Terms of Reference

On 9 August 2017, the following matter was referred to Finance and Public Administration References Committee for inquiry and report by 16 October 2017:

Circumstances in which Australians’ personal Medicare information has been compromised and made available for sale illegally on the ‘dark web’, including:

  1. any failures in security and data protection which allowed this breach to occur;
  2. any systemic security concerns with the Department of Human Services’ (DHS) Health Professional Online Services (HPOS) system;
  3. the implications of this breach for the roll out of the opt-out My Health Record system;
  4. Australian government data protection practices as compared to international best practice;
  5. the response to this incident from government – both ministerial and departmental;
  6. the practices, procedures, and systems involved in collection, use, disclosure, storage, destruction, and de-identification of personal Medicare information;
  7. the practices, procedures, and systems used for protecting personal Medicare information from misuse, interference, and loss from unauthorised access, modification, or disclosure; and
  8. any related matters.

Submission closing date is 31 August 2017. The report is due to be tabled on 16 October 2017.

Committee Secretariat contact:

Senate Finance and Public Administration Committees
PO Box 6100
Parliament House
Canberra ACT 2600

Phone: +61 2 6277 3846