NZDF Health Information
It would be easy if it wasn’t for security
Military medicine 101
East Timor lessons learnt
Post game analysis,. Audit general report
To Serve, team players, motivated to be “fit to
Patient records have same protection as
civilians, except in extreme case.
– Confidentiality cornerstone.
similar to a rural civilian medical centre.
Doctor as Officer, works for Organisation
Health and wellness focus, more integration
with HR, other aspects org.
Military populations -
Disease was major cause
of death. 7
Mil Med works!! 6
– Minimizing impact of
illness on deployed force 4
– Major advances in last 3
50 years 2
JFHQ level planning
Wellness and force
M ex ican W ar
C iv il W ar
S p an ish -A m erican W ar
K o rean
V ietn am
– Health threat assessment
– Education plan
• Bugs are still there…..
Past and Present
Paper record mainly
– Focused on occupational grading
– Loose leaf, enclosed Chronologically
– Multi problem was a problem…..
Recall and follow up.
– Geographical, reminders difficult.
Looking back past last medical board,….
Auditor – Generals report
• Difficulty in determining numbers
meeting vaccine requirements, access
• Incomplete medical records
• Labour intensive
• Inadequate health surveillance
systems and linking risk factor to
– Joint electronic medical
– That meets individual care as well
as organisational and operational
wider planning requirements.
The future…… some ideas
Improved medical records access,
DMIS, health planning
Improved tracking of individual
Population Health surveillance/KPI
from clinical databases.
– Geo coding
– Bio strain measurer.
Cohort studies, should each
deployment be a virtual cohort
study? linked via NHI, when leave
– Cohort follow up. (US have a “2000
cohort” 100 000 military following
Greater availability, access, integration
National Tri service Workshop
Privacy Privacy Privacy
Concerns for patients privacy
– Cornerstone doctor patient relationship
– non authorised access
• Intra as well as inter organisation threat.
Concerns for Organisation, Force protection
– could be used by enemy
• Attack individual
• Attack system
Threats that the new system brings
Much more vulnerable to unauthorised
access from within
– Not everybody expects their health data to be
Somewhat more vulnerable to other
Force protection, military
– What part of the record is medical <> organisational
– Add complexity, soldier proof ?
– Source of attack,
• info could get from medical record for interrogation ??
Locations when where etc
– Over reliance on telemed, communications
– No major
Directorate of Defence medicine
• Unique military demands
• Staff, Community/patients, deployment, POW
How to balance availability of records with
Privacy became important part of the User
– (note the requirement to be actively looking for
misuse, not good enough to wait for compliant) ??
• Technical - restrictive.
• Technical - active looking
– No 3rd party testing!!
– Bases, screens, windows,
– Security checked
Technical – restrictive
– Password, network security, alert when
access notes outside Health care providers
– manage relationship database, single
source of the truth, shared data layer, etc.
Technical – proactive query to system for
– Look for misuse, can not be complaint driven.
– Late night access.
– Overly high access to notes
– Same surname access
– Notes opened when Doctor not in country…
Security - Policy
All health workers can see all records, but
with warning when looking outside your
Operational planning elements from each
health record extracted to SDL, one source
No sealed envelope
– We are watching you.
Security Officer in each medical treatment
In course training
Brig DGMS can see all…..
Care Plan Analysis Example
Gets a snap shot of overall status of cohort
Patient groups allow focus on a Service/Unit/etc (4.4)
Now adding “Group Plans”, allowing review (5.1)
• Plan A AND B; or Plan A OR B