In recent times there has been a lot of hype about distributed ledger technology, also known as blockchain. A recent blockchain solution of particular interest is an eHealth Records System which has been developed in Estonia. This solution implements the distributor ledger technologies, certain data architecture and cryptography. These records cannot be changed without any change being visible to the whole network, including the patient in real time. The practical benefits are;
- enhanced cyber security due to activities of any malicious hackers being visible;
- instant access to records because the records are stored across the network;
- enhanced transparency as any access by health professionals or anyone else is visible, including to the patient; and
- enhanced control because the patient has the ability to deny access to their health record to particular users or user groups.
This type of solution is potentially a major step forward for records management in the public sector, particularly in terms of transparency to citizens and more control over whom may access their records.
Significant advances such as this often bring into focus a conflict between innovation and regulation. An example in the private sector is the innovations by Uber and the regulation of the taxi industry. The same goes for the innovations by Airbnb and the regulations of hotels. In the public sector, it is not possible to take the same cavalier approach to regulation as Uber or Airbnb. As a result, the success of a public sector innovative project may be compromised by the last minute discovery of an inconvenient regulation. Accordingly, it is wise to conduct an early review of the regulatory environment of any innovative IT project to determine whether any changes need to be implemented. For example, the information sharing required by an innovative blockchain eHealth records system may need to be reconciled with the privacy legislation. There is also my all-time favourite of digital signature and smart contract innovations being unable to utilise deeds due to a common law requirement from a case in 1584 that deeds must be on parchment, vellum or paper. This is a conflict which seems unnecessary and outdated.
Cyber Security Strategy
The Victorian Government has launched its Cyber Security Strategy which is aimed at keeping Government services and information safe from cyber threats. The strategy lists 23 actions including:
- The appointment of a “Chief Information Security Officer”;
- Development of cyber emergency governance arrangements with Emergency ManagementVictoria;
- Partnerships with the private sector to drive capacity building, establish whole of Government subscription for internet security information security services.
The release of this strategy illustrates an important focus by the Victorian Government on cyber security.