27 June 2018

HealthEngine feels the heat over data sharing

Ethics Patients Technology

Australia’s biggest online GP booking service is being roasted by customers and shunned by doctors after revelations that it shared patients’ medical and contact details with marketers.

HealthEngine is also being accused of undermining public trust in electronic health systems, just weeks before the July 16 start of the My Health Record opt-out phase.

Several GPs have publicly stated they were cutting ties with the booking service over its data-sharing practices, which are now the subject of a federal investigation.

Dr Ines Rio, a Melbourne GP, said she was appalled to learn that HealthEngine had been passing on patients’ details to third parties and she had asked immediately to be removed from its system.

Responding to the revelations by ABC news, the Perth-based company claimed it acted only with patients’ consent, pointing to a statement attached to its terms and conditions for users.

“Under no circumstances do I believe that was informed consent,” Dr Rio told The Medical Republic.

“There is an important and necessary exchange of information to improve patient pathways and quality care.  However, it is imperative that GP, patient and community trust is not lost.”

A patient advocacy group said HealthEngine’s conduct raised “disturbing questions about the potential hazards surrounding the privacy and security of online medical information”.

Consumers Health Forum CEO Leanne Wells said it was unacceptable that an online medical appointments booking service should have failed to declare clearly that patient data would be sent on to law firms seeking potential injury compensation cases – one of the practices revealed by the ABC report.

“This is a negative development for patients and doctors and a blow to community confidence in the potential benefits use of digital has for the community,” Ms Wells said.

“It should also be a responsibility of doctors who contract with HealthEngine to ensure that patients are protected from unrelated business overtures,” she added.

Ms Wells asked why a booking service needed to gather information about whether a patient had been involved in an accident or workplace injury to make a medical appointment.

The ABC report also drew attention to HealthEngine’s practice of sharing patient information with “advertising partners” including private health insurance comparison sites, lending companies for cosmetic procedures and dentistry and lawyers.

Angry customers have deluged the company with complaints.

“Now I know why I got spammed last year by a call centre for a firm of lawyers. Please respond to me or I start naming names because YOU SOLD MY PERSONAL DETAILS!! – I AM ON THE DO NOT CALL REGISTER!! how many peoples details were unethically compromised in this way ?” a customer identified as Bill demanded on HealthEngine’s Facebook site.

Federal Health Minister Greg Hunt has asked the Office of the Information Commissioner and the Australian Digital Health Agency to investigate the company’s data practices.

The scandal comes just weeks after HealthEngine was exposed by Fairfax Media for whitewashing patients’ reviews on its site to remove any negative reports.

COVID-19 live update