Medicare fraud bill would make 'honey pot'

Finbar O'Mallon

Putting Australian's personal information all under Medicare's roof could create a "honey pot" for hackers, experts warn.

The federal government has proposed new laws to crack down on Medicare fraud that would see departments sharing information with Medicare.

But Vanteum chief executive Alistair Muir warns by centralising such sensitive information, the government was putting Australians at risk.

Australia's top medical body has also warned the proposed bill fails to balance privacy obligations and the need for privacy.

The Australian Medical Association said it had "major concerns" about the bill in a submission to the government.

It said the bill effectively allowed departments not to comply with privacy laws when providing data matching services.

The bill would see departments such as Home Affairs and Veterans' Affairs, and programs such as the Pharmaceutical Benefits Scheme share information with Medicare.

When introducing the bill to the lower house in October, Health Minister Greg Hunt gave the example of a patient making a Medicare claim despite being overseas at the time.

Mr Muir told AAP that centralising the data created a honey pot and Medicare should not be allowed to see so much personal information on Australians.

Vanteum's joint submission with tech company Galois warned there was also the risk of "insider threats" or accidental disclosures by Medicare staff.

He said the legislation was proposing an "out of date" model.

"The intent is a good one ... (but) that's an antiquated way of doing it," Mr Muir said.

He has suggested another method, which he said would see Medicare provide one-off requests to government agencies who would provide answers to Medicare.

This avoided the departments sending out private information to Medicare.

But he said there should also be stricter regulations around the encryption required to share the information between departments.

Private Health Australia, a lobby group for private health insurers, said it wanted the bill tweaked to give it more access to data to pick up on any potential private health fraud.

The bill allows private health insurers to share information with Medicare on a voluntary basis but they are not allowed to receive information.

Even so, the AMA says this one-way proposal would see insurers share private data with Medicare without their patients' consent.

This could result in private insurers sending their entire database to Medicare in the hopes of picking up fraudsters, it says.

The bill already rules out using My Health data for data matching.