct.


The following financial year 2010-11, Centrelink undertook 197 staff code of conduct complaints investigations, including 25 investigations of improper use of internet or email, and 67 investigations of ‘improper access to personal information’. The latter occurring when employees accessed records either without a business reason, or despite being directed not to do so, for example if the records belonged to themselves, family or friends. A total of 128 Centrelink staff members were found to have breached the code of conduct.


In 2011 Centrelink & Medicare were integrated into the Dept. of Human Services.


In 2011-12  the Dept. of Human Services finalised 205 staff breaches of the APS Code of Conduct, including:

  • 68 instances of improper access to personal information;

  • 5 unauthorised disclosure of information;

  • 10 conflict of interest;

  • 48 inappropriate behaviour other than bullying or harassment;

  • 17 harassment and/or bullying;

  • 8 fraud other than theft;

  • 1 theft;

  • 8 improper use of resources other than email;

  • 25 improper use of internet or email;

  • 8 inappropriate use of government vehicles;

  • 7 improper use of position or status;

  • 4 behaviour of the employee outside of work;

  • 2 misuse of drugs and/or alcohol, and

  • 2 other.


The next year 2012-13 the Dept. of Human Services finalised 165 matters involving 214 breaches of the code of conduct - across the gamut of human behaviour displayed in the workplace including 82  instances of improper access to personal information, 5 unauthorised disclosure of information and 26 conflict of interest. 


In 2013-14 the Department of Human Services reported there were 472 matters involving staff breaches of code of conduct of which 234 were finalised, including 118 improper access to personal information, 4 unauthorised disclosure, 181 conflict of interest and 66 fraud. 


The next financial year 2014-15 saw reports of 1,939 substantiated privacy incidents from which there were officially 268 findings of staff breaches of the code of conduct.


In 2015-16 there were 368 findings of a breach of the code of conduct.


Note: From 21.9.2015 to 18.2.2016 Stuart Robert was the Minister for Human Services.


In 2016-17 there were a reported 304 staff breaches of the code of conduct.


NOTE: From 21.9.2015 to 18.2.2016 Stuart Robert was the Minister for Human Services.


In 2017-18 a total of 235 staff code of conduct investigations were completed and 224 findings of a breach were made.


In 2018-19 the Department of Human Services reported a total of 249 staff code of conduct investigations were completed, with 241 findings of a breach of the code.


NOTE: From  29.5.2019 to 30.3.2021 Stuart Robert was Minister for Government Services, which included the Dept. of Human Services in his portfolio.

In May 2019 the Dept. of Human Services had a name change, becoming Services Australia.


From July 2017 to end June 2019 almost half of the breaches arose from unauthorised access to information, where staff had inappropriately accessed customer records. Almost a quarter of all breaches allegedly related to incorrect reporting of income by staff who were also in receipt of Centrelink benefits.


The Commonwealth Ombudsman's Report of 2019-20 mention that;  We received more complaints about Services Australia than any other agency (11,222), although this was a decrease of 3.7 per cent compared to last year


In one case; A complainant’s disability support pension (DSP) was cancelled as a result of a staff error and while seeking a review of this error they received an inheritance.

A trustee acting on behalf of the complainant contacted Services Australia however was unable to have the DSP payments reinstated, despite payments not being made in excess of 12 months.

As a result of the Office’s engagement with Services Australia during an investigation, the complainant’s circumstances were reviewed and they were back-paid over $45,000 for the entire period since their DSP was cancelled. Additionally, Services Australia provided feedback to the officer who made the initial error to improve future service.


In his following 2020-21 annual report the Commonwealth Ombudsman placed Services Australia in; the number of disclosures assessed meeting the criteria under s 26 of the Public Interest Disclosure Act 2013 and alleged kinds of disclosable conduct to which the disclosures relate. 


This involves 8 instances of:

Contravention of a law of the Commonwealth, state or territory (5)

Maladministration (2)

Abuse of public trust (2)

Wastage of public money (2)

Conduct that results in, or that increases, the risk of danger to the health or safety of one or more persons (3)

Abuse of public office (3)

Conduct that may result in disciplinary action

(6) 


In 2021-22 the Commonwealth Ombudsman reported that 52% of complaints it received from the public involved Services Australia-Centrelink.


Wednesday 28 August 2019

Do you know exactly who Medicare, your GP, specialist doctor or local area health service are sharing your personal medical information with?


Electronic Frontiers Australia, media release, 26 August 2019: 

Australia, Melbourne — Monday 26 August 2019 — EFA, Future Wise, Digital Rights Watch and APF today call again for a comprehensive review of privacy provisions for healthcare data. 

 Following the HealthEngine scandal in 2018, and the recent use of Pharmaceutical Benefits Scheme (PBS) data to assist recruitment into research on Bipolar disorder, a Twitter user on Friday 23 August shared a SMS message attempting to recruit him into a clinical trial. 

This appears to have occurred through the use of Precedence Healthcare’s InCa (Integrated Care) health platform. Research by members of digital rights organisations today revealed that sensitive patient details—including contact details, demographics and complete medical histories—can be shared with a wide range of partners, including, it appears, private health insurers. 

Dr Trent Yarwood, health spokesperson for Future Wise and a medical specialist, said “Secondary uses like this are a very ethically murky area. People don’t generally expect to have personal details from their healthcare providers made available to anyone, even if well intentioned.” 

The terms and conditions of the application include access to data from myHealthRecord. “While the My Health Records Act includes privacy provisions, once this data is accessed by an external system, these provisions no longer apply,” continued Dr Yarwood. “I’m very concerned that practices making use of this system are not aware of just how widely this data can be shared—and that they are expected to fully inform patients of the nature of the data use,” he concluded. 

“This kind of barely-controlled data sharing is only possible because of how little privacy protection is provided by the current legislation,” said Justin Warren, Electronic Frontiers Australia board member. 

“People have made it clear time and time again that information about their health is extremely personal, private, and they expect it to be kept secure, not shared with all and sundry,” he said. “What people think is happening is quite different to what actually is, and these companies are risking catastrophic damage to patient trust with their lust for data.” 

“If you found out your doctor was sharing your full medical history with private health insurers, or the police, would you keep seeing them?” he added. 

Robust privacy protections are needed for all Australians, such as by finally giving us the right to sue for breach of privacy, requiring explicit consent for each disclosure of medical or health data to a third party, and proper auditing of record-access that is visible to the patient. It is imperative that the risks of health data sharing receive greater attention. [my yellow highlighting]

Australian Health Information Technology, 25 August 2019: 

This Seems To Be A System Of Sharing Personal Health Information That Is Rather Out Of Control. 

I noticed this last week: How does Inca collect and share health information? 

Updated 1 month ago 

Precedence Health Care’s Integrated Care Platform (Inca) is a cloud- based network of digital health and wellness services, including MediTracker mobile application services. 

It is important that all users of Inca services understand how the network collects and shares health information (“personal information”) and are aware of their responsibilities for gaining informed consent from patients. 

To the extent applicable (if at all), the Health Privacy Principles (or equivalent), which operate in some jurisdictions, should guide your actions. In the absence of applicable Health Privacy Principles, you should refer to relevant Commonwealth, State or Territory privacy legislation, and assistance can also be derived by referring to the website of the Office of the Australian Information Commissioner. You should make sure you are familiar with the applicable principles or other relevant guidance, and also with Precedence Health Care’s Privacy Policy. 

Inca collects and shares personal information about patients and other persons under care (also called “consumers”) who consent to this information being stored and shared in the network. This information may come from a variety of sources, including the clinical software systems used by GPs (e.g., Medical Director, Best Practice); other members of the patient’s care team (e.g., allied health professionals, medical specialists); the patient themselves; participating health services and pathology services; and the Commonwealth’s My Health Record. 

Inca uses this information to provide a range of health care and wellness services to the patient and their care team. 

Prior to contributing a patient’s personal information to be stored in or used by Inca, users must obtain informed consent from patients for the collection and sharing of this information. Ensuring that patients are informed about what will happen with the information that is being shared is a fundamental component of best practice in privacy, so it is important that all Inca users and patients know what information is available on Inca and who has access to that information. 

When a patient’s GP or other person authorised by the GP uses Inca to collect personal information from their general practice clinical system, Inca will extract and share the following information: 

· Patient demographics 
· Alcohol consumption and smoking status 
· Allergies and adverse reactions 
· Family and social history 
· Observations and results 
· Current medications 
· Immunisation history 
· Current and past problems 

If the patient or the GP does not wish to share some of this information, the GP’s clinical system should provide a means for declaring such data “confidential” and thereby preventing it being sent to Inca. 

GPs who do not know how to do this should contact the provider of their clinical software. Inca may also collect and share information obtained from other sources. 

These include: 

· Information that the GP or any member of the care team or the patient themselves adds to the patient record or to any notes concerning the patient’s care using Inca services, web sites or mobile devices. This information may include contact information, measurements, care plans, assessments, referrals, progress notes, appointments, and other related personal and health information. 

· Information from participating Health Services, including discharge summaries and emergency department attendance. 

· Information obtained from My Health Record. This information may include some or all of the data stored in the patient’s My Health Record. 

It is the responsibility of the provider of information stored in or used by Inca, or the person who grants access to such information, to inform the patient of the type of personal information that is so provided or made accessible. 

Inca will provide access to a patient’s personal information with the patient’s GP and care team, the patient (or their carer as authorised by the patient), participating Health Services, and some others as necessary to provide the services of Inca. Precedence Health Care may share de-identified data (that is, data from which it is impossible to ascertain who you are) to persons or organisations who are engaged in research, trials and analyses relating to improvements in health and the management of health services. The way Inca shares and protects this information is described in the Precedence Health Care Privacy Policy. 

It is important that patients understand what information is being shared, who it is being shared with, and for what purpose. It is the responsibility of the persons providing this information to ensure that each patient is aware that their personal and health information is being stored on a computer system hosted on a secure site in Australia, as described in the Precedence Health Care Privacy Policy. 

It is also important for all users of Inca to be aware that this information may not be complete, up to date, or accurate. 

In seeking informed consent to participate, patients should be advised that any measurements or notes that they enter into Inca are not continuously monitored and will be available to members of the patient’s care team only when the provider next logs in to Inca. 

Patients who are concerned about any condition should contact their GP or other health care provider using their normal means (e.g., phone) and should not use Inca for this purpose. 

Please contact Precedence Health Care’s Privacy Officer on (03) 9023 0800 or email privacy@precedencehealthcare.com if you have any questions or concerns about our Privacy Policy, or if you wish to suggest improvements. You may also contact your State’s Privacy Commissioner or Ombudsman to get advice about privacy or make a complaint. 

Here is the link: https://phc.zendesk.com/hc/en-us/articles/360021090952-How-does-cdmNet-collect-and-share-health-information- 

For background Precedence Health run a shared patient data base which is accessible to GPs, Specialists and Allied Health Staff for the purpose of care planning and co-ordinating care. Using their system allows GPs to claim a Medicare Item No for this service. They also provide patient access to the data and have services such as reminders etc in an app. 

All that said this system, on its own statements, just sucks information from everywhere (GP systems, health services and the myHR) and pops it into one database. One user, who is now switching it off, revoking consent and getting out has described to me a collection of erroneous and mis-sorted data on their record. 

More they seem to be happy to hand out the data to others claiming it is de-identified – and we all know how in-effective that can be! 

The rather loose way consent rules for disclosure appear to be enforced is also a worry. 

They even have the legendary myHR disclaimer that “It is also important for all users of Inca to be aware that this information may not be complete, up to date, or accurate.” Doh! 

You can see the Privacy Policy here if you wish! https://phc.zendesk.com/hc/en-us/articles/360021091012-Privacy-Policy- 

Don’t know about you but none of my information would go anywhere near this if I could help it! It looks like a serious unthought through shambles to me. 

What do you think? 

David.  [my yellow highlighting]

Thursday 31 January 2019

The relentless drive by Australian federal and state governments to create unsafe data collection and retention systems continues unabated



The Sydney Morning Herald, 26 January 2019:

More than 1 million Australians have had their name and address added to the electoral roll and then automatically passed to global marketing giants without their knowledge.

Direct enrolment laws passed by Parliament in 2012 meant Australians no longer had to register on the electoral roll to have their details entered, with information of workers and school students scanned from drivers licences, Centrelink and records from the Board of Studies in each state.

The electoral roll has since been handed over to credit-check operators for identification purposes designed to help financial services firms such as banks, Afterpay and Zip, to run fraud, anti-money laundering and anti-terrorism checks, but four of those identity firms are now running global marketing operations using data analytics.

No government body has been able to advise if anyone is monitoring the companies for breaches of the electoral act, which carries fines for using the data in commercial operations, or if they are monitoring the separation of data between the companies' identification and marketing arms.

The Sydney Morning Herald and The Age revealed this week that AXCIOM, Experian, Global Data and illion (formerly known as debt collectors Dun & Bradstreet) all have access to the electoral roll as "prescribed authorities". In their secondary businesses, each boasts of their ability to provide marketing data analytics on millions of Australians to their clients but maintain they are in full compliance with the privacy act and do not use the data for marketing purposes.

AXCIOM and Global Data have not responded to multiple requests for comment. An auto-reply email from AXCIOM said "data monetisation awaits!"

The only non-marketing firm among the group, US credit check giant Equifax, had the records of 145.5 million hacked in a breach in 2017 was fined $3.5 million by the Federal Court last year for misleading, deceptive and unconscionable conduct…..

….database that contains information on 16 million Australians. More than 1.5 million Australians who were eligible to vote - but not on the electoral roll - are likely to have been added since the laws passed.

School students as young as 16 have been caught up in the data transfer, with more than 18,846 people aged 16 and 17 provisionally on the electoral roll as of December 31.

Wednesday 30 January 2019

Prime Minister Scott Morrion's bullying of single mothers increases


The Guardian, 28 January 2019:

Single mothers placed on a compulsory welfare program for disadvantaged parents allege they were pressured into allowing private job service providers to collect their “sensitive information”.

ParentsNext participants are asked to sign a privacy notification and consent form, which is similar to documentation provided to those on other welfare programs such as the employment scheme Jobactive.

The program is compulsory for those who want to receive parenting payments and are considered “disadvantaged”, but departmental guidelines state that participants may decline to sign the form and still take part.

Instead, some case workers have told participants that they would have their payments cut if they refused to sign the form.

The situation has meant women who did not want to give their consent have done so anyway. One of the five participants who spoke to Guardian Australia about their experience said they felt the situation represented “coercion”.

“She [my case worker] just said, flat out, ‘If you don’t sign it, you won’t get your parenting payment’,” one mother, who did not want to be named, told Guardian Australia. “It was simple as that.”

The women were concerned by the fact the privacy form states that providers “may collect sensitive information … [which] may include … medical information”. It is understood the form would allow providers to handle participants’ mental health information.

Parenting payment is the sole income for many women on the ParentsNext program, which is currently the subject of a Senate inquiry.

While is standard practice for welfare recipients to be asked to sign privacy consent and notification forms, the chairman of the Australian Privacy Foundation, David Vaile, noted that, in this case, the women felt they needed to sign the form in order to keep receiving their payments.

“It has all the characteristics of bad consent,” Vaile said.

Ella Buckland, who has been campaigning against ParentsNext since she was placed on the program, has asked her provider to destroy the consent form she signed last year. She was told she needed to sign the form to take part in the program – and therefore keep her payments.

“I felt humiliated and disempowered that I didn’t have a choice,” Buckland, a former Greens staffer, told Guardian Australia. “[I thought] if I didn’t sign it, I wouldn’t be able to feed my kids.”

The department has told Buckland in writing she may withdraw her consent at any time. Her provider, who did not reply to a request for comment, has been asked by the Department of Jobs and Small Business to respond to her claims.

Terese Edwards, the chief executive of the National Council of Single Mothers and their Children, said many women had legitimate reasons for refusing to sign the form, such as having left a violent relationship.

 “Providing this information reduces their sense of security,” she said. “It could be where the child is getting schooled, which then has the address of the parent. It could also have the name of the child.”

Among the women Guardian Australia has spoken is a mother of a transgender child who did not want to sign the form because she was concerned about the privacy of her daughter.

Eva* is eligible for an exemption from the program because she homeschools her daughter, but was told in a text message she would have to sign the consent form for this to be processed. She was also told she would have to attend a meeting with her provider, about two hours’ drive away, and to provide evidence that her daughter was homeschooled......

Wednesday 12 December 2018

Do you know whose hands have harvested your medical information?



The Medical Republic, 7 December 2018:

An investigation by The Medical Republic has revealed state, territory and federal police forces have sent around 2,600 requests a year for this sensitive health data to the Department of Human Services over the past two years. The department can legally disclose private health records to the police without a court order.

The department would not reveal how many of these requests were granted, but said the number of disclosures per year had remained stable over the past decade.

Once linked, Pharmaceutical Benefits Scheme (PBS) and Medicare Benefits Schedule (MBS) data, can paint a very detailed picture about a person’s medical history.

PBS data includes every rebatable medication purchased at a chemist. MBS records show which Medicare item numbers were billed for during each consultation, and what tests were ordered.

This information is as sensitive as MHR data, although it lacks the granularity of laboratory test results or GP notes, which can be included in a MHR. In November, the federal parliament passed legislation requiring police to produce a court order to access MHR data.

“This begs the question as to why similar protections are not being enacted in the MBS and PBS legislation,” Malcolm Crompton, a former privacy commissioner of Australia and founder and lead privacy advisor of Information Integrity Solutions, told The Medical Republic.

The legislative inconsistency was an “undeniable oddity” especially because most of the content of a MHR would, at least initially, simply be MBS and PBS data, he said.
Data sharing between the Department of Human Services and the police is shrouded in secrecy, with decisions being made behind closed doors by unnamed officials using an undisclosed set of public interest guidelines, which were issued by the secretary of the Department of Health in 2003.

The human services department has refused to make its 18-page privacy guidelines public under FOI laws, citing concerns that agencies might use their knowledge of the guidelines to trick the department.

“Specifically, with the benefit of having reviewed the document, requestors may construct their requests in a manner that undermines the department’s procedures (e.g. by misleading the delegate) in order to secure the disclosure of the requested information,” an FOI decision maker said…..
The department eventually provided a single case study for police use of private health data, four months after initially being asked about the purpose of disclosing this data, and only after The Medical Republic’s investigation exposed the scale of police requests.
The case study describes a scenario where the police are making an enquiry about a missing person whose safety is in question, and are using MBS and PBS claims information to determine whether the missing person had seen a doctor, obtained medications or updated their contact details.

The Medical Republic contacted each state, territory and federal police force for this investigation, but only the NT Police confirmed how many times the department had provided patient information.

The NT Police, Fire and Emergency Services made an average of 26 requests per year for private health data, including current contact details, next of kin, MBS or PBS records.

All of these requests were successful, and all were made without a court order. “Requests are not made under court order but rather must satisfy certain criteria,” Detective Acting Superintendent Peter Kennon said.

“That is it must be for a missing person or in relation to an offence with a penalty of two years or more imprisonment or 44 penalty units (about $6,000), and be in the public interest.”

The department is obliged to report the number of times it has disclosed linked PBS and MBS data to law enforcement authorities on an annual basis to the Office of Australian Information Commissioner (OAIC).

The Medical Republic obtained a copy of the OAIC reports, which showed that the DHS gave linked MBS and PBS data to police five times in 2016-17, but did not disclose data given to police in the previous three years.

“Most of the public interest disclosures the department makes to law enforcement agencies do not need to be included in our annual reports to the Privacy Commissioner,” a department spokesperson said.

The department only has to report the disclosure of “linked” MBS and PBS data to police. The word “linked” is not defined in the legislative instrument, so in practice, the department appears able to apply a definition that minimises its reporting obligations.

MBS and PBS data was only “linked” if the information was “combined, joined or merged”, a department spokesperson said. “The mere extraction of an individual’s MBS and PBS claims information into separate documents does not constitute linking for the purposes of the guidelines, even if those documents are sent to the same email address,” the spokesperson said.

“The department seems to be playing with semantics in order to avoid complying with the intention of the guidelines,” Dr Robertson-Dunn said.