The confirmation that the National E-Health Transition Authority (NeHTA) is not covered by the FOI act despite the fact that annual reports on the operation of the act have for years past listed it as subject to the act, again raises the question: what other entities are out there carrying out important public functions with large amounts of public money that should be subject to the highest standards of transparency and accountability, but aren't?
NeHTA is a company limited by guarantee, established in 2005 by the Australian,State and Territory Governments, with those entities as Members.The board consists of the CEOs of the various commonwealth and state health departments and a couple of independent directors. It clearly exists to advance public purposes and is responsible among other things, for the healthcare identification service.It received member (state and federal government) contributions of $95 million last year. The accounts are audited by a private firm not the Auditor General and refer to Corporations Act, not public sector standards.The Annual Report is not to a minister and contains no reference to any of the usual public sector reporting requirements. On a related issue as a company with turnover in excess of $3 million, it seems NeHTA itself is subject to the private sector provisions of the Federal Privacy Act, not those that relate to the public sector, which given the nature of its business might come as a surprise. The website makes no mention of what privacy regime applies, but with regard to identifiers states: "New legislation introduced by the Federal Government sets out the governance, privacy safeguards and permitted use of healthcare identifiers. In addition the current state, territory and federal privacy legislation will continue to apply."
Here is the relevant transcript ( Finance and Public Administration 21 February at 112)