In August this year a dataset containing 30 years worth of Medicare and Pharmaceutical Benefits Scheme information was made available to researchers via The Department of Health’s open data portal.
Yesterday the data was removed by the department, following a tip-off from a Melbourne researcher that practitioner details in the data could be decrypted.
ITNews reports Melbourne University’s Dr Vanessa Teague discovered it was possible to decrypt some of the service provider ID numbers attached to doctors.
“As a result of the potential to extract some doctor and other service provider ID numbers, the Department of Health immediately removed the dataset from the website to ensure the security and integrity of the data is maintained,” The Department of Health confirmed in a statement.
No patient information has been compromised, and no information about the health service providers has been publicly identified or released, according to The Department of Health.
A full, independent audit of the process of compiling, reviewing and publishing the data on data.gov.au will be happening. The Department of Health says the dataset will be made available again, but only when the current issue is resolved.
The Department of Health notified the Australian Privacy Commissioner Timothy Pilgrim of the “potential vulnerability”, and an investigation has been opened.
“The primary purpose of the investigation is to assess whether any personal information has been compromised or is at risk of compromise,” Pilgrim states, “and to assess the adequacy of the Department of Health’s processes for de-identifying information for publication.”
The results of the investigation will be published “at its conclusion”. We will keep you updated.