Online eScripts provider MediSecure has revealed 12.9 million Australians had personal data stolen in a cyber breach earlier this year, making it one of the largest data hacks in Australian history.
These breach incidents all serve to highlight the lack of a solution for patients that want to retain ownership (ie. exclusive control) over their data. Currently the only effective way to do that is a non-solution - by not interacting with the service at all.
Imagine there was one copy of your health information, and it was encrypted, and it lived on a server/flash drive/device under your control. In order to receive treatment, the provider has to access that source and request your permission or authenticate in some capacity. That would be an enduring, user-respecting solution that showed people that each loss of data was more than merely a publicity nightmare for the abetting company. Managing personal healthcare like this isn't for everyone, but it should be an option for patients with the means and inclination.
The fact that service providers neither want to co-operate with something like this, nor are required to by law, is a problem. There's currently no individual agency permitted whatsoever in this domain and I've been fed up with it for a long time.