Healthcare organisations are victims of one in ten in cyber attacks in Australia. Despite the size of your workplace whether it be a small practice or a large hospital, the need for cybersecurity is still high.
Criminals consider healthcare data extremely valuable due to the high volume of sensitive information. Sensitive information such as contact details, past addresses, date of birth and other personal details can be used for identity theft, while an individual's healthcare information may be used to extort the vulnerable. Due to the high returns criminals can gain for this information, they are often very willing to go to any lengths to bypass security.
Data breaches of a malicious or criminal nature are increasing globally and within Australia. The Australian Cyber Security Centre (ACSC) receives a report of a cyber crime in Australia every ten minutes. Data from the Office of the Australian Information Commissioner shows that criminal data breaches make up nearly two-thirds of all reported data breaches.
2020 | |
Notifications | 1,057 |
% criminal | 58% |
% human error | 35% |
% system fault | 5% |
Source: Notifiable Data Breaches Report, OAIC
Healthcare practices are a reservoir due to the large amounts of personal information they store making them a prime target for hackers. Ensuring you and everyone in your practice follows good cyber hygiene will help prevent your practice from falling victim to an attack or in the least limit the damage.
MIPS’ Indemnity Insurance policy relates to the healthcare services your provide, but it is not designed or intended to comprehensively cover every aspect of your business. If your business is at risk of being sued or possible cyber attack then practice entity and cyber cover is able to protect you from any loss. MIPS' partner, Aon, an insurance broker, offers Practice entity, cyber and public & product liability. MIPS receives no financial benefit or commission from this but provides assists members to apply for cover.
Key cyber security threats for healthcare organisations
Ransomware – A highly disruptive form of cyber-attack, ransomware is a form of malware designed to lock up, encrypt and extract data. These attacks are accompanied by extortion demands, requiring payment of a ransom (often in bitcoin) to decrypt or prevent publication of stolen data 1.
Data breaches – often caused by social engineering or impersonation.
DDoS attacks – a cyberattack on a server, service, website, or network that floods it with Internet traffic. The aim is to overwhelm the website or service with more traffic than the server or network can accommodate 2.
Phishing – a way that cybercriminals steal confidential information (online banking logins, credit card details, business login credentials or passwords/passphrases) by sending fraudulent messages (sometimes called ‘lures’).
Insider threats – include sabotage, theft, espionage, fraud, and competitive advantage, are often carried out through abusing access rights, theft of materials, and mishandling physical devices 3.
What you can do to protect yourself, your patients, and your organisation
Passwords:
- Make them long and strong.
- Don’t use things that can be easily guessed.
- Passphrases are a good idea.
- Use a password manager.
- Turn on multi-factor authentication.
Phishing emails
- Don’t open it if you don’t expect it!
- Be sceptical
- Be aware of your online presence.
- If you receive a suspicious link, do not open or click on it. Inspect it.
- Use strong passwords.
- Always ensure your software is up to date.
MIPS Membership
The benefits of membership include the MIPS indemnity insurance, which relates to the provision of healthcare. It excludes claims associated with the loss of, damage to, or the failure to adequately protect the security of electronic or hard copy medical records. MIPS does not provide a cyber cover or Practice Entity cover. Members need to make their assessment and consider their risk concerning this. MIPS has established a relationship with Aon to help facilitate MIPS members inquire and obtain an estimate for practice entity and cyber cover.
Useful resources
RACGP
- Responding to a cybersecurity incident information security in general practice
- Computer and information security standards
Australian Cyber Security Centre
- Multi-factor authentication for stronger cyber protection
- Back-up data to defend against cybercrime
- How to back up devices
- ReportCyber - Are you a victim of cybercrime?
MIPS webinars
MIPS Practice Notes
- Cyber risk: The essentials of online security
- Cyber: Legacy system letdown
- 22% of all cyber security breaches within healthcare
- Cyber security attacks - are you prepared?
- Hackers love health data
- Top 10 IT security tips for healthcare practices
[1] Locked Out: Tackling Australia’s ransomware threat
[2] What is a distributed denial of service attack (DDoS) and what can you do about them?
Missed the MIPS webinar? Catch up On-Demand
This information is not intended to be legal advice and as such should not be relied on as a substitute. You may need to consider seeking legal or other professional advice about your individual circumstances as appropriate. Should you wish to obtain further information you can review our Member Handbook Combined PDS and FSG or contact MIPS on 1800 061 113. You may need to consider seeking legal or other professional advice about your individual circumstances as appropriate. Information is current as at the date published.
Patient complaints, medicolegal litigation, AHPRA notifications, and investigations into conduct and behaviour are accepted aspects of the healthcare industry. Learning from medical errors and omissions is a vital part of any healthcare system’s quality and safety improvement efforts[1].
State of play
There is a small increase in the amount of litigation across all Australian jurisdictions. Being sued remains rare and going to a public trial is even rarer. MIPS has observed a steady increases in complaints and investigations.
Emerging issues and trends in medico-legal issues include:
- Higher numbers of disciplinary proceedings arising out of poor professional conduct such as inappropriate use of social media
- Telehealth related issues including possible claims/complaints from:
- failure or delay in diagnosis
- missing or poor follow up
- inadequate or no patient examination
- privacy and security breaches including recording consultations
- COVID-19 related issues such as:
- failure to prevent exposure
- failure to communicate potential adverse effects and material risks
- errors in administering the vaccine
- failure to obtain valid informed consent to receiving a COVID-19 vaccine
- Medicare and PSR investigations
Members should notify MIPS in a timely manner of any likelihood of a claim or complaint or adverse or unexpected outcome to a patient.
A claim in negligence requires:
- A duty of care to the person who suffered harm or loss.
- The duty of care has been breached.
- The breach caused the loss or harm suffered by the person.
Causes of litigation
The most common causes of ligation against healthcare practitioners are:
- Negligence
- Failure to:
- Diagnose a condition or delay in diagnosis.
- Provide sufficient and/or adequate advice.
- Disclose material risks.
- Obtain valid informed consent.
- Failure to:
- Trespass to the person
- Undertaking a medical intervention that involves touching a person without his or her consent.
- Performing any clinical intervention without a person’s valid informed consent
- Breach of contract
- Uncommon, but often combined with negligence.
- Failure to provide care at the promised standard.
- Breach of fiduciary duty
- Failure to keep fiduciary duties, such as:
- Maintaining confidentiality
- Avoiding conflicts of interest.
- Failure to keep fiduciary duties, such as:
What does it take for an action in negligence to succeed?
- Establishing that a duty of care was owed by a healthcare practitioner to a patient.
- Establishing the expected standard of care, and breach of that established duty of care by the healthcare practitioner.
- Establishing “causation”, that is, the breach of the duty of care caused, or materially contributed, to the damage or loss suffered.
- Establishing that the loss or damage was reasonably foreseeable.
- Consideration if loses and/or damages are assessable monetarily.
What is loss of chance in medical litigations?
If the treatment that would and should have been commenced upon diagnosis, may not necessarily have made a difference in the patient’s overall outcome, but may have given them the chance of a better outcome, then this has been considered a loss of chance.
MIPS resources
- Webinars
- Articles
[1]Nowotny, B. M., Loh, E., Lorenz, K., & Wallace, E. M. (2019). Sharing the pain: lessons from missed opportunities for healthcare improvement from patient complaints and litigation in the Australian health system. Australian Health Review, 43(4), 382-391.
Dental healthcare practitioners work with various third parties to develop opportunities, promote public health and assist with modern commercial realities. This relationship impacts the delivery of dental care to patients and can sometimes present its own risks.
Who are third parties?
Any outside body that can influence the dentist-patient relationship. These include but are not limited to:
- regulatory authorities (AHPRA and Medicare)
- private health insurers
- owners of dental clinics who are not dentists, corporations
- the public sector (government departments)
- the dental industry
- professional indemnity providers
- funding agencies
- rating websites.
Why are you being audited?[1]
Frequently, audits commence their life as a request for information or explanation from a third party. The request is often triggered because the practitioner has been identified as a statistical outlier. Third parties collect data to create statistical models, which are used to identify billing trends across the industry. If a practitioner falls outside the industry norms, they may be asked to provide an explanation as to why that is the case.
Alternatively, there may be a random audit, for example by AHPRA in relation to professional indemnity insurance or CPD.
It can also be triggered by a complaint.
What steps can I take to protect myself?
- Considered oversight of your requirements and obligations – regulatory, private and commercial agreements
- Documentation and adherence to these requirements
- Understand that delegation of coding, billing and clinical work does not remove responsibility.
- MIPS early involvement and assistance
- Cooperate and follow MIPS’ advice.
DO
- Understand your regulatory responsibilities and obligations
- Understand your responsibilities and obligations for all commercial dealings
- Ensure you understand the terms and conditions under which you are entitled to claim
- This includes reviewing your HICAPS agreement if you utilise a HICAPS machine
- Ensure that you have some oversight of the codes being put through on your provider number
DON’T
Be creative in your claiming/code use.
MIPS Resources
- Medicare auditing increase and the PSR
- Pressure of own culture
- Medicare keeps tabs on your billings
- What happens when...
- Using the new MBS telehealth item numbers
Missed the MIPS webinar? Catch up On-Demand
This information is not intended to be legal advice and as such should not be relied on as a substitute. You may need to consider seeking legal or other professional advice about your individual circumstances as appropriate. Should you wish to obtain further information you can review our Member Handbook Combined PDS and FSG or contact MIPS on 1800 061 113. You may need to consider seeking legal or other professional advice about your individual circumstances as appropriate. Information is current as at the date published.
During any given workday, you most certainly will have several encounters, meetings and interactions with patients and their families. It has been cited that a lack of time in these interactions can sometimes be an obstacle to developing caring therapeutic relationships, as they require high level and well-developed communication between patients and healthcare practitioners .
Demanding healthcare encounters can provoke unnecessary anxiety in those involved and reduce public’s confidence in the healthcare system. In addition, differences in communication styles and objectives, needs and expectations related to these encounters can further impact the quality of a doctor-patient interaction.
The area of concern from a medico-legal and risk management perspective, is that most patient-reported complaints relate communication and interactions with healthcare practitioners. Therefore, highly effective communication between parties and inclusion in decision-making is crucial in increasing a patient’s satisfaction during a healthcare encounter
The root causes of a complaint
Research1,2,3,4 shows that a patient’s reported complaint can include recurrent descriptions of suboptimal experiences, such as:
- Insufficient or lack of respect and empathy.
- Not being approached in a professional manner generating feelings of not being valued as a person and therefore, affecting their sense of dignity.
- Feeling disregarded and rushed by the healthcare professional.
- Feeling dissatisfaction and a lack of resolution for multiple health issues.
- Perceived neglect, rudeness, or insensitive treatment from the healthcare practitioner.
- Poor or inadequate doctor–patient communication.
- Lack of comprehension of the medical information given.
- Perceived nonchalant treatment.
- The patient’s need for justice
Regulatory considerations
Australian Health Practitioner Regulation Agency (AHPRA) & National Boards Code of Conduct
4.3 Effective communication
Effective communication is an important part of the doctor–patient relationship. It involves:
4.3.1 Listening to patients, asking for and respecting their views about their health, and responding to their concerns and preferences.
4.3.2 Encouraging patients to tell you about their condition and how they are currently managing it, including any other health advice they have received, any prescriptions or other medication they have been prescribed and any other conventional, complementary, or alternative therapies they are using.
4.3.3 Informing patients of the nature of, and need for, all aspects of their clinical management, including examination and investigations, and giving them adequate opportunity to question or refuse intervention and treatment.
4.3.4 Discussing with patients their condition and the available management options, including their potential benefit and harm and material risks.
4.3.5 Endeavouring to confirm that your patient understands what you have said.
4.3.6 Responding to patients’ questions and keeping them informed about their clinical progress.
4.3.7 Taking all practical steps to ensure that arrangements are made to meet patients’ specific language, cultural and communication needs, and being aware of how these needs affect patients’ understanding.
4.3.8 Familiarising yourself with, and using whenever necessary, qualified language interpreters to help you to meet patients’ communication needs. Government-funded and fee-for-service interpreter services are available.
Professional considerations
RACGP Criterion C1.3 Informed patient decisions
Patients have the right to make informed decisions about their health, medical treatments, referrals and procedures. As a healthcare practitioner, you have a duty to provide information that the patient can understand and that is tailored to their individual needs.
RACGP Criterion C2.1 Respectful and culturally appropriate care
The ideal patient-practitioner partnership is a collaboration based on mutual respect and mutual responsibility for the patient’s health. The duty of care includes clearly explaining the benefits and potential harm of specific medical treatments and the consequences of not following a recommended management plan.
MIPS’ Medico-legal key advice tips
- Provide comprehensive information and explanations that will help form a coherent understanding regarding what is happening with their health.
- Facilitate the patients’ autonomy, integrity and participation in their care by keeping them informed about their health conditions and available treatments.
- Ensure continuity in care and open collaboration between relevant healthcare providers.
- Protect and respect the patients’ dignity; be mindful of the imbalance of power and a patient’s vulnerability during appointments
- Follow your organisation’s communication protocols and strategies to handle patients’ complaints
- Maintain contemporaneous and comprehensive notes and health records.
- Always contact MIPS in the event of adverse or unexpected patient outcome, complaint, claim or investigation concerning your healthcare.
1Warnecke, E. (2014). The art of communication. Australian Family Physician. 43:3 156 – 158.
2Skär, L., & Söderberg, S. (2018). Patients’ complaints regarding healthcare encounters and communication. Nursing open, 5(2), 224-232.
3Bano, U., Ahmed, A., & Tassadaq, N. (2021). Medical professionalism: comparing views of public and doctors. PAFMJ, 71(2), 584-87.
4Abdelrahman, W., & Abdelmageed, A. (2017). Understanding patient complaints. BMJ: British Medical Journal, 356
Any queries, contact MIPS
This information is not intended to be legal advice and as such should not be relied on as a substitute. You may need to consider seeking legal or other professional advice about your individual circumstances as appropriate. Should you wish to obtain further information you can review our Member Handbook Combined PDS and FSG or contact MIPS on 1800 061 113. You may need to consider seeking legal or other professional advice about your individual circumstances as appropriate. Information is current as at the date published.
Additional resources
Articles
- Managing complaints | MIPS
- Potential exposure to complaints | MIPS
- Handling Complaints – the Dos and Don | MIPS
- Practising under adversity - claims, complaints | MIPS
- I've had a complaint or adverse event | MIPS
- Have you been involved in an adverse outcome | MIPS
Webinars
A healthcare error's emotional toll can be significant and include several negative emotions, including guilt, shame, anxiety, fear, and in extreme cases, depression. The pervasive culture among healthcare professionals to strive for perfection and the burden of blame in medicine are significant contributing factors to these harmful effects. In the face of adverse patient outcomes, a sense of isolation and a lack of peer and organisational support can also be responsible and impact wellbeing, burnout, and decreased job satisfaction.
Healthcare environments can be busy, noisy, or simply chaotic, thus becoming fertile grounds for diagnostic, procedural or medication errors that may place patient care at risk1. These complex conditions inherently lend themselves to potential situations which may put clinicians at risk of receiving a complaint resulting in a civil claim, investigation and/or regulatory action by AHPRA, the Medical Board or one of the State-based Health Care Complaint Commissions.
The first step to decreasing clinical errors is to understand how and when they are more likely to occur. The literature asserts there are cognitive and non-cognitive (system based) factors are at play, which synergistically combine to make a healthcare practitioner more prone to medical or dental errors2 (Table 1). The inherently fast and unpredictable nature of emergencies, technical failures and equipment problems, frequent interruptions, policies, and procedure that may actively create error- prone situations or unnecessary delays, as well as failed oversight of system related issues are all potential scenarios where things can go wrong.
At the same time, cognitive errors due to flaws in critical thinking, clinical reasoning and decision-making can be at play3.
System related factors | Example | |
Policy and procedures | Policies that fail to account for certain conditions | |
Inefficient processes | Absence of expedited pathways | |
Teamwork or communications | Failure to share needed information or skills | |
Management | Failed oversight of system issues. | |
Expertise unavailable | Required specialist not available in a timely manner | |
Training and orientation | Clinicians not made aware of correct procedures or policies | |
Cognitive related factors | ||
Faulty knowledge | Knowledge o diagnostic skills for certain conditions | |
Faulty data gathering | Ineffective or incomplete history taking and physical information, failure to screen. | |
Faulty synthesis & information processing | Lack of awareness or consideration of relevant factors in a patient’s situation, under or overestimating the salience of a finding, failed heuristics, misidentification of a symptom or sign, faulty interpretation of a test result | |
Faulty verification | Premature closure (failure to consider other possibilities once a diagnosis has been made), failure to order or follow up a test, failure to gather other useful information to verify diagnosis. |
Table 1: Cognitive and non-cognitive factors associated with medical errors. Adapted from Graber & Franklin (2005)4 .
Strategies to minimize cognitive and non-cognitive errors and mitigate your clinico-legal risk5,6
- Firstly, remember that mistakes happen. We are only human; errors will inevitably occur.
- Use checklists, Guidelines and Algorithms. Cognitive function is affected by levels of stress and fatigue. Checklists reduce the reliance on memory and thus minimise cognitive errors. They can assist with:
- Diagnosis
- Ensure standardisation
- Provide reminders of evidence-based practice.
- Obtain additional expertise through consultation. Consulting and learning from more senior clinicians give you access to the collective wisdom gained through group decision-making.
- Develop a reflective practice. Also known as a diagnostic “time out,” this strategy aims to foster metacognition, whereby a practitioner re-evaluates an experience and considers alternatives to produce insights that may lead to change in behaviours in future practice.
- Develop an understanding of the clinical reasoning process and its inherent flaws. This strategy involves knowing the major heuristics and biases and how they may lead to cognitive error.
- Adopt Heuristic-based strategies. Also known as ‘cognitive forcing strategy’, this debiasing techniques encourages you to deliberately choose analytic reasoning in situations where an intuitive approach may lead to error.
- Avoid counterproductive responses. Circular thinking, emotional repression and avoiding a patient that has suffered an adverse event are unhelpful and do not change what happened. Recognize what is happening and take action to break the cycle.
- Take positive steps. Accept responsibility, talk to trusted peers, avoid blaming others or the environment. Recognizing your part in the mishap is the first step to move forward.
- Maintain contemporaneous patient health records. This includes updating a patient’s medical and family history to assist with the communication of information among multiple clinicians.
- Contact your medical defense organisation (MDO) early with any issues. Note that MDO advisers are exempt from mandatory reporting to AHPRA.
Relevant MIPS resources
Webinars
- Diagnostic Error in Medicine
- The Evolution of a Dental Complaint
- Anatomy of a notification: Why patients raise complaint
- Diagnostics: Improvements in healthcare
- Diagnostics: A team sport
- Safety, Quality, and improvements in Diagnosis
- COVID-19 – Diagnosis and pathology
Articles
- Working under pressure and avoiding legal hazards
- Diagnostic errors in medicine
- Diagnostics - A Team Sport
- How to avoid diagnostic errors in the ED
- Dental - Express yourself clearly!
- Medical Administration: Understanding the implications for individuals and organisations
1Westbrook, J. I., Raban, M. Z., Walter, S. R., & Douglas, H. (2018). Task errors by emergency physicians are associated with interruptions, multitasking, fatigue and working memory capacity: a prospective, direct observation study. BMJ quality & safety, 27(8), 655-663.
2Croskerry, P., & Sinclair, D. (2001). Emergency medicine: a practice prone to error?. Canadian Journal of Emergency Medicine, 3(4), 271-276.
3Hartigan, S., Brooks, M., Hartley, S., Miller, R. E., Santen, S. A., & Hemphill, R. R. (2020). Review of the basics of cognitive error in emergency medicine: Still no easy answers. Western Journal of Emergency Medicine, 21(6), 125.
4Graber ML, Franklin N, Gordon R. Diagnostic Error in Internal Medicine. Arch Intern Med. 2005;165(13):1493–1499. doi:10.1001/archinte.165.13.1493
5Ibid 4
6Tessa Davis (2017). Coping with errors, Don't Forget the Bubbles. Available at: https://doi.org/10.31440/DFTB.11227
Any queries, contact MIPS.
This information is of general nature only and not intended to be legal advice and, as such, should not be relied on as a substitute. You may need to consider seeking legal or other professional advice about your individual circumstances as appropriate. Should you wish to obtain further information about products offered by MIPS, you can call us on 1800 061 113 or review our Member Handbook Combined PDS and FSG. You may need to consider seeking legal or other professional advice about your circumstances as appropriate. Information is current as of the date published.
From time to time, healthcare practitioners are asked to respond to requests from law enforcement agencies. These requests can relate to urgent patient medical information or statements about the cause of injury/trauma and/or death and include relevant supporting documentation. The information that is ultimately provided needs to be accurate, factual, compatible with the GP’s qualifications, training, and experience and in accordance with the law to minimise the potential for any medico-legal concerns.
The AMA Code of Conduct requires medical practitioners to maintain a patient’s confidentiality, noting some exceptions such as:
- If there is a serious risk to the patient or another person
- Where required by law
- Where part of approved research
- Where there are overwhelming societal interests
At common law, medical practitioners owe a duty of confidentiality to their patients in relation to information obtained as part of the therapeutic relationship. This is not an absolute duty and there are some exceptions. For example:
- If the patient waives their right to confidentiality
- If there is a statutory or lawful excuse
- When it is in the public interest to disclose the information.
There are also legislative requirements which impose obligations in relation to the disclosure, or not, of patient information. There is a consensus in the legislation that information can only be disclosed if the following conditions are met:
- The patient consents to the release of information
- Release occurs in connection with the administration of health legislation
- Release under subpoena in legal proceedings
- Another lawful excuse, such as public policy/interest
Can you keep a secret
Whilst medical practitioners are legally and ethically bound to ‘keep a secret’, to what extent can medical practitioners disclose information to third parties (eg Police) if there has been an admission of a crime in the course of a medical consultation? Generally speaking, it is illegal to withhold information from Police concerning the commission of a crime. In NSW, it is an offence to conceal a serious indictable offence (examples include murder, sexual assault, dangerous driving occasioning death or grievous bodily harm) This applies if:
- A serious indictable offence has been committed; and
- A person knows or believes that it has been committed; and
- A person has information that might assist in the apprehension, prosecution or conviction of the offender; and
- The person fails, without reasonable excuse, to bring the information to the attention of the police or other appropriate authority.
However, to prosecute a medical practitioner, psychologist or nurse thought to be withholding such information, which has been formed or obtained from information in the course of practising in that professional context, consent is first required from the Attorney General. The Attorney General will decide whether it is in the public interest to prosecute the individual under the relevant section of the Crimes Act (NSW). Commentary in relation to this provision, particularly from the Law Reform Commission, indicates it is likely to be determined it would not be in the best interests of the public to prosecute a doctor, nurse or psychologist for not breaching their duty of confidentially.
It is recognised that the therapeutic relationship is best served by patients being forthcoming with information about their personal circumstances and this is likely to be seriously compromised if patients know their clinician may be charged with an offence for withholding information obtained from them. Whilst this addresses at least generally, the position for clinicians in the criminal jurisdiction, what is the position in the civil jurisdiction – can clinicians be sued for damages for failing to disclose confidential information? Whilst there is no simple answer to this question, there is a case which provides some insight into the steps that should be taken when a medical practitioner is faced with a doctor – patient confidentially conundrum.
Case study
PD v Harvey [2003] NSWSC 487
In 2003, a GP was sued for failing to disclose to a patient that her future husband was HIV positive. Prior to the upcoming wedding, the future wife (PD) and the future husband (FH) attended their GP together to obtain health checks, including STI checks. PD was a virgin and FH was not. Following the checks and in separate consultations with PD and FH, the GP advised PD that she did not have any STIs and advised FH he was HIV positive. FH subsequently provided PD with fraudulent test results. PD and FH were married. PD contracted HIV. PD then sued the GP and the practice for, among other things, failing to disclose FH’s negative test results to her. The Court found that it is appropriate for a GP to counsel a patient with HIV and attempt to persuade that patient to inform other persons who may be at risk of infection. The GP was not obliged to inform persons at risk of infection (eg PD), as this would be contrary to doctor-patient confidentiality obligations. If the GP had jointly discussed with PD and FH, who would be given the test results and if their joint consent to disclosure had been obtained during that discussion, the GP and medical practice would have been authorised to provide PD with FH's test results.
Take home messages
The principal exception to a clinician’s duty of confidentiality is when there is a serious risk of immediate harm to the patient or a third party. When considering whether a clinician should disclose information which is confidential, serious thought needs to be given to the following:
- The seriousness of the offence involved;
- Level of public risk – is there a risk of harm; and
- The impact the disclosure will have on the patient
- If you find yourself in circumstances similar to those outlined above and you are unsure as to your obligations, call your adviser at MIPS to seek guidance and direction.
Further reading
Rogers v Whitaker (1992) 175 CLR 479 at 483
Health Records and Information Privacy (HRIP) Act 2002 (NSW)
Mental Health Act 2007 (NSW)
Public Health Act 2010 (NSW)
Privacy Act 1988 (CTH)
Children and Young Persons (Care and Protection) Act 1998 (NSW)
Section 316 of the Crimes Act 1900 (NSW)
A serious indictable offense means an indictable offence that is punishable by imprisonment for life or for a term of 5 years or more
See Section 316(4) and the Crimes Act (NSW) regulations for full list
Whilst it is difficult to estimate the percentage of Australians who undergo cosmetic procedures each year, as there is no obligation for health practitioners to share their figures, there is unanimity that Australians continue to spend up on cosmetic procedures1. An annual spend on minimally or non-invasive cosmetic procedures topped the $1 billion mark for the first time in 2016, which is more than 40% higher, per capita, than in the United States2.
Since achieving this concerning milestone, scantly efforts have been reported to protect the mental health of those seeking body-altering cosmetic procedures. The literature asserts that a significant number of patients who request cosmetic procedures also struggle with mental health problems associated to an increased psychological vulnerability to appearance concerns3. An independent review carried out by AHPRA and the Medical Board in August this year4 advised the guidelines about mental health evaluation ought to be “strengthened” and highlighted the relevance of healthcare professionals receiving further training to assess psychiatric disorders better.
If health practitioners who perform these treatments could recognise these issues early on, they would be in a better position to protect these patients and advise those for whom a body-altering medical treatment may not be the best clinical intervention5.
Key elements of psychological vulnerability to appearance concerns
- Low self esteem
- Heavy reliance on appearance for self-worth
- Lower mood
- Higher levels of perfectionism
- Greater internalization (buy-in at a personal level) to appearance ideals
- Greater susceptibility to messages in social media & advertising
- The Beauty Myths
- Greater susceptibility to pressure from peers, family, partners
- The tendency to engage frequently in unfavourable comparisons with others and to choose unrealistic targets for comparison (e.g., celebrities, supermodels, rather than peers)
Patient Assessment Tools (PATs)
Evidence based framework for assessment & follow-up designed to:
- Enhance assessment by facilitating a semi-structured interview between surgeon & prospective patient
- Inform appropriate patient management
- Facilitate follow-up
- Provide a common framework for audit & research
- The PAT is about managing patients more effectively - not excluding them:
- Majority of patients need no extra intervention
- Most of those that do can be managed with extra sessions, a longer cooling off period or information by the clinic
- A small minority will benefit from psychological assessment/ intervention
- Of these, a small number may not proceed to surgery/treatment
Benefits of rolling out the PATs
- Using the PAT routinely will help surgeons/practitioners to:
- Identify psychological vulnerability and manage it appropriately
- Meet the Medical Board of Australia Guidelines & key AHPRA recommendations re training & assessment
- Enhance cosmetic practice by better meeting patients’ needs (Do No Harm)
- Demonstrate duty of care (offering protection to surgeons & practitioners)
- Demonstrate commitment to social responsibility agenda
Challenges of rolling out the PATs
- Lack of regulation to date
- Reluctance of professional bodies to ‘burden their members’
- Reluctance of individuals to self-police
- Reduce profits? Lose patients to competition?
- Lack of understanding re imperative to tackle BI
- A fragmented industry; cooperation lacking
- The intention-behaviour gap
- Training
- Investment of time by surgeons, clinic staff
- Face-to-face is most effective in facilitating change
- Training
- Behaviour change is hard!
- Road shows? (Hang-over from the pandemic)
- Mingle events (surgeons/practitioners/nurses/psychologists
- Facilitating access to support & advice to support change process
Relevant MIPS resources
- Telehealth: Injecting risk into cosmetic practice
- AHPRA commissions review into cosmetic surgery
- Major review of cosmetic surgery industry announced
- Botox lands doctor before committee hearing
- Do you undertake surgical placement of dental implants?
- Raising standards of clinical care and decision-making
1 Sharp, G., Rumsey, N. (2022) What’s the connection between cosmetic procedures and mental health? The Conversation.
2Australia's spend on cosmetic treatment tops $1 billion (2016) Cosmetic Physicians College of Australasia.
3Auer, D. (2020). Understanding body image from a psychosocial stance: how this connects with patients requesting cosmetic procedures. Journal of Aesthetic Nursing, 9(3), 128-131.
4Independent review of the regulation of medical practitioners who perform cosmetic surgery (2022). AHPRA.
5Maisel, A., Waldman, A., Poon, E., & Alam, M. (2020). Types of cosmetic procedures requested by different types of patients and the reasons for these preferences. Dermatologic Surgery, 46(12), 1728-1732.
What a year it has been for MIPS and its members! The healthcare industry witnessed numerous changes in 2023, including revisions to telehealth regulations, new guidelines for advertising and performing cosmetic surgery and non-surgical procedures, and stricter guidelines for patient safety. In our final webinar for 2023, we explore some of the most notable cases and respond to issues that our members have told us are important to them, including employment contracts, dental scope of practice, and discuss some recent trends from our medico-legal advisory service.
Common employment contract issues
Negotiating a Written Contract
- Read the "fine print".
- Contracts are usually not set in stone - always feel free to negotiate the terms.
- Seek legal advice if you have any concerns.
Insurance/Indemnity
- Is the employee indemnified by the employer or is your own separate professional (medical) indemnity insurance required? AHPRA requires you to have an indemnity arrangement for all aspects of your practice.
- Is the employee being asked to accept wider liability for matters outside of his/her control – eg public liability or workers’ compensation?
- Check coverage with your Medical Defence Organisation.
Am I an Employee or Contractor?
- Rule of thumb: Are you (a) performing services as a business owner or (b) working for another person’s business as a representative of that business.
- Is the contract an employment contract or a facilities agreement?
- What are the consequences? leave entitlements, superannuation, unfair dismissal, insurance, tax, GST, other.
Termination/resignation
- Minimum notice periods for termination by employer are in the Act but contract can provide for longer notice periods.
- Generally, notice of resignation and notice of termination periods reflect each other.
Scope of practice
Scope of practice governs basically everything you do in your day-to-day job.
- You should not practice outside your scope of practice.
- You must only perform dental treatments that you have been educated and trained in, and that you are competent in.
- MIPS cannot assess your scope of practice for you. The Dental Board highlights that You are responsible for knowing your own scope of practice, so you must learn to assess your expertise. Get advise from professional bodies.
- Confidently educate your colleagues and patients on the limits of your scope of practice.
- Section 3 guides you on the elements to consider. It also looks at the benefits of doing continuing professional development (CPD) to:
- maintain and improve your skills and experience.
- broaden your scope of practice within your division.
- In the event of a regulator investigation, whilst MIPS will assist you, it is up to you prove to prove you have the appropriate qualifications, training and experience for that practice.
- The regulator will then assess accordingly. If the regulator assesses negatively, you may face punitive actions – registration conditions or even suspended registration.
Tales from the bar
Medical Board of Australia v Carr (Review and Regulation) [2023] VCAT 945
A practitioner has been the subject of disciplinary proceedings due to their conduct in dealing with the VAD legislation. In this case, the doctor inadvertently failed to have the patient sign a declaration properly. There was no suggestion that the patient was not eligible to participate in VAD. The VAD Board identified the irregularity in the paperwork and referred the doctor to the Medical Board. An allegation of professional misconduct was made, which the doctor accepted. He was reprimanded and fined $12,000. In the decision, the Tribunal stressed that compliance with all requirements of the VAD Act is vital not only for the protection of patients but also to ensure public confidence in the VAD process is not eroded.
Medical Board of Australia v RRB (Review and Regulation) [2023] VCAT 666 (16 June 2023)
This VCAT decision involved three allegations of professional misconduct concerning a doctor’s treatment of, and prescribing of scheduled drugs (including drugs of dependence) to his wife. There was a further allegation relating to self-administration of one of the drugs prescribed to his wife. The conduct came to light because of a notification made by another health practitioner, following the patient being admitted to hospital for an alleged overdose.
The doctor made early admissions, co-operated with investigations, retired from practicing, and surrendered his registration.
This case should serve as a salutary reminder to the medical profession as to the inherent dangers of treating family members, absent emergency, more so (as in this case) that treatment includes the prescribing of drugs of dependence.
Failure to cooperate with the regulator
A practitioner whose conduct is the subject of an investigation by the Board has a duty to assist the Board in its enquiries. That does not mean that the practitioner must disregard his own interests. But it does mean that there is an obligation upon the practitioner to respond to reasonable requests for information, particularly when considering the fact that often the practitioner will have better knowledge and understanding of the matter, the subject of the complaint, than will the complainant.
Doctors’ responsibilities and rights relating to investigation or any legitimate inquiry are also set out in clause 10:11 of Good Medical Practice: Code of Conduct for Doctors. A failure to cooperate with the regulator could amount to professional misconduct.
Additional MIPS resources
CPD accredited webinars
Self-esteem and Body Image - A growing social and community issue
Regulatory Change – Telehealth
Risk Management for Oral Health Therapist
Articles
Updates in Telehealth Guidelines: What You Need to Know
Major cosmetic reforms effective 1 July 2023
Employment contract basics for healthcare practitioners
Employment contracts – Making them work for you
Top tips for preventing escalation of issues and what to do when suspended or dismissed
Other resources
Verbal assignment of benefit arrangements for telehealth services
Assignment of benefit and signature requirements for MBS telehealth services
New Cosmetic Surgery and Procedure Guidelines to take effect from 1 July 2023