The Australian Government commissioned a review in response to claims Medicare card details were sold on the internet. This review has now closed.
About the review
The review, announced on 10 July 2017, examined access by health professionals to Medicare card numbers by using the Health Professional Online Services (HPOS) system or by calling us.
The Australian Government wants to ensure the system is convenient and secure. The system hasn’t been significantly changed since its establishment 8 years ago.
The review was led by Professor Peter Shergold AC. Dr Michael Gannon, President of the Australian Medical Association (AMA) and Dr Bastian Seidel, President of the Royal Australian College of General Practitioners (RACGP), were also members of the Review panel.
Discussion paper and the final report
The Review Panel invited submissions from interested parties on the issues raised in the discussion paper. Consultation closed on Friday 8 September 2017.
Feedback and suggestions were considered by the Review Panel in their final report to government.
The review has identified options to improve the security of Medicare card numbers within the department’s HPOS system, while continuing to support access to health services without unnecessarily increasing the administrative workload faced by health professionals. The report has been provided to the Minister for Health, The Hon Greg Hunt MP and Minister for Human Services, The Hon Alan Tudge MP.
The Review Panel worked closely with relevant stakeholders including the Australian and State and Territory Governments and peak industry bodies, the AMA, the RACGP, the Australian Association of Practice Managers, and the Consumer Health Forum.
The review was supported by a secretariat of officials from the Australian Government departments of Human Services, Health, and Attorney-General’s.
We thank those who made a submission, with over 20 responses received from the community, industry and government. Unless confidentiality was requested, all submissions, other than contact details, have been treated as public information and are available below:
- Australian College of Nursing
- Australian Healthcare and Hospitals Association
- Australian Medical Association
- Australian Privacy Foundation
- Consumers Health Forum of Australia
- Department of Health and Human Services Victoria
- eHealth Privacy Australia
- Law Society of NSW
- M Byrne
- Medical Software Industry Association
- National Aboriginal Community Controlled Health Organisation
- NT Health
- NSW eHealth
- Office of the Australian Information Commissioner
- Optometry Australia
- Paediatrics Burnside Hospital
- Pharmacy Guild
- QLD Health
- Royal Australian College of General Practitioners (RACGP)
- Rural Doctors Association of Australia
- University of Melbourne
- WA Department of Health
The department is required under the Disability and Discrimination Act to make all information published on its website accessible to all.
If you're using assistive technology and can't access submissions to the review, please contact the Secretariat.
Terms of Reference and scope of review
The review considered the balance between appropriate access to a patient’s Medicare number for health professionals to confirm Medicare eligibility, with the security of patients’ Medicare card numbers.
The review examined and advised on:
- the type of identifying information that a person should be required to produce to access Medicare treatment in both urgent and non-urgent medical situations
- the effectiveness of controls over registration and authentication processes at the health provider's premises to access Medicare card numbers
- security risks and controls surrounding the provision of Medicare numbers across the telephone channel, and the online connection between external medical software providers and HPOS
- the sufficiency of control by patients and the appropriateness of patient notification regarding access to their Medicare number
- the adequacy of compliance systems to identify any potential inappropriate access to a patient’s Medicare number
- any other identified area of potential weakness associated with policy, process, procedures and systems in relation to accessibility of Medicare numbers