E-health is the secure electronic collection and exchange of health information between individuals, healthcare providers and healthcare organisations. E-health technologies include:

• Health information exchange
• Electronic referrals and discharges
• Electronic diagnostics (pathology, radiology)
• Electronic prescribing
• Clinical decision support

In Australia we enjoy a health system that gives us access to healthcare when we need it. However, to maintain this we need to improve how healthcare is delivered. With e-health, you, your healthcare providers and the places where you receive healthcare will be able to securely and simultaneously share information - e-health is our future in healthcare.

• Increased safety and quality of care
• Gives you more involvement in your healthcare
• Fewer medication errors
• Improved decision support for healthcare provider
• Better healthcare delivery
• Right information, right place, right time

Healthcare identifiers are 16 digit numbers which will be used to uniquely identify healthcare providers and individuals to improve patient and provider identification to support the managment of health information and communication of health information between healthcare providers.

Three types of healthcare identifiers will be assigned by the Healthcare Identifiers (HI) Service Operator:

• Individual Healthcare Identifier (IHI) - for individuals receiving healthcare services.
• Healthcare Provider Identifier - Individual (HPI-I) - for healthcare professionals and other health personnel involved in providing patient care.
• Healthcare Provider Identifier - Organisation (HPI-O) - for organisations (such as the hospital or health clinic) where healthcare is provided.

Communication of health information is a vital part of effective healthcare. The accurate identification of individuals is critical in all health communication. Mismatching of patients with their records and results is a documented problem for the health system and a clear link has been established between avoidable harm to patients and poor medical records management.

Using an IHI provides a way for healthcare providers to more accurately match the right records to the person they are treating and improve accuracy when communicating information with other healthcare providers. This will help to avoid medical mix-ups or one person's information being recorded on another patient's file.

Adopting a national approach to healthcare identifiers recognises that identifiers are part of the core infrastructure needed to support secure electronic communication across Australia's healthcare system.

Without this infrastructure it is likely to result in further duplication or fragmentation of investment, limited uptake and adoption of e-health initiatives, and limited interoperability of available solutions creating a 'rail gauge' problem that will become difficult or expensive to rectify.

Any individual who receives healthcare services within the Australian healthcare system will be assigned a unique healthcare identifier. The HI Service Operator will automatically assign an IHI to individuals who are enrolled for Medicare benefits or have a Department of Veterans' Affairs (DVA) treatment card.

People who are not already registered with Medicare or DVA will be assigned a temporary identifier by the HI Service when the person next seeks healthcare. The assignment process is authorised by legislation rather than individual consent.

Authorised healthcare providers will be able to obtain a unique identifier from the HI Service for their patient records without obtaining the patient's consent. The identifier will be added as a new field in a patient's record alongside the name and DoB details that a person's healthcare provider already holds.

The ways in which a healthcare provider uses or discloses information held in patient records, including the identifier, will continue to be regulated by privacy laws and professional obligations such as confidentiality. In practice this means that the transfer of information between healthcare providers using a healthcare identifier will ordinarily be with patient consent.

A voluntary model was also considered, but was ultimately assessed as unworkable. Healthcare providers would have had to maintain duplicate identification systems and undertake several additional steps at the point of care to manage individual decisions to participate or withdraw partricipation.

Healthcare providers and related entities may use and disclose healthcare identifiers, namely for communicating and managing health information as part of the:

• provision of healthcare to an individual; or
• management, funding, monitoring or evaluation of healthcarer;
• provision of medical indemnity cover for a healthcare provider;
• conducting research that has been approved by a Human Research Ethics Committee.

Healthcare identifiers can also be used to lessen or prevent a serious threat to an individual's life, health or safety or to public health or public safety.

Where information is disclosed for these purposes the receiving healthcare provider or entity is authorised to collect the healthcare identifier and use it for the purpose for which it was disclosed.

Healthcare identifiers can also be used to lessen or prevent a serious threat to an individual's life, health or safety or to public health or public safety.

Where information is disclosed for these purposes the receiving healthcare provider or entity is authorised to collect the healthcare identifier and use it for the purpose for which it was disclosed.

Healthcare identifiers can not be used for other purposes including for insurance and employment purposes, unless the use is for the purpose of healthcare delivery to an individual. For example, it is expected that some private health insurance companies will use identifiers to provide services to their customers, such as chronic disease management programs.

Handling of healthcare identifiers does not authorise the sharing of associated personal or health information which would still need to be undertaken in accordance with existing privacy and health information laws in each jurisdiction.

Healthcare identifiers are not a health record. The information held by the HI Service Operator will be limited to demographic information such as name and date or birth needed to uniquely identify individuals and providers. Healthcare identifiers will provide a much more reliable way of referencing patient information, particularly in healthcare providers' electronic information management systems.

Healthcare identifiers are an important building block to enable a national Personally Controlled Electronic Health Record (PCEHR) system.

The national PCEHR system will be separate from the HI Service. The PCEHR will use identifiers to facilitate the identification of a consumer and healthcare provider. This will provide consumers and their healthcare providers with greater certainty that the individual’s information is being correctly attributed to their electronic record.

Consistent with the National E-Health Strategy, endorsed by all Health Ministers, participation in an PCEHR will be voluntary and an individual's Healthcare Identifier will only be used for their PCEHR with their permission.

Privacy impact assessments would be conducted at appropriate points in the development of a PCEHR system along with regular consultation with the Federal Privacy Commissioner.

Medicare Australia will be the operator of the HI Service.The HI Service will operate in conjunction with a standardised authentication infrastructure and comply with international best practice for information security.

As a trusted government authority, Medicare Australia has the national infrastructure, as well as the industry and community relationships needed to securely deliver and maintain the healthcare identifiers.

The HI Service will be a separate and new Medicare Australia function, not linked to its funding or claims for payment functions.

Medicare Australia is an Australian Government statutory agency and is governed by national legislation that sets out the scope of the functions it can perform and the privacy and security it must maintain for the personal information it holds.

Medicare Australia will be responsible for implementing and maintaining a national system for uniquely identifying healthcare providers and individuals. This includes the assignment of healthcare identifiers to healthcare providers and individuals.

The HI Service will be a separate and new Medicare Australia function, not linked to its funding or claims for payment functions.

The HI Service, including Medicare Australia's role as the HI Service Operator will be reviewed two years after commencement taking into account any further e-health developments.

A Medicare number is not unique. Some people have more than one Medicare number because they are members of more than one family and may be on multiple cards. Also, not everyone who needs healthcare will have a Medicare number.

Medicare provider numbers are allocated to individual providers and organisations to support payments and claims through government schemes such as Medicare Benefits and Pharmaceutical Benefits Schemes. Healthcare providers who are not eligible to bill Medicare may not have a Medicare provider number.

No. The HI Service will be a separate and new function for Medicare Australia, and will not be linked to its funding or claims for payment functions.

No. If a health provider is unable to obtain a person's IHI from the HI Service, or the IHI is not available for any reason, patients will not be refused treatment. An IHI will also not be required for claiming healthcare benefits.

The HI Service Operator will be required to carry out regular maintenance activities including audits, data quality checks, reporting to Health Ministers and reviews of internal policies and procedures.

An IHI is a unique 16 digit number that will be allocated to each Australian resident and others seeking healthcare in Australia.

The Council of Australian Governments decided that IHIs should be allocated on a universal basis to every Australian resident and person seeking healthcare in Australia.

While healthcare identifiers will be allocated on a universal basis, an individual’s participation in a future national person controlled electronic health record (PCEHR) system will be voluntary.

The IHI will be associated with a limited amount of identifying information such as, name, date of birth and sex. In some circumstances, further data may be required to ensure unique assignment or to assist with the use of IHIs such as: address, birth plurality and birth order, and aliases.

People will not need to remember their IHI nor obtain a new card. Healthcare professionals will be able to retrieve a patient's IHI using their current Medicare card or DVA treatment card or via a demographic search.

For those individuals who are not enrolled with Medicare Australia or DVA but wish to be assigned an IHI, a token can be issued on request.

It is intended that each person will only have one IHI, and that there will be no need to change or renew this number at any stage.

There are circumstances where you may have more than one IHI. This could include, for example, in an emergency situation where a provider may not be able to determine who a patient is. In this case, a temporary IHI may be issued and would later be matched to the patient's existing IHI once that person is able to provide information about who they are.

The IHI will improve safety, security and efficiency by making sure patient information is linked to the correct record.
There are four key areas where the use of IHIs to support the electronic exchange of information will deliver immediate benefits for patients:

• Discharge summaries;
• Pathology Tests;
• Prescriptions
• Referrals

For example: E-prescription implementations in Sweden, Boston and Denmark reduce provider costs and save time to improve productivity per prescription by over 50%; E-referrals in Denmark reduced the average time spent on referrals by 97% by providing more effective access to patient information for both clinicians and test ordering and results management systems reduce time spent by physicians chasing up test results by over 70% in implementation in America and France.

An IHI will not alter the way in which anonymous healthcare services are currently provided. Where it is lawful and practical, individuals can seek treatment and services on an anonymous basis. In these instances, an IHI would not be used by the healthcare service.

Yes. Individuals and their authorised representatives will be able to access demographic information held by Medicare Australia as part of the HI Service and an audit log of which organisations have obtained their IHI.

The HI Service will have processes in place that are flexible enough to support the types of arrangements regularly encountered in the healthcare sector, such as a carer or advocate acting for a person with impaired decision-making abilities.

The HI Service will set out arrangements to provide for situations where a person may need to access the Service on another's behalf.

No, there will not be any cost to patients.

The HI Service will protect individual privacy through both legislation and technical means, such as agreed security and access controls.

Information security has been a primary consideration in the design and development of the HI service.

Healthcare providers who are identified with an individual HPI-I, or an authorised employee, can access the HI Service to obtain the IHI of a patient being treated.

The system design does not allow 'browsing' of records - a request by an authorised healthcare provider for a patient's identifier will only reveal an IHI when there is an exact match with patient information provided by the healthcare provider.

Each time a record held by Medicare Australia is accessed, the details of who and when will be recorded in an audit log.

Electronic communications involving healthcare identifiers will be made secure through the use of standardised Public Key Infrastructure (PKI) and secure messaging services.

Legislation clearly sets out the permitted uses of healthcare identifiers. Penalties for the intentional misuse of healthcare identifiers, such as inappropriate disclosure of information by Medicare Australia, or users of the Service, will be set out in legislation.  In addition, current privacy laws will continue to apply.

The Federal Privacy Commissioner will monitor the operation of the HI service by Medicare Australia and handle complaints against the Commonwealth public sector and private sector organisations.

The inclusion of healthcare identifiers on a health records system or a patient's file will not change how and when healthcare providers share information about individuals. A healthcare identifier is simply a much more reliable way of referencing information, particularly in electronic information management systems.

A HPI is a number that will be assigned to eligible healthcare providers and organisations to support their unique identification.

These identifiers are referred to as:

• Healthcare Provider Identifiers - Individual (HPI-I) for healthcare professionals and other health personnel involved in patient care, and
• Healthcare Provider Identifiers - Organisation (HPI-O) that will identify the organisation (such as the hospital or health clinic) where care is provided.

HPI-Is can be issued either via health professional registration bodies (as part of registration process) or directly by the HI Service.

It is planned to have healthcare identifiers allocated from mid 2010 through a phased approach.

A range of healthcare providers, including those in primary care and allied health, may be issued with a HPI-I. To be eligible for a HPI-I, a healthcare provider must provide a 'health service' which is defined in the legislation.

There are two classes of individual healthcare providers who will be eligible to be issued with a HPI-I:

• Healthcare providers registered under a State or Territory law which relates to the registration of a particular healthcare profession or healthcare providers registered under the National Law with the Australian Health Practitioner Regulation Agency (AHPRA); or
• Healthcare providers who are members of a professional association that meets the following criteria:

a) is a separate legal entity under a law of the Commonwealth or a State or Territory; and
b) has the following characteristics:
(i) its members practise the same healthcare profession;
(ii) it has enough membership to be considered representative of the healthcare profession practised by its members;
(iii) it sets its own admission requirements, including acceptable qualifications;
(iv) it sets and publishes standards of practice and ethical conduct;
(v) it aims to maintain the standing of the healthcare profession practiced by its members;
(vi) it has written rules, articles of association, by-laws or codes of conduct for its members;
(vii) it has the ability to impose sanctions on members who contravene the association’s written rules, articles of association, by-laws or codes of conduct;
(viii) it sets requirements to maintain its members’ professional skills and knowledge by continuing professional development; and
c) has members who:
(i) may take part in decisions affecting their profession; and
(ii) have the right to vote at meetings of the association; and
(iii) have the right to be recognised as being a member of the professional association.

A HPI-I provides a unique way of identifying the provider on patient records that the provider creates or updates. When information is sent to other providers to support a patient's ongoing healthcare, the HPI-I, in combination with secure authentication mechanisms, will provide greater clarity about who the information is from.

A provider's HPI-I will be unique to that professional and healthcare providers will only need one HPI-I regardless of the number of professions for which they are qualified or the number of healthcare organisations which they work for.

All organisations that provide healthcare services will be able to apply for a HPI-O.

As part of establishing their eligibility an organisation will need to provide evidence to the HI Service that it is a legal entity and that it employs or contract one or more individual healthcare providers or sole traders who are employed for the purpose of providing a health service.

The HPI-I is designed to work in conjunction with other national e-health initiatives, such as standard clinical terminologies and the development of secure messaging systems, to provide an accurate and secure foundation for sending and receiving messages and information from other providers electronically.

In order to participate in the HI Service, a healthcare provider business will require IT systems that incorporate minimum standards and security features necessary to access the HI Service. The Service can be accessed via a number of channels including Medicare Australia's Health Professional Online Service (HPOS), Business to Business (B2B) web interface and phone services. Many providers already use HPOS and it is anticipated that changes required to IT systems will therefore be minimal for these providers.

A national healthcare identifiers system is an important foundation for accurate communication and management of patient information via electronic means. The benefits of the HI Service will arise in the short term from the use of healthcare identifiers to improve existing methods of communication between healthcare providers as well as future e-health applications for which healthcare identifiers are a foundation element.

The costs of adverse events and medical errors are significant. It has been estimated that 10% of hospital admissions are due to adverse drug events and that up to 18% of medical errors are due to the inadequate availability of patient information.

An immediate benefit of the HI Service will be the availability of a Provider Directory Service. The provider directory will allow for GPs to locate other providers (such as specialists) in a timely manner, and facilitate communication with other providers when referring patients or making decisions about the patient's care needs.

The identifiers are designed as a foundation element for future e-health initiatives in Australia such as the proposed PCEHR announced in the Budget on 11 May 2010.

Providers who update systems to accommodate healthcare identifiers are therefore taking steps to prepare for further e-health developments.

There will be some setup costs for healthcare providers such as, the impact on staff time in terms of considering information supplied to the healthcare provider about how healthcare identifiers should be implemented and because consumers are likely to seek advice from their healthcare provider on the new healthcare identifiers and how they can and cannot be used.

Healthcare providers will be provided with supporting materials and appropriate sources to refer consumers to for more information. A public awareness program on the HI Service will provide information to consumers via a range of methods.

The combination of technology controls, specific controls set out in healthcare identifiers legislation and existing privacy laws will provide strong privacy protections.

There will be clearly established limits on the adoption, use and disclosure of healthcare identifiers. Healthcare identifiers can only be used for health information management and communication as part of the:

• provision of healthcare to an individual;
• management, funding, monitoring or evaluation of healthcare;
• provision of indemnity cover for a healthcare provider;
• conducting research that has been approved by a Human Research Ethics Committee; or
• lessening a or preventing a serious threat to an individual’s life, health or safety or to public health or public safety.

Specific legislation is required to set out permitted uses and disclosures of healthcare identifiers, allocate the role of Service Operator to Medicare Australia, set out the functions of the Service Operator and how personal information should be managed.

In addition, regulations will be required in a number of specific areas to support the day-to-day operation of the HI Service.

The Federal Privacy Commissioner will oversee the operation of the HI Service and handle complaints against Australian Government agencies and private sector healthcare providers. Each state and territory is expected to nominate a local regulator to oversight the handling of healthcare identifiers by its state or territory bodies and to put these arrangements in place through legislation. The Commonwealth legislation will apply until a state or territory puts consistent safeguards in place for their public sectors.

Yes. Penalties for the intentional misuse of healthcare identifiers, such as inappropriate disclosure of information by the HI Service, authorised healthcare providers or any other person, will be set out in Commonwealth, state and territory legislation.

Yes - all access to the HI Service will be logged, creating a record of when healthcare providers access an individual's IHI on the HI Service. An individual will be able to view the audit log and see who has requested and obtained their IHI.

The HI Service Operator will be required to carry out regular maintenance activities including audits, data quality checks, reporting to Health Ministers and reviews of internal policies and procedures.

Regulations are required to support the implementation of the HI Service and have been drafted based on the requirements of the HI Bill and according the NEHTA's HI Service Concept of Operations. The draft regulations cover national registration authorities, classes of healthcare providers, assigning HIs, access to HIs, and security.

Consultation on exposure draft regulations commenced on 12 March 2010 and concluded on 9 April 2010. 52 submissions were received.

Regulations are currently being finalised taking into account stakeholder feedback. Regulations cannot be made until the HI Bill has been passed by Federal Parliament.

The legislation will provide for:

• the Minister to appoint an individual to review the operation of the Act and prepare a report on their review by 30 June 2013, in consultation with the Ministerial Council
• require that a copy of the report is made available to the Ministerial Council and tabled in Parliament
• provide for regulations to be made to prescribe a service operator instead of Medicare Australia and that the Ministerial Council be consulted by the Minister before regulations are made.

On 13 July 2009, a discussion paper was released seeking comments on legislative proposals to support the establishment and implementation of unique identifiers for healthcare purposes and the privacy of health information. As part of this consultation, two stakeholder forums were held to allow detailed discussion of the proposals.

Consultation closed on 14 August 2009, and over 90 submissions were received from stakeholders. Key messages from the consultation include that use of the identifiers should be supported by a national privacy framework and specific limits to ensure identifiers are used only for healthcare and health related purposes such as managing health services and research.

Further consultation, including the release of exposure draft legislation has been undertaken from 20 November 2009 to 7 January 2010. 55 submissions were received. Stakeholder feedback indicated general support for the legislative proposals with some particular suggestions on extending the use of identifiers for insurance and research purposes and in relation to how the identifiers might work in practice. Stakeholder feedback was taken into account in finalising the legislation.

On 12 March 2010, Exposure Draft Regulations were released for public comment. Consultation closed on 9 April 2010. 52 submissions were received.

Further information about the public consultation processes undertaken, including copies of the consultation documents and submissions received are available on the Department's website: www.health.gov.au/eHealth/consultation.

In developing the foundations for eHealth, Australian Government and state and territory governments, in conjunction with the National E-Health Transition Authority (NEHTA) are collaborating with representative groups drawn from the healthcare sector, as well as health leaders, consumer groups, software vendors, information managers and standards experts. These range from including general practitioners to specialist medical and non-medical groups including the allied health, pharmaceutical and nursing sectors.

NEHTA and the Department of Health and Ageing have provided regular updates to the Privacy Commissioner on the progress of the Healthcare Identifier System. The Office of the Privacy Commissioner has actively participated in both consultation processes and provided detailed written comments on the proposals and draft legislation.

The Office of the Privacy Commissioner attended both public forums held in Sydney and Melbourne, and a number of discussions have been held on the legislative proposals and on the proposed oversight role of the Privacy Commissioner.

NEHTA's work on development of the HI Service has involved ongoing consideration of privacy issues. A number of independent Privacy Impact Assessments (PIAs) were commissioned by NEHTA to inform the design of the HI Service. The most recent PIA report was completed in late August 2009.

NEHTA publicly released three PIAs on 16 November 2009 to demonstrate its commitment to systematically addressing privacy issues and to inform the development of appropriate legislative and technical controls to support implementation of healthcare identifiers.