The Lumos program has many controls to minimize privacy risks and promote transparency and accountability across the program:

Privacy preserving record linkage (PPRL)

The Lumos program uses technology that has been developed by Curtin University to protect patient privacy during record linkage. Information that could identify individual people is encoded at the general practice before any data are transferred from the system, which means that no personal details leave the practice. Therefore, individual people are not identified in the Lumos data asset at any stage of the linkage process.

Ethical approval

Lumos is ethically approved by the NSW Population and Health Services Research Ethics Committee (PHSREC ref 2019/ETH00660) to link data for the planning, funding, management and evaluation of health services.

Operating under ethical approval means that an independent panel has assessed the potential risks, benefits and integrity of the program. Any major changes to the program must be reviewed and approved by the ethics committee before the changes can be made.

Governance structures

The Lumos program operates within governance structures in collaboration with representatives from a wide range of organisations, including:

  • Primary Health Networks (PHNs)
  • local health districts (LHDs)
  • consumer representatives
  • general practitioners
  • Aboriginal Health and Medical Research Council (AH&MRC)
  • Centre for Aboriginal Health (CAH)
  • The Centre for Health Record Linkage (CHeReL)
  • Royal Australian College of General Practitioners (RACGP)
  • Australian Medical Association (AMA).

Having a range of organisations involved with the Lumos program helps to ensure there are appropriate levels of transparency and accountability.

Consumer representation

We currently have four experienced consumer representatives on the key Lumos committees. These representatives come from a range of personal and professional backgrounds with experience using the health system themselves or as a carer. Our consumer representatives are invaluable in advising on the perspectives of patients and carers across NSW to ensure their needs are met in the Lumos program.

Independent privacy impact assessment

In 2020, an independent privacy impact assessment (PIA) was conducted by former NSW Deputy Privacy Commissioner, Anna Johnston, Principal at Salinger Privacy. The PIA investigated the privacy and security measures in the Lumos program and commended the program's privacy impacts, stating: "In our view, the Lumos Program has been well designed to protect patient privacy to a very high degree, and does not give rise to any likely negative impacts on individuals during the data extraction, data linkage or data analysis stages" (Anna Johnston, September 2020).

Secure storage

Lumos data is securely stored in a centralised cloud solution called the Secure Analytics Primary Health Environment (SAPHE). This SAPHE complies with strict NSW eHealth privacy and security requirements to ensure data in the Lumos program is thoroughly protected.

Access to the SAPHE is limited to approved users and overseen by the Lumos Data Governance Committee, which includes representation from groups including PHNs, LHDs, AH&MRC and consumers.

Current as at: Friday 17 December 2021