This audit examined the effectiveness of the Department of Human Services’ management of Medicare customer data and the integrity of this data.
Audit objective, criteria and scope
The objective of the audit was to examine the effectiveness of the Department of Human Services’ management of Medicare customer data and the integrity of this data.
To assist in evaluating the department’s performance in terms of the audit objective, the ANAO developed the following high level criteria:
- Human Services has adequate controls and procedures for the collection and recording of high quality customer data;
- Medicare customer data as recorded on Human Services systems is complete, accurate and reliable; and
- customer data recorded on Human Services systems is subject to an effective quality assurance program and meets relevant privacy and security requirements.
The audit scope focused on the integrity of Medicare customer data and included related testing of all Medicare customer records. It did not examine Healthcare Provider Information, the allocation or management of Individual Healthcare Identifiers (IHI) or the operation of Personally Controlled Electronic Health Records.
The audit also considered the extent to which Human Services had implemented the six recommendations from ANAO Performance Audit Report No.24 of 2004–05 Integrity of Medicare Enrolment Data.
Medicare has been in place for 30 years and is accessed by almost all Australians and some visa holders and visitors. In 2012–13, Human Services reported over 23 million people enrolled in Medicare, including 618 533 new enrolments.
The department’s administration of Medicare is supported by a long‑established database, the Consumer Directory, which contains all Medicare customer records. As the repository of a large and evolving data set incorporating, on an ongoing basis, both new enrolments and changes to customer information, the Consumer Directory requires active management to maintain the integrity, security and privacy of customer data; essential prerequisites for the effective administration of Medicare.
Human Services’ framework for the management of Medicare customer data, including procedures and input controls for the entry of new enrolment information and changes to customer information, has not been fully effective in maintaining the integrity of data in the Consumer Directory. ANAO analysis of the department’s Medicare customer data holdings identified:
- at least 18 000 possible duplicate enrolments—an ongoing data integrity issue in the Medicare customer database;
- active records for customers without an entitlement as well as inactive records and some with unusual activity; and
- records which had customer information inconsistently, inaccurately and incompletely recorded.
In addition, the department advised the ANAO of instances where the records of two different customers are combined (‘intertwined records’), giving rise to privacy and clinical safety risks.
While the number of compromised records held in the database is not significant given the scale of the department’s data holdings, the data integrity issues referred to above indicate that departmental procedures and key elements of the data input control framework require management attention to improve operational efficiency, better protect customer privacy and clinical safety, and reduce the risk of fraudulent activity. The extent of the data integrity issues highlighted by the audit and the length of time these issues have been evident also indicate a need for the department to periodically assess the underlying causes of data integrity issues and implement necessary treatments.
The audit identified that additional attention should be given to: the tightening of data input controls, including the full and accurate completion of mandatory data fields in accordance with system and business rules; the adequacy and consistency of staff training and written guidance; addressing duplicate and ‘intertwined records’; and undertaking data integrity testing on a targeted risk basis. Further, Human Services’ procedures for managing the security of Medicare customer data do not comply fully with some mandatory requirements of the Australian Government’s Information Security Manual (ISM); significantly reducing the level of assurance of the relevant systems’ ability to withstand security threats from external and internal sources. The department should implement whole‑of‑government requirements in relation to system security.
Positive elements of Human Services’ approach to managing Medicare customer data include: unique customer reference numbers within the Consumer Directory, which have a high degree of integrity; a well‑developed privacy framework which contributes to maintaining the confidentiality of sensitive Medicare customer records; and a Quality Framework comprising a daily program of random checks on completed transactions by customer service officers. As discussed however, a fully effective approach to managing the integrity of data holdings requires that attention be given to the development and consistent implementation of the full suite of procedures and controls.
The ANAO last examined the integrity of Medicare enrolment data in 2004–05, making six recommendations. Human Services could demonstrate implementation of two recommendations but could not demonstrate implementation of the remainder, which were aimed at addressing data integrity issues, including duplicate enrolments, prior to the migration of Medicare customer data to the Consumer Directory. As discussed, the ANAO’s analysis in this audit indicates that the issue of duplicate enrolments has persisted; and, more broadly, the department has foregone an opportunity to enhance its performance by implementing a number of the earlier ANAO recommendations targeted at improving data integrity.
The ANAO has made five recommendations in the current audit aimed at enhancing the management and integrity of Medicare customer data by Human Services. The recommendations relate to improving training and guidance for customer service officers, addressing data integrity issues and their causes, and complying with the mandatory requirements of the ISM.