Health Information Bill

Order for Second Reading read.

Mr Deputy Speaker: Senior Minister of State Tan Kiat How.

4.05 pm

The Senior Minister of State for Health (Mr Tan Kiat How) (for the Coordinating Minister for Social Policies and Minister for Health): Mr Deputy Speaker, on behalf of the Minister for Health, I move that, "The Bill be now read a Second time."

I will first set out the context of the Health Information Bill (HIB) and its role in supporting the transformation of our healthcare delivery model. I will then outline how the HIB will help Ministry of Health (MOH) achieve the goal of "One Patient, One Health Summary, One Care Journey", and bring Members of the House through the key provisions of the Bill, before finally covering our plans to commence the Bill from early 2027.

Sir, Singapore is rapidly ageing. By 2030, one in four Singaporeans will be aged 65 and above. This substantial demographic shift brings with it a higher burden of chronic diseases and a higher proportion of patients with multiple co-morbidities. These patients will need well-coordinated, sustained care.

This is why we are transforming our healthcare delivery, from being hospital-centric to delivering care in the community. We are implementing national programmes like Healthier SG and Age Well SG, as well as initiatives, such as the Home Personal Care and Mobile Inpatient Care @ Home.

Sir, this effort will enable patients to benefit from timely and more holistic care. Patients will receive care from a wider range of healthcare providers, not just at public hospitals and polyclinics, but also at home or in the community, including at general practitioner (GP) clinics, dialysis centres and via home medical or rehabilitation services.

The sharing of a patient's key health information across settings and service providers is therefore essential. Such sharing of health information will also benefit younger patients who visit new healthcare providers or encounter medical emergencies.

Today's situation is not ideal. Currently, when patients move between healthcare providers, such as from private specialist clinics to their GPs, their key health records are often not accessible across providers. Such gaps can risk medication errors, delayed treatment and duplicate tests and procedures.

This is why many jurisdictions, such as Australia, Estonia, Finland and Norway, have developed robust governance frameworks to govern the sharing of health information across healthcare providers. This sharing regime has led to better patient outcomes, reduced costs and more effective and efficient healthcare delivery. We have studied these jurisdictions carefully and adopted key features suited to our local context.

But, Sir, in practice, we are not starting from scratch. Singapore started sharing health information across providers since 2011, with the implementation of the National Electronic Health Record system (NEHR). Today, all public hospitals and polyclinics are already contributing key health information to NEHR. Public hospitals contribute about 80% of total beds in Singapore and account for approximately 90% of hospital stays. And with Healthier SG, most GP clinics are already onboarded to NEHR. This has been of tremendous benefit for GPs and their patients. Most private hospitals have also onboarded to NEHR, while the remaining are in the process of doing so.

Hence, the vast bulk of key healthcare services are already on NEHR, or coming onboard soon, leaving a small group that have not done so, such as specialist clinics, clinical and radiological laboratories and dental clinics.

Sir, with your permission, may I ask the Clerks to distribute a handout on the key elements of the HIB.

Mr Deputy Speaker: Please proceed.

Mr Tan Kiat How: Thank you, Sir. Members may also access the handout through the MP@SGPARL App. [A handout was distributed to hon Members.]

Sir, the HIB will help us realise the vision of "One Patient, One Health Summary, One Care Journey" in two important ways.

First, the HIB will close the remaining gap by requiring all licensed healthcare providers to contribute to the NEHR and providing for their NEHR access. This will allow patients' key health information to be accessible by their healthcare providers when they move across healthcare settings. Patients will benefit from better coordinated care, enhanced quality of care and lower costs.

Let me illustrate with a hypothetical example of 50-year-old Ms Kamala, as covered in the infographic. Ms Kamala regularly visits her nearby GP to manage her chronic health conditions. She recently moved to a new estate. When she visits a different GP near her new home, the doctor there can make informed care decisions based on Ms Kamala's health information in NEHR.

Her new doctor can see which tests have been done and the medications that have been prescribed. He need not repeat the tests, saving Ms Kamala time and money.

Appropriate tests and medications can also be ordered to better manage Ms Kamala's health requirements. Patients moving between private and public healthcare providers, or acute and community settings will similarly benefit.

Actually, I think many Members in the House can relate to these examples. We often see our residents, especially our seniors, sitting in front of a GP clinic, carrying a big plastic bag of medicine. I once joked with an Ah Gong, saying, "Most people go and see doctor to collect medicine. How come you see doctor, bring medicine to see doctor?" So, he laughed and said, "Doctor asked me what medicine do I take. How can I remember? So, I brought everything there." And I am pretty sure, if I looked into his plastic bag, there would be medicine that has been issued by another doctor many months or even some time ago, and probably had expired. So, this situation is not ideal.

Second, the HIB will enable the sharing of non-NEHR health information to facilitate community-based care. Today, the Agency for Integrated Care (AIC) under MOH shares data with community health partners to enable them to engage and provide befriending services or care to seniors. The HIB will provide an additional channel for the sharing of non-NEHR health information to better support national health programmes and initiatives.

Let me illustrate this using another hypothetical example also covered in the infographic: 72-year-old Mr Lim has Type 2 diabetes and has rarely left home since his wife passed away. Mr Lim has been skipping his polyclinic appointments and struggles to manage his diabetes.

Without the opportunity to see Mr Lim, the polyclinic cannot seek his consent to share his contact and relevant health information with community health partners for follow-up. However, if our community healthcare providers and their partners are aware of Mr Lim's conditions, they can better support him.

With the HIB, when Mr Lim's polyclinic assesses that he would benefit from community support, the polyclinic can potentially share his contact information and an indicator of his level of health risk, such as whether he has a chronic condition, with AIC. AIC can then prioritise engaging Mr Lim, encourage him to check on his well-being and link him up with necessary support if needed.

AIC's early engagement of seniors like Mr Lim allows them to benefit from healthcare providers and community-based services before their isolation sets in, leading to more serious health consequences. And again, this is a scenario that I am sure many Members in the House see when we do our house visits, meeting our seniors in the community, especially seniors living alone, isolated. And these provisions under the HIB will help to enable better care for our seniors.

To ensure that the Bill addresses Singapore's healthcare needs as well as considers stakeholders' views, MOH has been engaging the public and stakeholders since 2022.

I would like to take this opportunity to thank members of the public and patient advocacy groups for their support for the Bill and their invaluable inputs, such as providing patients with greater control over their access to NEHR. I would also like to thank the professional bodies and healthcare professionals for their feedback, particularly regarding the cyber and data security requirements and the support that their members and colleagues may require as part of the transition. MOH has taken these viewpoints onboard.

Sir, now allow me to go through the Bill's key provisions and safeguards for the sharing of health information under the Bill.

In the example of Ms Kamala shared earlier, NEHR would only be able to support her new doctor if key health information from her previous healthcare providers were contributed to NEHR.

The HIB will require all healthcare providers licensed under the Healthcare Services Act 2020 and retail pharmacies licensed under the Health Products Act 2007 to contribute key health information about patients into NEHR. The key health information are those crucial for continuity of care such as allergies, vaccinations, diagnoses, medications, laboratory test results, radiological images and discharge summaries.

As certain public agencies such as the Singapore Armed Forces (SAF) and the Singapore Civil Defence Force (SCDF) also provide patient care, the Bill enables these agencies to be gazetted under the Act to contribute key health information to NEHR.

Key health information of Singapore Citizens, permanent residents and patients with long-term immigration passes will need to be contributed as these groups are more likely to seek care in Singapore over time. Health information of transient visitors such as tourists need not be contributed.

Clauses 10 to 15 set out the provisions relating to the contribution of key health information to NEHR. The First Schedule lists the key health information that each licensee category needs to contribute, based on the patient care functions they provide.

NEHR access will be provided to the healthcare providers that are contributing key health information to NEHR. The Bill will also enable NEHR access for community health partners providing clinical or care planning services. This is in recognition of their increasingly important role in supporting patients' continuity of care.

To enable the provision of timely and effective care, there will not be a need for every healthcare professional to seek consent each time they access their patients' NEHR.

At the same time, we are mindful that patients expect their NEHR information to be kept confidential. The Bill provides for robust legislative safeguards to address these concerns. We also have in place technical controls to ensure that access to NEHR is tightly regulated.

Let me first speak about the legislative safeguards.

NEHR access for patient care purposes will be limited to licensed healthcare providers and their authorised individuals. Healthcare providers must only authorise NEHR access for healthcare professionals who require it for patient care purposes. Such professionals include doctors, nurses, pharmacists and allied health professionals. Individuals who only perform an administrative or corporate role, even if they are healthcare professionals, will not be given NEHR access. Authorised individuals must access NEHR only for patients whom they are providing patient care to.

Healthcare providers must also implement appropriate practices to ensure their healthcare professionals access NEHR appropriately. This will include regular training on the appropriate use of NEHR and conducting audits on NEHR access.

In short, access to NEHR is restricted to healthcare professionals for the purpose of providing care to their patients. Accessing NEHR for purposes relating to employment or insurance will be strictly prohibited. This means healthcare professionals will not be allowed to access NEHR for purposes such as filling out medical reports required for insurance claims or pre-employment medical screening forms. This will address the concerns expressed during the public consultation that health information could be used in a discriminatory manner by employers or insurance companies.

However, there are medical examinations set out in statutes which serve to protect the public and safeguard the health of the individual and those around him. Examples include examinations of persons who are at risk of an infectious disease and the medical examinations to assess fitness for service in the SAF, SCDF and Singapore Police Force as required under the Enlistment Act. NEHR access will therefore be allowed for these statutory medical examinations.

Clauses 16 to 23 set out the provisions relating to NEHR access, including the legislative safeguards. The Second Schedule sets out the categories of authorised individuals who may access NEHR for different categories of healthcare providers. The specified statutory medical examinations for which NEHR may be accessed is listed in the Third Schedule.

That is the set of legislative safeguards. Let me turn to the technical controls that MOH will put in place to tightly regulate access to NEHR.

First, authorised individuals will only be granted access to the data types required for their patient care duties. For example, nurses in general will not have access to radiological images as they do not require this information for their patient care duties.

System-level controls to limit unauthorised access, such as limiting the number of patient records that can be accessed within a stipulated timeframe and conducting regular audits to flag unauthorised NEHR access, have already been implemented. We will be progressively rolling out additional technical measures and processes to limit and detect unauthorised access to NEHR information of patients.

Patients themselves can monitor access of their NEHR information through their HealthHub account and can report suspicious activities to MOH for investigations.

Sir, by default, patients' key health information will be contributed to NEHR and will be accessible by healthcare providers to support the continuity of care across healthcare settings. For those who continue to have privacy concerns, they may restrict access to their NEHR information so that only select healthcare providers may have this access. This Access Restriction feature is like the approach adopted by countries like Australia, Estonia and Hong Kong.

Today, such an Access Restriction regime is already in place. Patients can submit their request to place an Access Restriction at public healthcare institutions (PHIs). From the second half of this year, patients can do so through the HealthHub app.

For patient safety, when patients visit their healthcare providers, the provider will still be able to view a subset of records in the patients' NEHR even if there is an Access Restriction in place. This subset of records comprises critical allergies and vaccination information that helps reduce the risk of inappropriate prescriptions or immunisations when patients visit new healthcare providers.

Further, a patient's NEHR information may be accessed during medical emergencies despite an Access Restriction. This feature, known as "break-glass", is like Australia's approach. Access in such extenuating situations will be subject to strict controls.

First, only doctors will be allowed to "break glass". Second, before "breaking glass", the doctor must re-verify their credentials and declare a medical emergency has happened. Third, every instance where a doctor "breaks glass" will be subject to audits. Confirmed cases of inappropriate "break-glass" will be investigated as potential breaches under the HIB and may also be referred to the Singapore Medical Council for disciplinary action.

To ensure there are no gaps in patients' records even during emergencies, health information will continue to be contributed to NEHR even when an Access Restriction is placed.

While Access Restriction is an option, we do not encourage its use as it would adversely affect the quality of care we receive as patients. It is only when healthcare providers – our doctors and our frontline healthcare staff – have access to our key health information that they can deliver holistic and effective care in a timely manner.

Next, let me turn to clauses 29 to 33, which deal with Access Restrictions. Details relating to these Access Restrictions will be set out in subsidiary legislation.

As the national repository of key health information, NEHR information can be used to inform national policies and research to improve population health outcomes for Singaporeans. The HIB will provide for the sharing of identifiable NEHR information for public health purposes and anonymised NEHR information for broader public interest purposes.

Let me give a few examples. For example, in the event of a major drug contamination incident, MOH may share necessary information from NEHR, such as the identity of patients prescribed with the drug, with relevant healthcare institutions and direct them to promptly contact the affected individuals and advise them to stop taking the drug and seek medical care. The HIB will not impede the sharing of NEHR information as required or permitted under other laws.

For example, NEHR information may be required under the Criminal Procedure Code 2010 to facilitate criminal investigations by the Police or by the Communicable Diseases Agency under the Infectious Diseases Act 1976 for outbreak investigations and contact tracing of potentially exposed individuals.

But for all requests, MOH will assess whether the NEHR information is appropriate and necessary for the purpose of the request, taking into consideration factors such as whether alternative information is suitable and whether anonymised or aggregated data would suffice.

The sharing of NEHR information under other laws, as well as for public health and public interest purposes, are provided for in clause 5 and clauses 20 to 28 respectively.

Sir, let me now turn to the provisions for the sharing of non-NEHR health information to facilitate community-based care.

As mentioned earlier, the HIB will provide an additional channel for data sharing to support the goal of "One Patient, One Health Summary, One Care Journey". We will enable the scoped sharing of non-NEHR health information without an individual's consent only if three key criteria are met.

First, data sharing must be between specified entities. For a start, this will cover key public healthcare stakeholders such as PHIs, AIC and public agencies.

Second, information must only be shared for specified use cases to support continuity of care and population health outreach under national programmes such as Healthier SG and Age Well SG. For example, PHIs may share contact information and the addresses of seniors with AIC for AIC to contact and engage these seniors to connect them to relevant community-based care services and activities based on their needs.

Third, we will restrict the data types that can be shared to those relevant to each use case. The data shared will generally be limited to basic identification and contact information and if necessary, broad health risk indicators, such as the presence of frailty or chronic conditions, but not the actual medical conditions.

The scope and key requirements for the sharing of non-NEHR health information are provided for under clauses 45 to 60 while the use cases and specified entities are set out in the Fourth Schedule. The list of data types allowed for each use case will be set out in subsidiary legislation.

Let me now turn to the measures in the HIB to secure and protect health information.

Healthcare providers that contribute to and access NEHR as well as entities allowed to share and receive non-NEHR health information will need to meet cybersecurity and data security requirements. They will also be responsible for assessing whether a notifiable cybersecurity incident or data breach has occurred. Once confirmed, MOH will need to be notified. Where a data breach has resulted in, or is likely to result in, significant harm to individuals, the affected individuals will also need to be notified. These security requirements are covered in clauses 61 to 82.

To be clear, today, licensed healthcare providers and practitioners already have obligations to safeguard the personal data of their patients under existing laws. The security requirements under the HIB are based on existing standards and legal requirements. What the HIB does is to consolidate these requirements in relation to health information.

Additionally, the Bill will empower the Minister for Health to take emergency measures in critical events where the threat to health information or relevant health information systems could result in health information being lost or compromised. Such powers are not unique to this Bill and can be found in the Infectious Diseases Act 1976 and the Cybersecurity Act 2018.

These powers are necessary. We have seen how incidents, whether cyber or physical in nature, can lead to major and prolonged disruptions of essential services around the world, including healthcare services. Physical incidents, such as fires, can take out information systems and result in data loss, just as faulty information technology (IT) updates or cyberattacks can lead to the same outcome. Hence, these powers are scoped towards enabling responses to protect health information regardless of the form of the threat.

Should an outage involving health information or the systems that host or process such information occur in Singapore and threaten a major disruption of healthcare services, clauses 83 to 85 will allow the Minister to direct relevant healthcare providers to take mitigating or recovery measures.

Sir, as I have earlier mentioned, we intend for the Bill to take effect from early 2027. This would give healthcare providers sufficient time to familiarise themselves with the Bill’s requirements and strengthen their cybersecurity and data security postures. MOH is working closely with healthcare providers on the implementation timelines and will announce further details soon.

Sir, during our consultations, some healthcare providers shared concerns about the burden of implementing the HIB’s security requirements. MOH has been engaging the associations and providers. I wish to reassure them that MOH is committed to supporting them through this transition.

We will inform healthcare providers of NEHR-compatible systems that meet the Bill’s cybersecurity requirements and automate the contribution of key health information. With the use of such NEHR-compatible systems, healthcare providers will then only need to ensure their data security measures are in place, such as training staff involved in patient care to access and use NEHR appropriately. Training resources and programmes, as well as funding support, will be made available to support healthcare providers and healthcare professionals.

We are aware that some healthcare professionals are concerned about increased liability from accessing and using NEHR. MOH is working towards publishing guidelines on the appropriate access and use of NEHR information that healthcare professionals, including nurses and allied health professionals, may use as a resource.

I will now touch on the key offences and the penalties. Under the HIB, non-compliance with contribution requirements is not an offence in the first instance, as we recognise that there could be genuine challenges onboarding to NEHR. If non-contribution arises from technical difficulties, for instance, we will work with healthcare providers to rectify the underlying issue. However, in the event of deliberate or reckless non-compliance or breaches, directions may then be issued to the healthcare provider to comply. It is only when the healthcare provider fails to comply with a direction that the provider could be liable for an offence punishable by up to $20,000, one year’s imprisonment or both, upon conviction. And I reinforce, it is really in the event of deliberate or reckless non-compliance or breaches.

For breaches that are likely to have a greater impact on patients, maximum penalties are higher. For instance, a person convicted of an offence relating to unauthorised access of NEHR information under clause 38 faces a fine of up to $50,000, two years’ imprisonment or both, for a first offence. This maximum penalty is doubled for a repeat offence or if the unauthorised access was for employment or insurance purposes. The penalty for this offence is comparable to other relevant laws. For instance, the maximum fine of $50,000 is aligned with serious breaches involving unauthorised access to computer material in the Computer Misuse Act 1993.

Breaches involving systemic failures are dealt with most severely. For instance, healthcare providers that fail to put in place the cybersecurity or data security measures required under the HIB may face a fine of up to $1 million, as the health information of many patients could be compromised. A failure would likely be committed by a healthcare provider or other organisation. Hence, the maximum fine must be high enough to serve as an effective deterrent to such organisations.

Nevertheless, these are maximum penalties, which are aimed at addressing the most egregious of breaches. We would like to reassure healthcare providers and healthcare professionals as well as Singaporeans that should potential breaches occur, MOH will look at the facts of each case carefully. The Bill also allows for a range of enforcement actions besides prosecution, including composition of offences, directions to rectify breaches and letters of warning.

Sir, the HIB will play a critical role in supporting the transformation of our healthcare delivery services and model. Through “One Patient, One Health Summary, One Care Journey”, Singaporeans will benefit from better coordinated care, enhanced quality of care and lower costs. I urge Members of the House to support the Bill. Deputy Speaker, Sir, I beg to move.

Question proposed.

Mr Deputy Speaker: Ms Mariam Jaafar.

4.37 pm

Ms Mariam Jaafar (Sembawang): Sir, I first declare my interest as managing director and senior partner of a management consulting firm that does work in the healthcare space.

Over the last several years, healthcare in Singapore has been on a profound journey of transformation – from hospital to community, from treating sickness to preventing it. This Bill marks a decisive step on that journey. At its heart, the HIB is not about technology. It is about enabling a healthcare system that is more connected, more proactive and more centred on the patients, not on institutions. As MOH puts it: “One Patient, One Health Summary, One Care Journey”.

This Bill establishes a statutory framework governing how selected health information is collected, accessed, used and shared – not just for medical treatment but also for community health, preventive care and population well-being.

The Health Government Parliamentary Committee (GPC) supports this Bill. Over the course of this debate, my colleagues will examine it from the perspectives of patients, general practitioners (GPs), allied health professionals, workers, legal safeguards and cybersecurity. We are united by one conviction – this Bill must deliver safer, more continuous and more trusted care. I will focus on what the Health GPC regards as most critical – continuity of care, especially as care shifts into the community.

Mr Deputy Speaker, our residents do not experience healthcare as a single episode or a single institution. They experience it as a journey – often a long one – across GP clinics, polyclinics, hospitals, community hospitals, community health posts, home care teams and social services. Yet, too often, our systems still treats each encounter as if it were disconnected. For many of them, especially seniors and those managing chronic conditions, the biggest challenge is not access to care but continuity of care.

My Woodlands residents tell me: “I have to repeat my story every time”; or “My GP didn’t know what the hospital had done or that my medication had changed”; or “My mother was discharged, but no one seems to have the full picture.” One of my “Ah Mas" in Woodlands carried a plastic bag stuffed with her medical records – and yes, medications, just like the Senior Minister of State’s resident “Ah Gong” – wherever she went, just in case. That is not integrated care.

And this is not only about the very old. Woodlands Hospital is already seeing residents in their 40s and 50s at the Accident and Emergency Department (A&E), presenting with diabetes and complications. They bounce between providers, miss follow-ups, have poor disease control and ultimately, fall out of the system. That is exactly why longitudinal, joined up information matters. If we wait until people are frail, we have already failed them.

Continuity of care is directly linked to public health and early intervention. When middle-aged residents presenting with advanced diabetes, it tells us we did not see them early enough, support them consistently enough or connect the dots across years of care. A health information system that allows us to identify patterns – not to police individuals, but to detect communities at risk – gives us the ability to intervene before preventable diseases derail lives. This is responsible public health planning.

Continuity of care is not an abstract principle. It is about whether a doctor sees the whole patient, not just the part that walks into their clinic that day. It is the difference between safe medicine and risky medicine, between early prevention and avoidable deterioration. It is foundational to patient safety, quality of care, system efficiency and dignity.

The HIB strengthens this foundation by ensuring that essential health information – medications, allergies, diagnoses – can follow the patient, not remain trapped in institutions. It enables care teams across settings to work from a shared understanding and make better clinical decisions. It also enables the sharing of health information outside the NEHR to support critical programmes, such as Healthier SG and Age Well SG. This is particularly important in the community setting, where healthcare and social care must operate in close coordination.

In Woodlands, the Health Promotion Board and the National Healthcare Group have embarked on the Improving Health in Woodlands Town Project, and it has my full support. It integrates health, social and community services using shared data dashboards to guide proactive care, from identifying at-risk residents or residents with chronic diseases and connecting them to health and social services to smoothening transitions from hospital to community and home care, to promoting healthy living and to partnering with grassroots organisations and communities to curate health-related activities and link up residents to relevant interventions, supported by Community Health Dashboards for local planning and progress monitoring. This Woodlands project could show what becomes possible when care is joined up, data works for the people and communities lead the way – a model that could inspire the rest of Singapore.

But none of this works if information does not move. If the GP does not know what medications were changed, if the community nurse does not see the discharge summary, if the social worker is unaware of the medical risks at home, care becomes fragmented. Residents repeat their histories, tests and procedures may be duplicated, caregivers are left uncertain and opportunities for early intervention are missed. Conversely, when information is shared, care becomes coordinated and outcomes improve. Residents feel assured, caregivers feel supported and the system functions more effectively.

The Bill also enables a learning healthcare system. With longitudinal data, we can anticipate disease, manage chronic illness better, support public health planning and evidence-based policy-making and accelerate medical research breakthroughs, from early cancer detection to precision or personalised medicine. For public health planners, this data allows us to understand which neighbourhoods are ageing faster, where chronic disease is poorly controlled and where caregivers are under strain, so we can deploy resources where they are needed most, not where the voices are loudest.

But none of this can succeed without public trust. And trust, Sir, is not built by aspiration. It is built by rules, limits and accountability. And that is why the Health GPC will be watching five critical issues closely.

First, access controls. The Bill allows broad categories of “authorised users” to access NEHR data for healthcare and care coordination. My residents’ greatest anxieties relate to sensitive data including mental health, reproductive health and social vulnerabilities.

This fear is real, but the solution to fear is not fragmented care. The solution is stronger rules on who can see what.

Access must be purposeful, proportionate and auditable. Sensitive information, for instance, mental health records should require higher-level authorisation or additional justification. Member Alex Yeo, a lawyer, will address this from a legal and governance standpoint while Member David Hoe will bring his characteristic moral framing and empathy for the most vulnerable in our community, that I have come to admire so much in a short time in this House.

And earlier, in the PSGA debate, Member Cai Yinzhou made the case that when Government agencies and external parties want to use health data for non-healthcare purposes, there must be clear use cases, justifications and safeguards.

Second, employment and insurance use. The Bill rightly prohibits the use of NEHR data for employment and insurance eligibility. This is crucial. But prohibition on paper is not enough. Indirect access or inference – for example, where doctors are asked for medical reports or insurers rely on clinical documentation – must be tightly controlled. We must have clear guidelines for clinicians. Doctors must not be placed in ambiguous positions of having to decide what can or cannot be disclosed, and patients must not be pressured to consent to disclosures that undermine the spirit of the law.

Our labour Member Dr Wan Rizal will speak from the National Trades Union Congress (NTUC) perspective on safeguarding workers' rights – particularly for those with mental health conditions, this is his passion.

Third, support for smaller providers. Mr Deputy Speaker, I have heard people say that older GPs might be a problem when it comes to implementing this Bill. Let me be clear: in the transformation our healthcare journey is on, GPs are not the problem; they are the solution.

Many Woodlands residents have seen the same GP for decades. Some of these GPs cared for my residents when they were young and are now caring for their children. That is longitudinal data in action.

Smaller providers often have limited manpower and IT resources. If onboarding, cybersecurity and reporting requirements are too costly or complex, smaller GPs could struggle. Older GPs could decide to close shop. We then risk widening the gap between large institutions and community care – exactly the opposite of what this Bill intends.

Financial support, shared services models and practical implementation timelines must be clearly set out. MPs Yip Hon Weng, Joan Pereira and Choo Pei Ling will speak on how to support these GP clinics and community partners.

Fourth, protection for doctors and allied health professionals. NEHR must support, not replace, professional judgement. Clinical protocols, medico-legal guidance and professional standards must be clear so that healthcare workers are not unfairly exposed.

A doctor himself, Member Dr Hamid Razak, will speak on medico-legal clarity for doctors, while Member Choo Pei Ling together and Member Dr Wan Rizal will speak up for allied healthcare professionals – community nurses, therapists, social workers – who play a critical role in community care and must also have clarity and protection when using NEHR data.

Fifth, cybersecurity and accountability. Public trust requires resilience. Audit logs, breach detection, structured response and transparent communication to citizens are essential. Past breaches have left long shadows. Member Yip Hon Weng will address resilience and cybersecurity measures, drawing on perspectives of the Defence GPC. Members Choo Pei Ling and David Hoe will speak on breach response, transparency and recourse.

Mr Deputy Speaker, some have asked: "Why not make this system opt in? Why can't I opt out fully?" We should be honest. There are many things in life one can opt out of, but you cannot opt out of safe care. In an emergency, your doctor must know your allergies. That makes safeguards even more important, not less. Access to sensitive data must be carefully designed. Prohibitions on employment and insurance use must be real in practice, not just in statute. Smaller clinics and community partners must be properly supported, not overwhelmed. And the rate of people opting to activate access restrictions should be tracked, as a barometer of public trust.

Sir, the Health GPC supports the direction of this Bill because the status quo – fragmented information and disjointed care – is not good enough for our citizens. But our support comes with a. responsibility to ensure continuity of care is delivered in practice, that safeguards are real, professional guidance is clear and that community-based providers are not left behind. If we get this right, my Woodlands Ah Ma would no longer need to carry her medical history in her plastic bag. Her integrated care team will already have it, working together across settings to give her the best possible care and ensure she enjoys a good quality of life well into her old age. This is the system this Bill must deliver. With these expectations clearly in mind, I support the Bill.

Mr Deputy Speaker: Mr Dennis Tan.

4.51 pm

Mr Dennis Tan Lip Fong (Hougang): Mr Deputy Speaker, the HIB is transformative in a way. It will set the legal framework for the mandatory contribution, collection, storage and disclosure of health information across the entire healthcare ecosystem of Singapore. When passed, fragmented and often paper-based health records held by individual healthcare providers will be a thing of the past, morphing into a unified interoperable NEHR.

This is not merely a technological upgrade. The Bill promises smoother, safer, more efficient healthcare for all patients under our country's health system. Given Singapore's rapidly ageing population, successful implementation of NEHR is critical to ensuring seamless care and continuity across different healthcare institutions.

Trade-offs may test people's trust. However, these benefits come with trade-offs, which, if not properly addressed, will affect the people's trust in this national Smart Nation effort. After all, nothing could be more sensitive and personal than one's health information records over the years. The thought of such intimate human data being viewed by viewed by nameless, faceless persons, other than your own doctors, or even worse, falling to the hands of hackers, must be very real to some of us when we contemplate the HIB.

Thus, while I support the Bill, I wish to raise a few concerns posed by the HIB, and I will be speaking on the challenges for smaller healthcare operators, such as single or dual-doctor practitioner clinics that many of my residents rely on for their daily medical needs.

Sir, we must recognise that the centralisation of health data across all healthcare providers, from the very small to the very large, introduces significant privacy and cybersecurity risks across the entire ecosystem. Even with strict regulations and legal governance frameworks, there has been cases of unauthorised access as well as outright hacks. It is public knowledge that some of the most egregious data breaches in the past 10 years have happened within healthcare. Chief among them was the 2018 hack of the SingHealth system that led to a Committee of Inquiry, and also the delay of the NEHR roll-out by more than five years. The personal particulars of 1.5 million SingHealth patients, including the then Prime Minister Mr Lee Hsien Loong and the records of outpatient dispensed medicines belonging to 160,000 patients were stolen. Till today, the identified hostile state actors behind the attack remain unaccounted for.

More recently, there have been at least two reported cases of unauthorised access by healthcare professionals. For instance, a neurosurgeon at SingHealth was dismissed in 2022 for inappropriately assessing the medical records of over 70 patients not under his care. More recently, in 2025, a customer service associate at the NUH was found to have unlawfully accessed the records of 11 individuals, including family members and former colleagues via NUHS' internal Epic system, reportedly driven by personal motives to reconnect with one of them.

While the overwhelming majority of healthcare professionals uphold ethical and legal standards, the ease of access to such records will severely undermine public trust.

Many of us may be asking how can I be sure that the GP clinic at the next block to mine with only one and half doctors, and one to two doctors and two clinic staff on shifts be able to comply with the HIB and also be self-protected against cyber and data risk created by either human or system errors.

The NEHR is only as secure as the smallest operators are. While the HIB's stringent requirements are essential for safeguarding patient data and access, they place a significant burden on smaller healthcare providers who may no longer opt out of contribution to NEHR. Under Part 2, Division 2, failing to comply will lead to a fine not exceeding $20,000, or to imprisonment for a term not exceeding 12 months, or to both. In the case of continuing offence after conviction, a daily fine of $1,000 applies.

Large institutions like SingHealth and National Health Group may mobilise their dedicated IT teams. Small practices, however, will find themselves in unfamiliar territory and will have to rely on costly external consultants to comply, creating a significant operational burden.

On an ongoing basis, the challenge is particularly acute when it comes to warding off attacks and data breaches. Under the law, healthcare providers of all sizes share legal liability for data breaches caused by health data intermediary failure, placing a disproportionate burden on clinics that lack control over these risks.

Although the GP IT Enablement Grant offers one-time subsidies for adopting NEHR compatible system, as I understand, they do not cover the ongoing cost of maintaining cyber security compliance. Small healthcare operators may be out pocket for purposes of upgrading and maintaining their clinic management systems to meet strict security standards, audit trails and data portability. Even with this grant, GPs are simply not trained to assess whether their providers use genuine end-to-end encryption, secure server configurations, or follow basic cyber security best practices.

How can we help clinics to use appropriately secure yet affordable compliance systems? How can we ensure the essential cyber hygiene practices like staff training and regular software updates are undertaken without imposing disproportionate cost burden and/or adding to the existing pressures of running their small practices?

We should also be concerned whether this leads to GPs passing the cost down to patients and reducing affordability in primary care. How will MOH ensure that such cost will not be passed down to patients? How will it affect our mom-and-pop clinics and family doctors?

Mr Deputy Speaker, many family doctors are people who are located near to our homes convenient for us to visit when trouble hits and who have known us and our family members for years, if not decades. They are an important part of keeping us safe and healthy. With the Community Health Assist Scheme (CHAS) and Healthier SG schemes, they have become more integrated into the overall health delivery infrastructure nationwide – at least some of them. However, they are often by nature very small, akin to mom-and-pop clinics, often fronted by one doctor with, say, possibly another on a locum basis, or not even without another locum, they open only part of the day. Some may not even have air conditioning and some may still use paper records. Furthermore, the doctors are older, serving their patients past their official retirement age, which makes them well loved and trusted.

I do wonder whether the passing of the HIB with punitive costs for non-participation and compliance may be the straw that breaks this group and push them to give up their practices for good. I certainly hope not, even if they are in a minority. We should be concerned about conveniently located medical services disappearing from our neighbourhoods at exactly the point when Singapore is becoming a super-aged society that needs more care, not less.

A volunteer shared with me recently her worries for her 87-year-old mother who lives in her own flat and is under the trusted care of her family doctor a few blocks away. This doctor runs a solo practice in a void deck shop without air-conditioning. He only opens a few hours a day, but this suits the elderly patients that he mostly serves.

If this doctor is forced to close due to implementation of the HIB, my volunteer is worried that her mother will no longer have convenient access to care. It will be stressful for this volunteer as a daughter living away from her mother whenever her mother falls ill, needs to top up her medicines or take a vaccination, whereas currently, she trusts her mom to visit this doctor and her troubles will usually be sorted.

Mr Deputy Speaker, I hope MOH will provide the necessary assistance to all small clinics and practises, so that the burden of the HIB and NEHR may not be so overwhelming for these doctors, such that they will prefer to close their practices instead.

Next, extend financial support beyond GP IT Enablement Grant and set up an IT Shared Services Office. Given the challenges I have highlighted above, will the Minister consider giving a grant for small clinics or practices with say, fewer than three full-time practitioners to assist the clinic or doctors in their ongoing compliance, with the HIB's cyber and data standards and practices?

This may be an extension of the GP IT Enablement Grant, but targeted towards the smaller operators rather than the chain clinics. Going beyond financial support is also important. They need Institute of Technical Education technicians to help them directly when issues arise. They also need a dedicated help desk.

To address this, could the Minister consider setting up an IT Shared Services Office within the Ministry that may provide small clinics with not a one-off, but a continuing out-sourced, cost effective and compliant IT support, acting in lieu of the dedicated IT department of large healthcare institutions?

Besides my suggestion above, I would also urge MOH to consider setting up a similar initiative to support all clinics and practices, like the shared services initiative for charities. The Commissioner of Charities has partnered with various organisations to set up shared services to strengthen charities, regulatory compliance and efficiency of their backend operations, especially helpful to smaller charities. These are not nice to have. They are imperative.

This Bill changes the rules of the game. It mandates that every private clinic from the specialist in Orchard Road to the void deck GP in the heartlands must contribute their data. They have no choice if they wish to stay open. But if MOH were to demand institution-grade security against risk and breaches on a solo operator's budget, it may not just be unfair, it may even be unsustainable for some.

Compliance with the HIB cannot be a one-size-fits-all assignment. More must be done to help onboard small clinics and family doctors at the same level of standards and readiness as large institutions. Let us not make the small clinics the weakest link of the system. They should also be the trusted mission-critical partners, worthy of a Smart Nation.

Next, Mr Deputy Speaker, in the final part of my speech, I will touch on the penalty regime under the HIB. I have spoken about the SingHealth data breach of 2018. The Personal Data Protection Commission fined SingHealth $250,000 and its IT vendor, Integrated Health Information System (IHiS), $750,000, totalling $1 million for failing to protect 1.5 million patients' data.

Section 66 of the HIB states a fine not exceeding $1 million for organisations that fail in data security in handling of health and relevant information. While the figure of $1,000,000 appears substantial in isolation, it pales when contextualised against the scale of modern healthcare data breaches, such as the SingHealth one in 2018. Let us do the math: 1.5 million SingHealth records were leaked in 2018. A total fine of $1 million – $750,000 plus $250,000 – equates to an effective fine per record of 66 Singapore cents.

Mr Deputy Speaker, we may wish to review whether this is the value we wish to place on the privacy of our citizens, as such. Furthermore, for a large healthcare conglomerate with annual revenues in the hundreds of million, a $1 million fine is a relatively lesser or even trivial operating expenses. Relatively speaking, it is roughly equivalent to the cost of a few high-end medical devices. It is hardly a pain point to some, even less of a serious business risk to the large hospital groups. Instead, the $1 million cap effectively puts a ceiling on the value of the collective privacy of the nation, regardless of the number of persons attached or affected.

Let us compare this with global standards that have successfully shifted corporate behaviour. First, the European Union's (EU's) General Data Protection regulation imposes administrative fines of up to $20 million euros, or 4% of total worldwide annual turnover, whichever is higher. The 4% turnover clause is the main deterrent. For a tech giant or a global hospital chain, this could amount to hundreds of millions or billions of dollars. This scales the penalty to the size of the entity, ensuring that the fine is never just a cost of doing business.

Another is the California Consumer Privacy Act, which allows for a private right of class action lawsuits with statutory damages between US$100 and US$750 per consumer per incident. This directly monetises the harm to the individual. It creates a mathematical certainty of catastrophe for negligence. If this is applied to the SingHealth case of 1.5 million victims, we will be looking at a payout of between $200 million and $1.5 billion. The penalty, in a sense, may better match the pain of the victims. More importantly, it will make organisations take the message much more seriously.

Mr Deputy Speaker, I would surely understand, on one hand, some of us may think that the penalty regimes in EU and California may be a bit too high, and some will argue that they will be eventual cost impact on consumers. On the other hand, some may argue that they can better match the pain of the victims. We can, and perhaps we should, review and decide where the balance may better lie for Singapore.

But it is important that our regime must ultimately make all organisations take the message more seriously. By way of example, if you were to introduce say, a per person fine, similar to the approach in California – and of course, we must discuss this robustly before any decision is reached, how much this fine should be and the premises for arriving at the quantum – say, for illustrative purposes, we peg the fine per person's records to what we have to pay to acquire people's personal information from, say, the Accounting and Corporate Regulatory Authority's BizFile, where per report or certificate is charged at $33 or $50. This is purely for illustration. This method would scale automatically a small clinic losing 50 records pay $ 1,650 to $2,500, painful but survivable. This shaves the calculus. It forces senior management and boards director to view cybersecurity not as an IT cost, but as an existential business risk.

It signals that the state values each individual's privacy. It moves away from the abstract notion of system security to the concrete value of personal data. This is how we can build a system that is robust at the outset. There is the trust of every contributor. We can start looking numerically at what would be a good balance for Singapore, or at least a better balance than what we have now, and which pertinently will make all organisations take the message more seriously, while being fair and equitable for bigger medical organisations, as well as smaller clinics and practices. Mr Deputy Speaker, in closing, notwithstanding my concerns, I support this Bill.

Mr Deputy Speaker: Dr Wan Rizal.

5.08 pm

Dr Wan Rizal (Jalan Besar): Mr Deputy Speaker, when Singaporeans hear about greater use and sharing of health data, their first reaction is rarely about system architecture or data flows. Their concern is much simpler, it is much more human, and they ask: can this information be used against me? Will it affect my job? Will it affect how I am treated? I hear this from workers, from our seniors and from caregivers alike.

Many residents, especially older residents managing long-term conditions, worry about who can see their information, whether consent is meaningful and what happens if something goes wrong. These are legitimate concerns and I know that other Members will raise them in detail, particularly on system safeguards and patient protections.

As a labour Member, I rise today to focus on a pillar of this Bill that is essential to public confidence: worker trust, and in particular, the safeguard that disallows health data from being accessed or used for employment purposes.

Sir, for workers, health data does not exist in isolation. It intersects very directly with their livelihoods, with hiring decisions, job retention, access to work opportunities and sometimes, continued participation in the workforce. This applies not only to traditional employees, but also to self-employed persons and platform workers, whose access to work can be more fragile and more easily withdrawn.

In these contexts, the imbalance of power is real. When income and job security are at stake, workers often feel they have little room to refuse disclosure, even when they are uncomfortable. And that is why legal safeguards matter, not just in theory, but in how workers experience the system.

This is why I want to state clearly and on record that I strongly support the safeguard in this Bill that disallows health data from being accessed or used for employment purposes. This safeguard is not peripheral. It is central to whether workers trust the system at all.

So, why is this system so important? Some may ask why this needs emphasis, since the safeguard is already existing in the Bill. The reason is not legal, it is behavioural. Even the perception that health data could affect employment decisions can discourage workers from seeking timely care, disclosing relevant information to healthcare professionals or participating fully in national health initiatives like Healthier SG. This would undermine the very objectives of this Bill.

Workers should never have to weigh their health against their livelihood. If this Bill is to succeed in improving continuity of care and public health outcomes, workers must feel safe engaging with the healthcare system, without fear of downstream consequences at work.

This concern is especially relevant for protected characteristics and disabilities, including mental health conditions. I want to be clear: I am not suggesting that any one type of health condition is more important than another, but from a workplace fairness perspective, some types of information are more likely to be misunderstood, stigmatised or misinterpreted in employment contexts.

Mental health conditions, for example, are often less visible, episodic and poorly understood in workplaces, despite progress over the years. The issue is not the data itself. It is the risk of unfair treatment if such information is misused or even informally taken into account. This is precisely why the employment-use safeguard is so important.

The Labour Movement has long stood for the principle that workers should not be discriminated against, on the basis of protected characteristics, including disabilities and mental health conditions. The safeguards in this Bill include specific prohibitions on NEHR access for insurance and employment purposes. It reinforces, in the context of health data, the same values we have already affirmed as a society: that personal characteristics and health conditions should not become barriers to fair treatment at work. Seen in this light, this safeguard is not an additional demand. It is a logical extension of principles that Parliament has already endorsed.

Workers are also concerned about indirect or "backdoor" use of health information. Not necessarily through access to records, but through fitness-for-work assessments, third-party requirements or other channels that could influence employment outcomes.

I note that the Bill identifies specific Statutory Medical Examinations where NEHR access is permitted, such as pre-enlistment checkups or assessments for vocational driving licenses. These are strictly defined to prevent harm to the individual or to public interest. I seek the Minister's assurance that this list of exceptions will remain tightly scoped and will not be expanded to general pre-employment screenings without rigorous oversight.

Furthermore, while healthcare providers can override an individual's "Access Restriction" during a medical emergency, the law must remain clear, that data can still never be used for employment purposes.

Mr Deputy Speaker, I also want to speak briefly about healthcare workers, including members represented by the Healthcare Services Employees' Union. Healthcare workers occupy a unique position in this Bill. They are entrusted to access and handle sensitive health data, they are required to do so as part of patient care, and often times, under pressure and subject to, of course, significant penalties if things go wrong.

From a labour perspective, safeguards must protect not only patients, but also the workers tasked with implementing the system. I hear you. Accountability is important and wilful misuse of data must be dealt with firmly. But accountability must be fair and also proportionate.

We must distinguish clearly between intentional wrongdoing, and inadvertent errors arising from system design, workflow complexity, or even operational constraints. And this means we need to have clear role-based access, proper training and guidance, and supportive implementation, especially during transition periods. Protecting patient data and treating our healthcare workers fairly are not competing objectives. They must go hand in hand if the system is to function well.

Sir, if I may briefly return to the concerns of my residents, especially those who are seniors and caregivers. Many seniors manage multiple conditions and interact frequently within the healthcare system. They worry about privacy, they worry about consent and they worry about whether their personal information is respected.

While I have focused today on worker trust, I want to assure residents that their concerns are also heard. Trust is the common thread, whether one is a worker, a patient, or a caregiver or a senior managing long-term care.

When Singaporeans trust that their health information is handled with care, strong safeguards and clear boundaries, they are more willing to seek care, share information honestly, and participate fully in our healthcare system. Sir, please allow me to continue in Malay.

(In Malay): [Please refer to Vernacular Speech.] This Bill must be able to establish public trust. Health data is intended to safeguard health, not to jeopardise livelihoods. Therefore, safeguards that prohibit the use of health data for employment purposes are extremely important, for workers, the self-employed, and platform workers.

No worker should fear that seeking medical care could be held against them at work.

These safeguards align with principles of fairness and dignity in the workplace, including for individuals with disabilities or mental health conditions. When trust is maintained, workers and senior citizens will feel more confident in seeking treatment and sharing health information honestly.

A robust healthcare system begins with trust, and trust only exists when clear boundaries and robust safeguards are implemented.

(In English): Mr Deputy Speaker, with the right safeguards in place, this Bill can strengthen healthcare delivery and public health outcomes. The safeguard disallowing the use of health data for employment purposes is a critical part of our trust framework. It reassures our workers that seeking care will not put their livelihoods at risk. It aligns with long-standing principles against discrimination and it supports, rather than undermines the objectives of this Bill.

At the end of the day, a healthcare system can only be as strong as the confidence people. When workers, patients and seniors trust that their health data will not be misused, at work or elsewhere, they are more likely to engage, participate and benefit. For these reasons, I support this Bill and the safeguards it contains.

Mr Deputy Speaker: Mr Louis Chua.

5.18 pm

Mr Chua Kheng Wee Louis (Sengkang): Mr Deputy Speaker, one's medical information is more than just a set of datapoints on a server. It is the deeply personal and sensitive, and a digital diary of our physical and mental lives.

Therefore, the public's trust is sacrosanct to the implementation of the NEHR. We must ensure that the Government and healthcare stakeholders do their utmost to safeguard the privacy of this data.

While I broadly agree with the principles of the HIB, which delineates the responsibilities of our healthcare ecosystem and mandates data contribution, I believe it is also important that we continue to strengthen areas of data privacy, transparency and individual agency.

As we move towards Smart Nation, we must ensure that our progress does not leave Singaporeans feeling as to the power asymmetry between themselves and the state is growing, and that they are losing control of their own data and privacy, and that public education measures would be stepped up to foster a deeper understanding of the NEHR's and one's rights as patients.

One crucial aspect of this Bill is that patients of opt in or out of the NEHR by way of an Access Restriction, which blocks medical practitioners from viewing all of the patient's NEHR's records, save important details, such as one's critical allergies and personal information. Patients may also select the medical institutions to the impose and access restriction on.

Notably, clause 30(7) reveals that even if a restriction is in place, a patient's information continues to be uploaded to the NEHR in the background. This, according to MOH, is in the interest of ensuring the expeditious provision of care should the patient wish to opt-in to the NEHR in the future or during an emergency situation. But Mr Deputy Speaker, if a citizen says "no" to the NEHR today, should the state then be allowed to say, "Okay, but trust me" and collect their data anyway?

In a 2017 letter to MOH, the then President of the Singapore Medical Association highlighted that this might compromise the patients' right to privacy. This is because patients might not wish for their medical records to be uploaded to the NEHR at all.

I urge the Government to reconsider this continuous background uploading and if other additional options can also be considered. For example, we should consider offering a total opt out or a so-called "no means no" option, provided the patient is thoroughly briefed on the dangers and risks of doing so and is counselled on the implications of such an option.

Second, patients might prefer to block access to certain documents and records only, instead of imposing a wholesale access restriction on their records. I understand that one sensitive health information that could potentially lead to stigmatisation and discrimination will be secured by additional measures, such as double lock-in feature.

Nevertheless, what is sensitive to one might not be sensitive to another. Hence, patients might wish for additional flexibility when protecting their health records rather than just give a blanket nod.

Part 3 of the Bill also allows for the sharing of both administrative and clinical information, to facilitate the continuity of care and outreach efforts for national health programmes through data sharing arrangements. Notably, patient consent is also not required for the sharing of such data between healthcare providers and public agencies as established under clause 50.

Therefore, I hope that patients will be recorded some flexibility and control over the types of health information they wish to disclose and how they would like that information to be used.

While I appreciate that we can already check out any NEHR access history in HealthHub, patient consent should also be sought for data sharing between healthcare providers and public agencies. On that note, Part 2, Division 4 of the Bill also sets out the requirements for the usage of any NEHR data for secondary purposes or derived information. After all, a national health record database provides a valuable snapshot of our population's health condition, which could then be used by researchers for developing solutions to public health issues faced by our society.

The Bill separates such derived information into two categories. Type 1, which is information that is individually identifiable, as well as Type 2, data that is aggregated and anonymised.

And it is worth noting that clause 30(5) paragraph (a) states that "The imposition of an access restriction does not preclude one's NEHR records, be it individually identifiable or anonymised from being disclosed as derived information, if an approval is granted by the Minister.

I agree with clause 25(2) that the Minister may approve an application to obtain Type 2 derived information, if the Minister is satisfied, having regard to the purpose for which the application is made. That is in the public interest to do so.

However, what are the instances in which subsection (1) will apply where individually identifiable health information is required in the name of promoting public Health?

This is another case where even if an individual exercises his right to impose an access restriction, it can be again overruled with a Ministerial approval for his individually identifiable information to be shared on public healthcare grounds.

Although the cost to the patient's privacy may be outweighed by the benefits such research brings to society at large, that should not preclude the Government from giving patients more agency over secondary usage of the health information, especially for research purposes. This is a principle that is adopted by other healthcare systems worldwide as well. For instance, both Taiwan and the EU have enacted regulations empowering patients to restrict the use of their identifiable health data for secondary purposes. Therefore, I hope that the Government would consider allowing patients to exercise greater control over the secondary usage of their health data.

To follow on the Ministerial approval requirement under clause 25, according to MOH's Trusted Research and Real World-Data Utilisation and Sharing Tech (TRUST) platform, which provides anonymised healthcare-related data for secondary usage, the Data Access Committee reviews the social value and public interests of each data request.

I agree that access to any NEHR data unlocks research and development (R&D) potential and supports long-term public health outcomes. When it comes to commercial-linked entities, however, while such parties might use the data for generating public health reasons and research, it raises ethical concerns surrounding transparency and privacy, especially if access to data is excessive, insufficiently justified or beyond stated that be used.

Back in 2015, in the United Kingdom, the Royal Free and HS Foundation Trust in London signed an agreement with Google DeepMind. This allowed the British AI firm to analyse sensitive information on 1.6 million patients who uses the TRUST hospitals each year. The access was used for monitoring software for mobile devices called Streams which promises to improve clinicians' ability to support patients with acute kidney injury. But according to the study's authors, the publicist dated in the agreement were far less specific and made more open-ended references to using data to improve services.

In the last few years, there has been a significant drive and race across providers to train AI models using the largest and most diverse datasets available in order to achieve better performance. However, this trend also raises important concerns about data privacy, particularly, in regard to sensitive records, such as medical information – NEHR data.

For this reason, we should exercise caution before granting third parties, especially if they are commercially-linked organisations, with excessive or unconstrained access to NEHR data, especially when longitudinal studies examining individuals' health records over prolonged periods are involved and be mindful of scope creep, given commercial incentives.

Besides R&D applications, I do believe that Government should capitalise on the NEHR's capabilities to boost the efficiency of healthcare delivery and financial assistance to all Singaporeans.

With allied health professionals, such as medical social workers having access to the patient's NEHR record, I hope that the possibility of financial assistance being further streamlined via enhanced data sharing procedures with the likes of the Social Services Office can be explored – with the patient's approval, of course. This would be most helpful in cases, such as long-term assistance to those permanently unable to work due to illness or disability. And in turn, this could also help to alleviate the workload of our medical social workers while easing the experience of those seeking financial and social support.

Finally, an extensive public education effort on the NEHR should also be implemented, should this Bill be passed. A 2018 Singapore Medical Association survey revealed that only 50% of respondents heard about the NEHR and 14.9% fully understood what the NEHR was back then. As shared in the Feedback Report on the Public Consultation for the Health Information Bill, during the public consultation exercise, MOH received feedback requesting for a greater clarity and clearer communication of the policy positions under the Bill. Will the MOH be conducting and updated public awareness survey upon implementation of the Bill to measure how public understanding of the NEHR has evolved, particularly regarding access restrictions and the use of individually identifiable data?

It is nonetheless critical that the Government ramp up its patient's education efforts regarding the purposes of the NEHR and how it might benefit them as well as to explain the rights of each patient pertaining to their medical data.

In conclusion, Mr Deputy Speaker, the NEHR represents a significant milestone in our Smart Nation journey but its success rests entirely on the foundation of trust. Medical information is among the most intimate forms of data one can share and the success of the NEHR ultimately depends, not on compulsion, but on trust.

To ensure this trust is not eroded by a perceived power asymmetry between the state and the individual, we must move beyond a "collect first, tell later" approach. And throughout my speech, I have highlighted three recurring themes: agency, transparency and proportionality.

I hope Singaporeans can be granted more meaningful control and disclosure over how their health information is accessed, shared and used. More importantly, we cannot have a well-functioning healthcare system if only 15% of people fully understood what the NEHR is. We must ramp up public education to ensure every Singaporean knows their rights and how their data is used to serve the common good, in order to foster the trust that turns our national database into a national asset. Notwithstanding these clarifications, I support the Bill.

Mr Deputy Speaker: Mr Yip Hon Weng.

5.30 pm

Mr Yip Hon Weng (Yio Chu Kang): Mr Deputy Speaker, Sir, we are becoming a super-aged society. Despite Healthier SG, care is not yet delivered in one place or coordinated by one healthcare team. It moves across clinics, hospitals and community settings. In such a system, information is not just paperwork. It is safety. It is continuity. It is dignity.

Because health information accompanies us through our most vulnerable moments, the success of this Bill will not be judged only by how efficiently data flows. It will be judged by something far more human – whether residents continue to trust the system enough to seek care early, speak honestly and return when they need help. That trust is fragile and once lost, it is hard to restore.

Today, I would like to focus my clarifications on three areas which residents have consistently raised with me: access control, support for smaller GP clinics and cybersecurity.

Mr Deputy Speaker, Sir, I begin with access control. The Bill introduces Access Restrictions under clause 29, with exceptions in clause 30, and the process for managing them in clause 31. These are important safeguards. But residents ask a practical question – will this protect me in real life?

My first question relates to the default setting. If Access Restrictions require residents to take proactive steps, does this mean their information is broadly accessible by default? How will seniors, especially those who are not digitally confident, know what to do? If privacy depends on digital literacy, then privacy is no longer equal.

My second question concerns granularity and role-based access. Clause 29 allows Class 2 Access Restrictions to be prescribed by information type, user class, purpose and time period. This is a powerful provision, but power lies in how it is used. Will this flexibility translate into true "need-to-know" access or will residents experience it as broad visibility once someone is authorised? Access should follow purpose and visibility should follow necessity.

My third question concerns sensitive health information. Yio Chu Kang residents tell me plainly that they want help, but fear being labelled. They worry not only about what is written, but about who might see it. This concern extends beyond mental health to other sensitive data such as human immunodeficiency virus (HIV) status, sexually transmitted infections, reproductive health history, genetic conditions and substance use treatments. These are conditions where fear of exposure can deter people from seeking care altogether.

Residents also raise a related fear that goes beyond stigma. They worry about where boundaries are drawn beyond direct care, such as access by insurers, employers, ancillary service providers or the downstream use of data for research, analytics or artificial intelligence (AI) training. Even where data is described as de-identified, residents worry about re-identification risks and inference. If these boundaries are not clear and credible, residents may hold back information or delay care.

How will MOH use the flexibility in clause 29 to ensure such sensitive categories are treated with particular care? Furthermore, under clause 30, where exceptions allow information to remain accessible, how will MOH ensure these exceptions are narrow and clearly defined rather than quietly eroding the intent of the restriction?

Sensitive care must feel safe or people will stay away. Healthcare for stigmatised conditions must be a sanctuary, not a spotlight.

My fourth question concerns privacy signals. Even when information is restricted, residents worry that the very presence of a "sealed" marker invites speculation. How will MOH prevent the fact of restriction itself from becoming a source of stigma or inference?

Finally, on transparency. Residents can view access logs on HealthHub, which is a good start. But do they merely see that an organisation has accessed their data or do they understand why? Will logs be presented in plain language?

Beyond investigation timelines, what happens if misuse occurs? Will residents be notified promptly, given a clear explanation and told what corrective or remedial actions have been taken? Transparency without recourse does not build trust. It only documents its absence.

Mr Deputy Speaker, Sir, I turn to the second area – support for smaller GP clinics. In estates like Yio Chu Kang, the neighbourhood GP clinic is not just a provider, it is a relationship where trust has been built over years. While the Bill places necessary obligations on institutions, the compliance costs land hardest on these small practices. Has MOH assessed the full financial and operational impact on solo GPs, from onboarding to ongoing cybersecurity obligations?

We hear feedback that NEHR can be cluttered and time consuming for less digitally savvy, elderly GPs. If clinicians spend more time searching and less time caring, have we truly improved care? Will MOH commit to measurable usability improvements, such as time-to-find critical information, structured clinical summaries and clinician user experience testing so that "less clutter" becomes a performance obligation rather than an aspiration?

There is a real last-mile reality. Cybersecurity and data requirements designed for large institutions can overwhelm small practices where the doctor is also the administrator and IT troubleshooter. Some GPs have shared a quiet concern that if requirements become too complex or costly, retirement may be the only option. When small clinics close, residents, especially seniors, lose convenient access and familiar doctors.

Has MOH weighed this risk against the Bill's policy objectives? If we ask neighbourhood clinics to operate like large corporations, we should not be surprised if they struggle. Residents will feel this quickly through higher fees and longer waits.

In that context, I ask whether support will be predictable and sustained. Will there be grace periods, phased onboarding and a genuine "no wrong door" approach so small clinics are guided rather than penalised as they come on board?

How will MOH prevent digital medical records vendors from engaging in fearmongering and profiteering, pushing small clinics into expensive contracts out of fear of non-compliance? Will responsibility for implementation be clear rather than fragmented? Where alternative contribution pathways are provided for pen-and-paper clinics, how will MOH ensure these are feasible and not a second-class solution? Compliance should not become a hidden healthcare tax on the heartlands.

Mr Deputy Speaker, Sir, I turn to the third area – cybersecurity. For residents, a breach is not a statistic, it is personal. The 2018 SingHealth cyberattack was a stark reminder that even well-resourced systems are vulnerable.

As the Chair of the GPC for Defence, I approach this with particular care. In defence, we learn that systems rarely fail at the centre. They fail at the edges, where resources are thin and the smallest gap becomes the point of entry. Healthcare systems are no different.

The Bill rightly imposes duties under clause 68 for reasonable safeguards and clause 70 for incident management. But residents ask two fundamental questions: will it be secure and will it be doable?

How will reasonable safeguards under clause 68 be defined in a tiered, risk-based way? Will small clinics have a clear, achievable baseline while larger institutions shoulder proportionately greater responsibility? How will MOH support small clinics in meeting incident management requirements under clause 70 without turning doctors into cybersecurity managers? Will there be shared services, templates, guided exercises and clear escalation pathways so bureaucratic demands do not take doctors away from patients?

Residents also care deeply about what happens when things go wrong. If a breach occurs, when will residents be notified, what information will they receive and what practical support will be provided to help them protect themselves and restore trust? Where cybersecurity failures arise from vendors or intermediaries, how will accountability follow control so that small clinics are not unfairly blamed or penalised for failures beyond their technical reach?

Availability also matters. When systems are down, patients are at risk. What resilience standards will apply to NEHR access? A system is only as strong as its weakest link and in healthcare, patients bear the cost of weakness.

In conclusion, Mr Deputy Speaker, Sir, we began with a simple reality. In a super-aged society, care no longer sits in one place, with one doctor, at one time. It moves across settings. Where care moves, trust must move with it. This Bill is about data, but more importantly, it is about people. It is about whether access controls feel like protection or complexity. It is about whether neighbourhood clinics are strengthened or quietly strained. It is about whether cybersecurity inspires confidence or quiet fear.

At its heart, this Bill asks a deeper question of us as a society. Can we build a system that is effective without being intrusive, secure without being crushing and connected without losing compassion? Trust is not a technical feature. Trust is the infrastructure that makes every other system work.

I call on the Government to ensure that as this Bill moves forward, implementation is anchored in three clear commitments: access controls that residents can understand and use; support that keeps heartland clinics viable and affordable; and cybersecurity that is strong, proportionate and shared across the system.

If we get this right, we will not only improve care, we will preserve dignity, we will strengthen trust, and we will send a clear message to every resident – seeking care will never mean surrendering control.

That is the healthcare system Singaporeans deserve. That is the standard we should hold ourselves to. I support the Bill.

Mr Deputy Speaker: Mr Fadli Fawzi.

5.41 pm

Mr Fadli Fawzi (Aljunied): Mr Deputy Speaker, the Bill advances necessary and timely updates to our healthcare ecosystem and I am supportive of the Bill's intentions.

The Bill establishes a statutory framework to consolidate key medical data into an integrated, longitudinal view of an individual's health record. This is in line with the vision of "One Patient, One Health Record", when the NEHR commenced a decade ago.

I understand that patient records from our public healthcare institutions are already in the NEHR. Let us say that you sought treatment in the Singapore General Hospital (SGH), information about your visit, such as your admission and discharge records, your laboratory test results, the procedures you did, the medication you were prescribed, are already in the NEHR. Following that, if you were to visit the Changi General Hospital (CGH), perhaps to see a specialist for a different medical issue, the CGH doctor will be able to use the NEHR to view the medical summary information of your SGH visit.

However, with this Bill, private healthcare providers will now also be mandated to contribute to the NEHR. This is significant since one of the reasons why patients opt for private healthcare is so that their health information is not included in the NEHR. This is especially concerning for patients dealing with sensitive medical issues, including those related to mental health, sexual health or addiction.

Sir, it is a given that a national electronic healthcare database will clearly help to optimise patient care and continuity of care. However, the success of the NEHR hinges on fostering trust that the Government can collect and consolidate our health information safely and responsibly. The trust can only exist if we keep patient privacy and patient autonomy at the forefront.

By patient privacy, I mean that patients must have the assurance that their confidential health data remains private and secure, with access granted only to particular persons for what is medically necessary or for public health purposes. Patient autonomy, on the other hand, means that patients should be able to meaningfully determine who has access to their data and how their data is used. In general, patients should be able to know when and why their data is accessed and by whom.

I believe the Government can agree with me that the NEHR must leave patients feeling empowered, not exposed. For that to happen, we cannot compromise on either patient privacy or patient autonomy.

Mr Deputy Speaker, the Bill defines a person's clinical information to include both the physical and mental health of the individual, and the diagnosis, treatment or care of the individual, while part one of the first schedule outlines the different types of health information to be contributed by specific healthcare providers. Altogether, there are 13 different types of health information, though only the providers of acute hospital service need to contribute to all 13.

However, I want to focus on the category of visit diagnosis, reasons for visit, or patient problem list, which many healthcare providers are mandated to contribute. I would like to ask the Minister about this category of health information. How lengthy or extensive should the contribution pertaining to diagnosis, reasons for visit or patient problem list be for the purposes of the NEHR?

I also want to note that, as of 8 January, the "Frequently Asked Questions" (FAQ) on Synapxe's website – Synapxe being our national HealthTech agency responsible for running the NEHR – states that the NEHR is meant to receive and consolidate key health summary information, but "not doctor's notes".

Here is a hypothetical example. Let us say a person were to meet a private psychiatrist and discuss their recent psychological difficulties, due to a recent breakdown in his or her marriage. The psychiatrist then records these details in their own doctor's notes. My first question: when contributing health information to the NEHR about the visit, is the psychiatrist mandated to include those personal and private details of the patient's life under the category of "visit diagnoses, reasons for visit or patient problem list"? My second question: if the private psychiatrist was not mandated to share their doctor's notes, can such information still be contributed to the NEHR, including without the patient's knowledge?

I believe that the public will benefit from an assurance from the Ministry that the scope of health information contained in the NEHR will only relate to key health summary data and will not include "doctor’s notes", especially intimate and confidential details about a patient's personal life, even if that information were in some way medically relevant to the provision of care.

Mr Deputy Speaker, the Bill also explicitly identifies certain "excluded purposes". I am sure that all patients appreciate the assurance that their healthcare information cannot be used for employment and insurance purposes.

However, I want to ask the Minister whether the Police and other law enforcement agencies will be similarly barred from using information from the NEHR? For instance, if a substance abuser sought treatment on his own to battle his addiction, would law enforcement be able to use the NEHR records to arrest and charge him? I ask this because patients seek treatment and care with some expectation of confidentiality, that their sensitive health information will be kept private. We need to ensure that patients continue to feel comfortable to seek treatment.

Mr Deputy Speaker, other than safeguarding their privacy, we need to ensure that patients are able to retain autonomy over their health information. Clauses 29 and 30 allow for access restrictions, which patients can use either to restrict all access to their information in the NEHR or to restrict access for specific users or purposes.

And if I understand clause 30(7) correctly, these Class 1 and Class 2 access restrictions do not prevent or restrict the contribution of healthcare information by a medical provider. In other words, healthcare information about every medical visit and treatment in Singapore will be recorded in the NEHR, but patients can block other healthcare providers from having access to that information.

Sir, these access restrictions will only work if these options can be exercised easily and in a patient-friendly manner. Currently, there is an option to opt out of the NEHR, but this involves a slightly elaborate and tedious process of making an appointment at one of the polyclinics and restructured hospitals to obtain and submit an opt-out form. Patients wishing to opt out will also be – and here I quote directly from the Synapse FAQ – they will be "counselled, to ensure that they fully understand the implications of this decision to their care as their providers will not have access to their records."

Even then, opting out does not mean your healthcare information gets deleted from the NEHR. What happens is that healthcare providers do not get to view them. Moreover, these Access Restrictions can be, understandably, overridden in a medical emergency.

I thus want to ask how the Ministry intends to implement the Access Restriction mechanisms under the Bill. Firstly, will the Ministry continue to counsel those who wish to invoke access restrictions and can we have further details about the content and duration of that counselling process? Secondly, is the Ministry considering the possibility of allowing patients to invoke or revoke these access restrictions online through HealthHub? Thirdly, is the Ministry planning to conduct regular public campaigns to educate patients about their access restriction rights?

Mr Deputy Speaker, another important dimension to patient autonomy is being transparent about the who, when and why of access to our healthcare information. I understand that patients can view which healthcare providers have accessed their health records through the NEHR Access History section in HealthHub. I want to clarify with the Minister about how granular this data would be. Would the patient only be able to see which healthcare institutions have accessed their records or will it also list out the specific healthcare professionals who were accessing their records? Moreover, at GP clinics, how can patients be sure that only their doctor is able to view the health information on the NEHR and not their non-clinical staff?

This relates to another question about unauthorised access to the NEHR. Clause 77 identifies what is a "notifiable data breach", namely, a breach which "(a) results in, or is likely to result in, significant harm to an affected individual; or (b) is, or is likely to be, of a significant scale".

Can I then ask the Minister to clarify how the Ministry intends to define "significant harm" and "significant scale” and why it has settled on such a standard? Would it not be more reasonable, not to mention the right thing to do, to notify affected individuals in any and all cases of unauthorised access to their health information?

Looking ahead, the national electronic healthcare system, once it is fully up and running, our citizen's pooled health data will be a valuable goldmine for clinical researchers and pharmaceutical companies. While this can accelerate drug development and spur medical innovation, the public needs assurance that their personal health data will not be monetised for profit.

Here, my question is whether the Government intends to make healthcare information in the NEHR available to the private, academic or any other sectors and whether the current Bill makes provisions to regulate such a possibility? While I am in principle not opposed to such collaborations, I hope that it can be explicitly legislated that any dataset from the NEHR must be anonymised, if this has not been done already.

Moreover, if the data is used for commercial research, the Government should consider a "Social Dividend" which ensures that the benefits return to the people. Any revenue or benefits derived should be reinvested directly into patient subsidies or national health funds, ensuring that the value generated by the people's health data is returned back to the people.

I would also suggest exploring the model of data cooperatives. One example of this model is non-profit Swiss cooperative MIDATA where citizens control their data and can choose to contribute it to specific research projects that they believe in. This has enabled research and tailored care plans for diseases, such as multiple sclerosis.

Mr Deputy Speaker, my foregoing questions and suggestions are intended to safeguard the integrity of the NEHR to strengthen public confidence in the system. To this end, we continue to emphasise patients' privacy and patients' autonomy to ensure Singaporeans are empowered, not exposed.

Mr Deputy Speaker: Mr Alex Yeo.

5.55 pm

Mr Alex Yeo (Potong Pasir): Mr Deputy Speaker, I rise in support of the Bill. Before I start, I wish to declare that as a legal practitioner in private practice, I have and do act for insurers and insureds in a variety of disputes. I make this declaration, as I will be addressing certain points relating to the "excluded purposes" contained in clause 6 of the Bill.

This Bill will govern the framework of our NEHR to: one, enable more effective clinical care; two, improve coordination; and three, consolidate care across different healthcare settings. In many urgent and emergency medical situations, this could certainly save lives.

On the other hand, the Bill also incorporates safeguards, a reflection that in this tech pervasive information age, personal healthcare information, in the wrong hands, used for inappropriate and insidious purposes, can potentially destroy lives. I would like to cover three areas of the Bill briefly: access, consent and excluded purposes.

Let us start with access. As we expand the NEHR to include all healthcare providers in Singapore, invariably, the number of access points to the NEHR will increase significantly. Any digital online system with many access points is particularly vulnerable to unauthorised access, inappropriate use and/or a cyber threat.

The Bill incorporates stringent access rules and restrictions, with deterrent penalties for breaches. Individuals are also at liberty to place access restrictions and view instances of NEHR access to their medical records via the HealthHub App. The Bill therefore provides safeguards while giving individuals with privacy concerns to decide on who should have access rights.

I am therefore glad to hear from the Senior Minister of State that MOH will conduct regular audits to flag inappropriate access to the NEHR. This is vital as it will provide healthcare providers regular and crucial information and feedback on the strength of their protocols and processes and allow them to act in a timely manner to adjust and tighten as required.

Given the large number of healthcare providers in Singapore, I would like to invite the Senior Minister of State to share with the House, the Ministry's plans on how these audits would be conducted, including the frequency and parameters of what would be studied, to ensure that the safeguards remain robust and amply protect the personal healthcare information of Singaporeans.

I now move on to the point on consent. The notion of patient consent is fundamental in medical practice – serving as a cornerstone in both legal and ethical obligations. Doctors regularly seek patient agreement in instances, such as treatment/interventions or to share medical information with a third party, including family members and so on. Even in the case where a patient has lost mental capacity, legal documents, such as a Lasting Power of Attorney or the legal appointment of a deputy, authorises another to, in effect, "consent" on the patient’s behalf.

In the context of healthcare, patient involvement in decisions about their care is an intuitive concept. Set against this background, the Bill however, does not require patient agreement to upload the key health information onto the NEHR. In fact, it makes it compulsory for healthcare providers to do so.

This can be a cause for concern for Singaporeans who may legitimately have privacy concerns with uploading their personal healthcare records onto the NEHR. One may ask, why can I not choose not to upload my healthcare information onto the NEHR? This is especially so since the harm or detriment suffered would likely be largely to the individual in the event of a leak or misuse.

We have also appeared to have taken a slightly different approach from jurisdictions, such as Australia, which allows patients to choose whether or what medical records to upload onto their system which is called "My Health Record" or to even have a record at all. As I believe, this would be an issue of interest to many Singaporeans, I invite the Senior Minister of State to share the policy and practical considerations behind why the framework governing the NEHR has been set up in this manner.

Finally, I would like to share some thoughts about the excluded purposes set out in the Bill. Clause 6 of the Bill sets out excluded purposes. In other words, these are purposes for which healthcare providers are not allowed to access the NEHR.

As things stand, these are when accessing the NEHR for: one, employment; or two, insurance purposes which include when an employer decides to employ, promote or terminate an employee and when an insurer decides whether to insure, continue or renew a policy and during the processing of claims.

This is a welcomed clause. Speaking from professional experience, it is important to have a clear demarcation of what relevant medical information of individuals should be provided in the context of these employer/employee and insurer/insured relationships, and what is sensitive confidential medical information that could be misinterpreted or inappropriately applied.

The Bill also goes one step further. The excluded clauses are, in fact, what I would describe as blanket exclusions, in that, even if an individual consents or agrees to allow access for these excluded purposes, healthcare providers are not permitted to do so. I appreciate the intent. Individuals should not be compelled to allow access for such purposes. For example, if all insurers in Singapore require NEHR access consent before agreeing to cover an individual under a health-related policy, then the individual is left with no real choice but to agree if he or she wants to be covered by the insurance.

However, I believe that there is a case to be made to allow for some relevant healthcare information to be accessed. Let us take the example of a health-related insurance policy. Generally, an insurer decides on whether to extend cover and if so, set the premium payable based on actuarial calculations. These calculations take into account a number of factors, including pre-existing medical conditions and medical history. If individuals can consent to a limited scope of relevant information that is agreed between the patient and in this instance, the insurer, then access can be permitted for that limited scope of relevant information via the healthcare provider. For example, this could be for medical histories of heart conditions or cancers.

However, as the Bill currently stands, there is no such option. Even if an individual wishes to consent, the healthcare provider is not permitted to access NEHR for the excluded purposes. It may be useful to understand whether this would impact insurance premium setting and/or insurance cover in the future, if and when the Bill comes into effect.

There is also, an instance in which the blanket exclusion can be lifted. If a legal dispute arises in the Courts between an insurer and insured, say, on issues relating to the non-declaration of relevant medical history, the Court can order access to a party’s NEHR records as part of the discovery of evidence process.

Before I conclude, I just want to make one observation of Mr Dennis Tan’s suggestion to increase the penalties for a breach. I can appreciate the intent. The balance, however, in such matters is between taking a punitive approach or supportive approach, where we work with healthcare providers to strengthen their protocols and processes in order to prevent breaches to re-occur. Mr Tan makes the point that large organisations may take financial penalties as a cost of business. In some cases, this may very well be true.

However, in the case of a healthcare provider, the people within – clinicians, nurses, administrators and so on – are well intentioned and want to build a system that better serves patients. When such a breach incident happens, I believe, it impacts not only the organisation but also the personal professional reputations of the people involved. Viewed from this context, a punitive approach may not be the best option. Perhaps we could start with the current approach and review this as the ecosystem takes shape after implementation.

Mr Deputy Speaker, notwithstanding the clarifications I have sought, I support the Bill.

Mr Deputy Speaker: Mr Kenneth Tiong.

6.04 pm

Mr Kenneth Tiong Boon Kiat (Aljunied): Mr Deputy Speaker, I support the principles underlying this Bill. A population-scale set of longitudinal medical records is the "means of production" for more timely interventions, accurate diagnoses and preventive health at large. The contribution of data to the NEHR will create a valuable dataset and that value should flow to all Singaporeans.

But before I move on to the question of value, my belief is that a Bill that compels contribution must also come with robust ecosystem safeguards. From my conversations with practitioners and from my reading of the Bill, I have three sets of concerns: (a) the disproportionate cybersecurity burden on small providers; (b) the uploading of sensitive medical information despite patient objections; and (c) possible insurance loopholes that may render our privacy protections ineffective.

I will then speak to a broader question: if we are building a national health asset, who benefits and how do we continue to ensure it catalyses a dynamic ecosystem rather than becoming captured by a single monopoly provider?

First, to the cybersecurity obligations imposed on healthcare providers. The Bill designates all Healthcare Services Act licensees – from tertiary hospitals employing thousands to single-doctor GP clinics in HDB heartlands – as "relevant persons" under section 64. All face the same statutory obligations: to implement reasonable controls for secure processing, reasonable safeguards against unauthorised access and cybersecurity protections under sections 66 and 68. The penalties for non-compliance are severe; fines up to $200,000 or two years' imprisonment for individuals, and up to $1 million for other entities.

The Bill does use the word "reasonable", which implies proportionality. But I have spoken with doctors who run small operations. They worry that when a breach occurs – and breaches are a matter of "when" and not "if" – the enforcement spotlight will fall on them. Did they have sufficient firewalls? Was their anti-virus updated? Were their staff trained adequately? They fear being "hung out to dry”.

[Mr Speaker in the Chair]

I also wish to speak for some of my constituents who are senior GPs still practising in the heartlands. Many are approaching retirement and are not tech-savvy. They will struggle with the digitalisation requirements that this Bill will impose. If the transition is too abrupt, many of these senior GPs may feel forced to retire early or sell their independent clinics to large corporate chains, accelerating consolidation in the primary care sector. The end state of a modern, integrated health information system is desirable. But the transition must be managed carefully.

So, I ask: one, would the Ministry issue clear, tiered guidance on what constitutes "reasonable" safeguards for practices of different sizes? A safe harbour framework, if you will.

Two, will the Ministry consider providing or subsidising cybersecurity insurance for small providers so that they need not fear shouldering the entire financial risk of a breach?

Three, will there be a transition period with educational enforcement, rather than immediate punitive action, to allow smaller providers to build up cybersecurity capabilities?

Four, could the Ministry offer transitional support for senior practitioners nearing retirement, perhaps something as simple as sending personnel to help digitalise their records monthly?

Second, to the question of sensitive medical conditions that patients wish to keep private. There is a group of patients today who pay cash, wanting to keep their records, perhaps with sexually transmitted infections, mental health conditions or abortion records, off the system. Many foreigners also do not want to be on NEHR.

Under this Bill, that option will no longer exist. The Bill provides for "access restrictions" – Class 1 that prevents all access and Class 2 that restricts access for specific purposes or persons. But as section 30(7) states: "To avoid doubt, an access restriction does not prevent or restrict the contribution of health information." So, the data is uploaded and stored centrally. Any access restriction is a viewing control. It masks who can see the data. It does not exclude the data from NEHR.

If the burden of proof is on the custodian of NEHR to have a robust privacy model, let us examine the custodian.

Synapxe, the custodian of NEHR, was rebranded from IHIS, which was responsible for allowing the 2018 compromise of 1.5 million SingHealth patient records. The Committee of Inquiry found that IHiS staff lacked adequate cybersecurity awareness, that key staff failed to take appropriate action even when there were clear signs of an ongoing attack, and that the Chief Information Security Officer's response was, and I quote, "clearly lacking and displayed an alarming lack of concern”. This has led many doctors to mistrust Synapxe in these matters. Given the history here, I believe our health authorities also need to take steps towards rebuilding that trust.

So, I ask: one, how is MOH going to police unjustified access of NEHR, where rogue elements read medical histories of unrelated people? What assurance can MOH give us that our health data is safe with Synapxe?

Two, if such unauthorised access occurs, does proactive monitoring exist or will the system rely solely on whistle-blowers and complaints?

Three, what is the technical architecture for access-restricted data? Is it encrypted separately? Is it stored in a segregated environment? Or is it simply flagged in the same database, such that a breach would expose it alongside unrestricted records?

Four, what is the access model for NEHR data? In Taiwan, the National Health Insurance system uses a dual-card approach – the patient must present their Health IC smart card, the doctor uses their professional IC card, and both are required for access, with written patient consent. This dual authorisation prevents rogue access because no single party can retrieve records alone. Will Singapore's NEHR access model include such safeguards?

And five, what is MOH’s position on specific carve-outs for defined sensitive conditions, where patients can opt out of contribution entirely?

Moving on to insurance. Mr Speaker, I commend the drafters of this Bill for their attention to the concern regarding the use of medical information for insurance underwriting.

Section 6 defines "excluded purposes" to include deciding whether to insure an individual, continuing or renewing insurance, or processing insurance claims. So, section 19(2) prohibits specified users from accessing NEHR for any excluded purpose and section 38(5) imposes enhanced penalties for accessing records for excluded purposes.

Insurers cannot access NEHR directly. Healthcare providers cannot access NEHR on behalf of insurers, and a patient's consent cannot be used to circumvent these protections. Is it watertight? Let me offer two possible scenarios.

Scenario one. According to section 3.1.2.2 of the Draft Guidelines on Appropriate Use and Access to NEHR, released by MOH in 2023: "In the event that such information was previously transcribed from NEHR into the patient's clinical notes, it would be treated as part and parcel of the medical record belonging to the healthcare institution."

Meanwhile, Integrated Plan insurers are increasingly requiring doctors to sign contracts containing "Inspection and Right to Audit" clauses. These clauses grant insurers the right to inspect full medical records to verify claims. The result is that doctors check NEHR for relevant history – past abortions, in-vitro fertilisation (IVF) treatment, mental health conditions, sexually transmitted infections – and note it in their files for clinical safety. Because of these audit clauses, insurers then gain access to this sensitive, transcribed NEHR data, even if it is irrelevant to the current claim. A patient going in for gallbladder surgery may find their insurer reviewing their psychiatric history.

Scenario two. Section 17(1) provides that an individual may access and collect their own accessible health information. A Singaporean applies for insurance. The insurer's application form may include a new requirement: "Please attach a complete printout of your National Electronic Health Record." No printout, no policy. Once the data leaves the system through legitimate patient access, it seems beyond the Bill's reach.

Even if insurers do not require a NEHR printout directly, they already have a right to refuse payouts if a pre-existing condition was not previously disclosed. If an applicant fails to disclose a condition, one that now sits permanently in NEHR, the insurers can void the policy at claim time when they discover the non-disclosure through other means.

The existence of NEHR with its comprehensive longitudinal record makes non-disclosure almost impossible to sustain.

So, I ask: one, does MOH agree that a transcription pathway where NEHR-derived information entering clinical notes and becomes accessible to insurers through audit clauses defeats the legislative intent of section 6?

Two, what if there is a data breach? Can insurers use the now public information?

Three, will the Government work with the Monetary Authority of Singapore (MAS) to prohibit insurers from requiring NEHR payouts or NEHR-derived information as a condition of coverage, claim processing or policy renewal?

Four, will the Government review the inspection and right to audit clauses in Integrated Plan contracts to ensure that they did not circumvent the excluded purposes provisions?

And five, if an insurer is found to utilise either pathway, what enforcement mechanisms will exist? Will this be a matter for MAS, MOH or both?

Deputy Speaker, I now wish to speak to a broader question. This Bill will create, for the first time, a comprehensive national database. Social determinants, such as postal code, education, marital status; clinical outcomes, such as blood pressure readings over decades, medications prescribed; and soon, perhaps, genomic data from the SG100K project.

It is a formidable dataset. It is a "means of production"; not just of population health outcomes, but of significant economic value. So, how do we ensure that value from this national health data infrastructure, and its possible monetisation of any form, flows to citizens?

Globally, startups are experimenting with patient-centric data models, where individuals can choose to share their data for research and receive compensation. I believe a monopoly, such as Synapxe, may not experiment with such models. But a contestable market will. Some players may try patient-centric approaches and the best models will emerge.

To create the conditions for competition to discover it, that requires open APIs, interoperability standards like the opt-in mechanisms of the sort that my hon colleague Mr Fadli Fawzi mentioned, and a contestable application layer.

Mr Speaker, let me turn to the system operator. Section 8 provides that the Minister may designate a system operator to operate, administer and maintain the national electronic record system. In practice, that will be Synapxe.

Synapxe, formerly known as IHiS, today employs about 3,500 people. It serves as a technology backbone for our entire public healthcare system.

When IHiS was set up in 2008, I believe the original vision was that it will operate on contestable principles. MOH will issue tenders, IHiS will compete, win some, lose some, it would have enough work to survive, but will need to compete elsewhere to thrive. In doing so, it will face enough competition to stay efficient.

This model was the original plan for the Ministry of Defence and ST Engineering. Dr Goh Keng Swee, speaking in 1977, said, "We do not own or run enterprises on ideological grounds. We expect Government-owned enterprises to be efficient, to make money and to expand whenever feasible. If a Government-owned enterprise loses money, it is allowed to go bankrupt, and this has happened, fortunately, in very few instances."

This was and is the discipline of contestability. Government-owned enterprises were to be subject to market forces.

But the current model for Synapxe has drifted from this vision. Today, MOH relies almost exclusively on Synapxe to implement its technology integrations. There is capture and cost inflation. An engineer is hired at $5,000 a month. That engineer's services are sold to public healthcare clusters at significantly higher rates. If the mark-ups are excessive – and they can become excessive in the absence of competition – it can crowd out innovation and make the ecosystem weaker than it should be.

I believe a different model is possible and necessary. My vision for Synapxe is different. It would return to the original contestable principles surrounding IHiS' creation.

First, I would seek to separate Synapxe into two entities.

The first entity would be a core infrastructure company. It would handle standard setting, data exchange protocols, security baselines and the NEHR plumbing. This stays Government-owned and lean – perhaps a few hundred people. It runs the pipes and sets the protocols but does not compete at the application layer.

The second entity would be a commercial services company. It would handle system integration, consulting and vendor management. This gets spun off – maybe privatised, maybe converted to a Government-linked company that must compete commercially, both domestically and internationally.

Second, MOH must reacquire the in-house capacity to be an intelligent buyer of technology services. Before or concurrent with any Synapxe structuring, MOH needs a technical unit of about 50 to 100 people – not administrators but engineers, data architects, security specialists – people who can evaluate bids, write specifications and challenge cost claims. Without this capacity, the Ministry will find it hard to escape capture.

Third, we should legislate interoperability standards and open API requirements for all health data intermediaries, including any entity that emerges from Synapxe. The goal is to ensure that the application layer – the layer where innovation happens – is open and contestable.

I happen to think all this can be done within four to five years.

Mr Speaker, with such contestability and with an opening for opt-in mechanisms where citizens can choose to share their data for specific purposes and receive compensation, I believe the NEHR can be a means of production for three outcomes: (a) better population scale outcomes. This is the primary purpose and I support it fully; (b) a fair stake in data monetisation for every citizen. If value is going to be extracted from the data, we should create conditions where citizens can likely share in it, not just bear the risk; and (c) an ecosystem catalyst for health-based startups.

With open APIs and interoperability, Singapore can become a place for health tech innovation. Startups can build on the NEHR platform, small and medium enterprises (SMEs) can compete for contracts. We can export health tech capabilities regionally. The NEHR can become a flywheel for a more dynamic health tech ecosystem, one that benefits the Government, citizens and entrepreneurs alike, not merely a Government-only benefit and asset.

Mr Speaker, in conclusion, I support this principle of a unified national health record. It can improve care, reduce waste and enable the precision medicine of tomorrow.

But a Bill that compels contribution must also come with robust ecosystem safeguards. Those compelled to contribute must be protected from disproportionate burden or liability.

Privacy controls must be real. Since access controls do not exclude data from NEHR, a breach potentially exposes everything, regardless of restrictions. Possible loopholes must be closed.

Today, insurers cannot access NEHR, but perhaps through transcription and audit clauses, they can access NEHR-derived information sitting in clinical notes. In locking the front door, we must also lock the back door. If we are to build a national data asset, we must ensure that it is governed by contestable principles, not captured by a monopoly provider. The original vision for IHiS was discipline through competition. We should return to it.

I look forward to the Ministry's reply. Thank you, Speaker.

Mr Speaker: Ms Joan Pereira.

6.20 pm

Ms Joan Pereira (Tanjong Pagar): Mr Speaker, the HIB is necessary for Singapore to transition to an integrated, community-based healthcare ecosystem. There are two aspects which I find essential for successful implementation that I wish to spotlight.

First, there is to be comprehensive onboarding support for GPs, including innovative shared staffing arrangements for small clinics; and second, I would like to call for strengthened support for community partners to ensure seamless continuity of care across our healthcare ecosystem.

To achieve "One Patient, One Health Summary, One Care Journey", our GPs, particularly those operating small, independent practices, need adequate support to participate sustainably. While most primary care clinics are already contributing to the NEHR, this figure masks significant challenges faced by small practitioners.

Stakeholder feedback had indicated that GP clinics and smaller healthcare organisations are worried about meeting cybersecurity and data security requirements as they have limited resources and administrative capacity. This is a valid concern as the burden falls on them to maintain cyber and data security. This is an ongoing challenge, even for well-resourced organisations globally.

Unlike large hospital groups with dedicated IT departments and compliance teams, small GP clinics often operate with minimal administrative staff, tight margins and practitioners who are clinicians first, not IT specialists. The clinics' concerns are understandable. Hence, I would like to seek three clarifications from the Minister.

First, would the Ministry elaborate on the scope and quantum of funding support? It would be helpful for the GPs to have more details. What is the maximum funding quantum per clinic? Does it cover hardware, software, training and ongoing maintenance? Will funding be provided upfront or reimbursed retrospectively? Small practices operate on tight cash flow and cannot afford to frontload substantial IT investments without certainty of reimbursement. Would MOH publish clear funding guidelines, eligibility criteria and the application timeline before the Bill takes effect from early 2027?

Second, would MOH extend implementation support beyond technology to operational capacity? While NEHR-compatible systems address the technical dimension, the administrative burden of data entry, staff training and compliance monitoring remains substantial. Small GP clinics often lack administrative staff dedicated solely to data management. I propose that MOH explore small clinics jointly hiring and sharing data entry staff through collaborative arrangements or tapping on some form of shared resources.

For example, MOH could facilitate or fund shared service models where three to five GP clinics in the same geographical cluster jointly employ a trained data coordinator who rotates between clinics, ensuring accurate and timely NEHR contribution, conducting staff training and maintaining compliance with cybersecurity protocols.

Third, would MOH consider a calibrated enforcement framework that accounts for clinic size and capacity? The Bill appropriately provides that MOH work with healthcare providers to resolve non-compliance, such as technical challenges leading to non-contribution, before issuing formal directions or penalties. However, enforcement must be differentiated. I hope that there could be special considerations given, for example, cases where it is a single-doctor clinic with two nurses should not be held to the same compliance timeline as a multi-site group practice with dedicated IT infrastructure.

The second aspect for a successful implementation calls for strengthened support for community partners to ensure seamless continuity of care across our healthcare ecosystem. We must ensure that data sharing between healthcare providers and community partners supports smooth continuity of care, particularly as patients transition from acute hospital settings to community care options.

Implementation requires operational readiness and active Ministry support for community partners. Would MOH share what technical and operational support will be provided to community partners? Community care organisations – Active Ageing Centres, voluntary welfare organisations, befriending services – often lack the IT infrastructure and data governance expertise to receive, safely store and use health information securely. Would MOH extend support packages beyond healthcare providers to include community partners, funding secure data systems, staff training and compliance with data security requirements? Sir, in Mandarin.

(In Mandarin): [Please refer to Vernacular Speech.] Would MOH share what technical and operational support will be provided to community partners? Community care organisations – Active Ageing Centres, volunteer welfare organisations, befriending services – often lack the IT infrastructure and data governance expertise to receive, safely store and use health information securely. Would MOH extend support packages beyond healthcare providers to include community partners, funding secure data systems, staff training and compliance with data security requirements?

(In English): Next, I would like to ask if MOH has a timeline for the sharing of non-NEHR health information with the private and community healthcare partners. This is necessary for seamless care continuity.

The Bill currently limits data sharing to public sector entities – AIC, healthcare clusters and public agencies. Over time, private community healthcare partners, nursing homes and home care providers should be included, subject to governance and data protection safeguards.

Sir, to meet the objectives of this Bill – "One Patient, One Health Summary, One Care Journey" and "A Community of Health” – small practices need support to participate meaningfully. Equally, community partners need active Ministry support to fulfil their role in continuity of care.

I look forward to the Minister's response. I support the Bill.

Mr Speaker: Deputy Leader, Zaqy Mohamad.

Debate resumed.

Mr Speaker: Ms Kuah Boon Theng.

6.29 pm

Ms Kuah Boon Theng (Nominated Member): Mr Speaker, within the healthcare industry, the HIB has been much discussed and long anticipated. This vision of achieving nationwide contribution of health information into a central repository is a truly ambitious and challenging goal. But as with all things new, it has not come without its fair share of fear and trepidation from the ground.

For years, our public sector healthcare institutions have been contributing to the NEHR. However, there are still private clinics and other healthcare establishments that have yet to modernise and digitise their patient records. And I agree with Members who have spoken so far that for those who struggle with new technology, it is particularly daunting to navigate the journey of digital transformation.

In this respect, I know that Ministry officers have been making the necessary preparations for a long time. Through various stakeholder consultations, the Ministry came to realise that many medical practitioners had concerns about the potential increase in medico-legal liabilities arising from the mandatory contribution of health information and the wider accessibility of that information to other healthcare providers.

And so, in late 2022/early 2023, the Ministry appointed the National Electronic Health Record Guidelines Workgroup and tasked the Workgroup to come up with a set of guidelines that would provide clarity on the professional responsibilities and obligations of healthcare professionals in terms of their contribution to, access and use of our national health records. The Workgroup, which I co-chaired, has since completed its work and issued a set of guidelines setting out the core ethical principles relating to our national health records, and proposing reasonable professional standards to be observed by all contributors and users. The draft guidelines have been made available, and I understand it will be published at such time when the HIB makes its successful passage through this House.

To formulate these guidelines, there were numerous engagement sessions arranged by the Ministry involving various stakeholders, for example, the Academy of Medicine, the Singapore Medical Association and the Singapore Dental Association, as well as nurses, pharmacists and allied health professionals. As co-chair of the Workgroup, I was present at most, if not all, of these engagement sessions to hear and address the concerns from the ground and to obtain constructive feedback.

We also took into account the interests of patients, the need to respect their autonomy in terms of who they would grant access to their national health records and the sensitivities associated with certain types of health information, for example, conditions that are stigmatising or affect employment opportunities or one's insurability. I am heartened to see that these issues have been specifically addressed in the Bill, which provides for access restrictions and makes it clear that access to our national health records should not be for employment or insurance purposes.

Some have mentioned that patients do not like to be asked repeatedly about their medical histories. But there is a need to emphasise that the primary source of health information remains with the patient. National health records can provide a back-up source of essential health data when patients are poor historians or are otherwise unable to provide information to their doctors, but it is not a replacement for the traditional way in which doctors interact with their patients through direct communication, which is so important if we are to build a strong doctor-patient partnership, one that is based on trust.

Integrated care also does not mean that we should expect doctors to routinely have to trawl through and read NEHR records before they even exchanged the first word with the patient. We do need to ensure that the healthcare professionals who are users of the system see it as an asset, rather than a potential quagmire where missteps will engender swift punishment and legal liability. As for patients, they need to have trust in the National Health Records System and believe that it is there to serve their needs and safeguard their interests, and not at the expense of their privacy or autonomy.

Many concerns from the ground remain, for example, that time is needed for their practices to be compliance-ready, that they need technical support to deal with cybersecurity threats or simply to familiarise themselves with recommended practice guidelines and the statutory obligations that will be put in place once the Health Information Act comes into force.

I can attest to the fact that senior Ministry officers who were present to hear these concerns from the ground have been extremely understanding and reassuring. They have signalled that flexibility will be exercised and allowances given in the event of non-compliance due to teething problems during the initial stages, and these problems could include delays in implementing adequate systemic safeguards. I would like to ask the Senior Minister of State if he can confirm that, indeed, contributors and users of the National Electronic Records System will be given some latitude, especially in the initial period, as they adapt to the new changes and expectations?

In addition, I would like to ask the Senior Minister of State if the Ministry intends to continue focusing on patient education efforts that will, in my view, be essential if we want patients to feel secure and have faith in how their sensitive health information will be handled. We are unlikely to gain all the benefits from this ambitious initiative if too many of our patients resort to setting controls on access due to fear or misconceptions. Patient education, therefore, needs to continue to be a priority and we must continue to listen to and address their concerns and build their trust.

Mr Speaker: Dr Choo Pei Ling.

6.36 pm

Dr Choo Pei Ling (Chua Chu Kang): Mr Speaker, I would like to declare that I am a registered member of the Allied Health Professions Council, and my work involves accessing, treating and educating on disability.

The HIB before us is a landmark piece of legislation. It establishes a robust legal framework for secure health information sharing across our healthcare ecosystem and this will shape the way Singapore delivers care for decades to come.

This Bill is not just about technology or compliance. It is about trust – trust between patients and providers, between Government and citizens, and between institutions and the professionals who serve in them. It is essential for our transition from hospital-centric care to community-based care, particularly as we confront the twin challenges of an ageing population and the rising burden of chronic disease.

Today, I would like to focus on these four areas: one, supporting community healthcare practitioners and GPs in onboarding to the NEHR system; two, improving data transition between Government hospitals and the community sector; three, strengthening support for allied health professionals (AHPs); and four, addressing patients' concerns about data protection thresholds and breach safeguards.

The vision of "One Patient, One Health Record, One Care Journey" is compelling. But to realise it, we must ensure that practitioners outside hospital settings, especially GPs in smaller, independent practices, have adequate support to participate meaningfully.

Today, most primary care clinics already contribute to NEHR. This is commendable progress. This is driven by Healthier SG's integration requirements. Yet we must acknowledge the realities. Many GPs operate with lean teams, limited administrative bandwidth and modest technical capacity. For them, NEHR integration can feel like a burden, even if its clinical value is clear.

The Bill rightly provides support mechanisms: whitelisted NEHR-compatible systems and funding packages to defray onboarding and cybersecurity costs. These are welcome. However, as we move towards mandatory participation, we must ensure that implementation timelines are realistic. The Bill takes effect from 2027, providing healthcare providers time to adopt support measures and comply with requirements. But for some GPs and smaller practices, this may still be a tight timeline for them.

I urge MOH to adopt a calibrated enforcement approach, working collaboratively with GPs to resolve technical challenges rather than defaulting to penalties. This is crucial for building a genuine partnership with community practitioners. May I ask how MOH will ensure it has sufficient technical professionals and resources on the ground to assist clinics in implementing these changes on time?

The Bill rightly seeks to enable seamless data transition between Government hospitals and community healthcare partners. This is vital for the continuity of care as patients move from acute to community settings.

This framework is sound. However, we must ensure that the data transition process is not merely technically compliant, but genuinely supportive of community-based practitioners. When a patient is discharged from a Government hospital, the community GP or AHP taking over care should receive comprehensive, timely, clinically relevant information.

Further, as private community healthcare organisations mature in governance and systems, they should be progressively included in the Fourth Schedule of the Bill. This would extend data sharing arrangements beyond public institutions, strengthening care continuity across the entire healthcare ecosystem.

AHPs – physiotherapists, radiographers, occupational therapists, speech and language therapists and radiation therapists – play indispensable roles in patient care and should have access to relevant NEHR information. In particular, AHPs are crucial in managing chronic conditions, rehabilitation and preventive care in the community and outpatient settings. They need access to medication histories, adverse drug reactions, recent investigations and relevant diagnoses to deliver safe and effective care.

For them, access to relevant NEHR information is not optional. It is essential. Yet, the stakeholder feedback indicates concerns about whether all AHPs will have equal access rights and whether sufficient safeguards exist to ensure they access only clinically relevant information for their specific roles.

The Bill provides role-based access controls, ensuring AHPs can only access data relevant to their duties. This is appropriate. But I urge MOH to go further.

First, establish clear practice guidelines for each AHP profession, specifying what NEHR data is relevant and when access is clinically justified. This removes ambiguity and supports professional judgement. Second, ensure that AHP associations are active partners in training and upskilling of their members on NEHR use, medico-legal responsibilities and safeguards. The MOH will publish guidelines on appropriate use of NEHR to address medico-legal concerns, but professional bodies should help manage implementation through their own continuing education programmes. If we want integrated care, we must empower every professional who contributes to it.

Finally, Mr Speaker, let me turn to the issue of data protection. Trust is the currency of healthcare. Patients must feel confident that their most sensitive information is safeguarded. Healthcare providers must report data breaches to MOH and affected individuals if the breaches result in significant harm. This is sensible for large-scale incidents. But what of smaller breaches, affecting 50, 100 or 200 people?

May I seek the Minister's assurance on four points.

First, all breaches, regardless of scale, must be assessed and remedied. The MOH's enforcement will take seriously even breaches affecting small numbers of people. Two, patients should be notified of significant breaches affecting any number of individuals. Three, repeated smaller breaches that reveal systemic vulnerabilities must trigger decisive corrective action. Four, patients should be able to view access logs for their records and flag suspicious activity to MOH. Citizen monitoring can be a powerful supplement to regulatory oversight.

Mr Speaker, the HIB is a decisive step towards integrated, secure, patient-centric digital healthcare. With targeted support for community practitioners, robust data transition frameworks, enhanced support for AHPs and clear safeguards for smaller data breaches, this Bill can deliver genuine benefits while protecting patient privacy and maintaining trust.

If we succeed, this Bill will not only strengthen our healthcare system but also deepen the confidence of Singaporeans in it. I support this Bill.

Mr Speaker: Dr Haresh Singaraju.

6.45 pm

Dr Haresh Singaraju (Nominated Member): Mr Speaker, I wish to declare that I am a family physician with the National University Polyclinics. I am a father of young children. Growing up in the heartland and now serving in public healthcare, I have lived and worked among Singaporeans across generations, across every walk of life.

Every day, I sit across the table from patients: the uncle in his 60s managing six chronic conditions; the young mother bringing her newborn for a jaundice review, hoping the hospital's records have already reached me; the elderly auntie who cannot remember which medicines to take; and the caregivers, trying to make sense of it all for loved ones who cannot.

They come because they trust we will help them make sense of a system that can feel overwhelming. And I work alongside nurses, care coordinators, allied health staff, administrators and fellow doctors. People who entered healthcare to help, doing their best under difficult conditions. I speak today for both: for patients and families who depend on the system and for healthcare workers who make it work.

Mr Speaker, the vision behind this Bill is right. One patient, one health summary, one care journey. Information that follows the patient. Fewer duplicated tests. Fewer medication errors. Better patient safety. Better clinical decisions.

The Bill sets clear boundaries. Clause 6 – excluded purposes: employment and insurance related matters. Clause 38 makes it an offence to access the NEHR, for these purposes. Penalties are serious.

Patients must trust that their health information will not be used against them. These protections matter. But the Bill is only as good as the trust it builds, from patients and from providers. I have three observations.

First, the boundaries are clear, the grey zone is not. The Bill tells us what we must not do, but not what we must do, or how much is enough. A patient comes to see me. Cough for two weeks. No clinical red flag features. I take a history, examine her and I am satisfied. Likely a viral or post-viral cough. I treat her symptomatically. I do not access the NEHR. Three months later, it turns out she had early lung cancer. A CT scan done elsewhere six months ago showed a lung nodule. It was in NEHR. I did not see it. Was I wrong? I had no reason to suspect cancer. My clinical assessment was adequate. But the information was there.

Consider the reverse. I access NEHR. Years of records. Hundreds of entries. How deep must I go? How wide? If I click "Result A" but not the adjacent "Result B" because it seems unrelated to the current consult, is that reasonable? Or will I be asked, later, why I did not check?

Clause 99 protects those who act in good faith and with reasonable care, but it does not define what reasonable care looks like. In practice, clinicians exercise professional judgement every day. But what does reasonable care and professional judgement look like with 10 minutes of consultation time and 10 years of records?

I am not asking for immunity from accountability. I am asking for clarity. Clarity on what reasonable access looks like. What constitutes adequate review. How we should document the choices we make, against the ever-increasing complexity and demands of clinical care.

And this guidance must be sustained. Not a one-time circular, but updated as systems and practice evolve. Without this, clinicians will practise hesitantly. Some will over-access, lost in screens. Others will under-access, afraid of what they might find. Neither serves patients.

I ask the Minister: will the Ministry commit to facilitating and supporting the development of clear, practical guidance, in consultation with the profession, on what constitutes reasonable access and review?

Next, governance is central, enablement must be central too. NEHR is centrally governed. Standards are set by the Ministry, but implementation is local and the burden falls unevenly.

Public institutions have the resources to maintain systems, keep them updated and respond when things go wrong. We cannot say the same for private practice. I still speak to friends from medical school, former colleagues now in private practice. The solo GP in Bedok, the small group practice in Jurong: they face the same data security and breach reporting standards under Parts 4 and 5, with far fewer resources. I know senior doctors, still sharp, still caring, who are thinking of hanging up their white coats early. Not because they cannot practise medicine, but because they cannot keep up with the infrastructural demands.

Clinicians should be caring for patients, not managing systems. I do not argue for lower standards. Patient data must be protected, but enablement must match governance. Central standards require central support and this support must be sustained, not just during roll-out. If we expect doctor-patient relationships to last decades, the support must last too.

I ask the Minister: will there be dedicated, sustained support for smaller practices? This could take many forms: shared IT services, pooled cybersecurity monitoring, simplified compliance pathways. Existing structures like Primary Care Networks could be leveraged. These need not be free, but they must be accessible and sustained; not tapering off after implementation, but continuing for as long as the obligations continue.

Third, portability must align with continuity. Part 7 provides for portability of health information. Patients can request their records be transferred. This is right. Patients should control their own information. But there is a tension. Healthier SG encourages patients to build long-term relationships with one family doctor. Continuity improves outcomes. Trust takes time and NEHR supports this, giving access to specialist and hospital records, enabling coordinated care. Yet, seamless portability makes it easier to move between private providers. If records follow effortlessly, why stay with one doctor?

I am not suggesting we restrict portability. There are valid reasons to change primary providers: relocation, a breakdown in relationship perhaps. But if portability inadvertently undermines continuity, NEHR risks enabling fragmentation. Episodic care from whichever provider is nearest, cheapest or most convenient, leading to wasted resources.

The technology is neutral. The outcomes depend on policy coherence. I ask the Minister: what measures will ensure that portability reinforces, rather than weakens, the care relationships Healthier SG seeks to build?

In closing, Mr Speaker, this Bill matters. It matters to the patient hoping the next doctor knows what the last one did. It matters to the clinician wanting to do the right thing but uncertain of the rules. It matters to the small practice owner worried about compliance. Legislation alone does not build trust. Trust is built through clarity, through support, through coherence between policies meant to work together. While I support this Bill, I urge the Minister to address these concerns, please.

Mr Speaker: Mr David Hoe.

6.53 pm

Mr David Hoe (Jurong East-Bukit Batok): Mr Speaker, Sir, I am speaking in support of the HIB. At the very core, the Bill addresses a very real and familiar problem in the healthcare today: information does not follow the patient always. You see, as care becomes more complex, with more providers, more settings and more chronic conditions, patients often carry their own medical history across the system.

For many Singaporeans, the most stressful part of a health episode is not just the illness alone, but it is the friction that comes along with it. They have to repeat their story with every medical visit. They struggle to recall the medication names – sometimes I do – past dosages, or test results that sit in different institutions. For those caring for ageing parents, they become our human bridge as they juggle between appointment letters, WhatsApp photos of prescriptions and fragmented notes of different providers.

Therefore, having a well-governed national health record reduces this burden. It supports safer handover between stakeholders in the healthcare systems, such as our GPs, specialists, hospitals and community partners. It also lowers the risk of missed allergies, drug interactions and also unnecessary repeated tests that cost time, money and anxiety.

This Bill puts the NEHR system on a clearer legal footing, including governance of access, use and safeguards. For these reasons, I support the intent and direction of this Bill.

That said, Mr Speaker, I would like to raise three broad points which I hope will be used to strengthen trust and confidence in implementation.

My first point pertains to individual regarding sensitive health data and access restrictions. Mr Speaker, not all health information feels the same to all citizens. Sharing information about a cough, a vaccination, a fracture, is usually straightforward.

But many Singaporeans will understandably feel unease when information relates to areas where stigma still exists, such as mental health conditions, sexually transmitted diseases, HIV status, substance abuse, self-harm or records that may expose abuse. The fear is not only about embarrassment, but it is about the consequences that will come along too. Specifically, how would such information affect their employability.

This is why the Bill's safeguards matters, because access is purpose-limited, it is role-based, logged, restrictions are auditable and misuse attracts serious consequences. It gives individuals the ability to impose access restrictions. The ability to impose access restrictions provides individuals with the peace of mind. In essence, it gives that reassurance to say that, "Hey, I can see my records. I can understand my records, and if I wish, I can limit the information the other party can see", which is important because this is how we build trust.

In addition, it is important to reassure Singaporeans clearly by proactively communicating the following, that MOH has stated that NEHR's information is for clinical care and is not accessible by employers or insurers. The message should remain consistent and prominent as the Bill is being implemented.

And against this backdrop, I have two clarifications on this. Firstly, let us agree that not all Singaporeans are digitally competent or confident. As we have seen in the recent Community Development Council (CDC) January vouchers, where even after multiple rounds of education, some seniors still do not feel confident in claiming their vouchers digitally. They still come to our Community Centres to collect hardcopy vouchers.

Against this backdrop, I wonder what assisted pathways will be available for residents who wish to understand and also know how they can manage their access restrictions? Could this include in-person support at polyclinics, hospitals or even trusted community touchpoints, so that the right to impose, to understand access restrictions, it is not only for those who are digitally confident, but for every single Singaporean?

Second, I wonder, will citizens also be able to view their access history in a way that is simple and meaningful; and will MOH also clearly explain what the access history does and does not capture? For example, a resident showed me that if you go to our HealthHub's FAQ page, it says: "Your healthcare professionals may be accessing your records from their own Electronic Medical Records (EMR) systems. Accesses made to your records in their own EMR systems are not included in the National Electronic Health Record Access History." In plain English, what it means is that sometimes doctors and nurses, they see your records through their own systems rather than the NEHR. And what this means is that it would not be captured in the access history, because they are looking for information through their own system. If we want to build trust, then we must be clear what the access history can capture and cannot capture.

Beyond these two questions, that got me thinking about the issue of data completeness. As clinicians document care in their own clinic and hospital systems, the NEHR depends on what is contributed through integration. Other systems abroad also show that governance alone is not enough. Some jurisdictions mandate provider contributions through law, while others rely on technical readiness or voluntary participation.

Regardless, the NEHR will only reach its fullest potential if data contributions are consistent and timely. In our case, beyond reporting required by law, how would MOH encourage strong compliance in the everyday operations, that is required in the core data that is reflected in our Bill, such as medication list, vaccinations administered and also dental notes, and so on.

We need to ensure that this contribution is consistent, prompt, with good quality, across providers. Would there be positive levers such as integration support, performance feedback, recognition of good practices and contributors to be considered for the rest to learn from.

Mr Speaker, my second point pertains to smaller providers, reflecting the unevenness in readiness to implement. Cybersecurity audit and reporting obligations are necessary, but they are operationally demanding. Smaller clinics and some community providers may need more time and practical support to meet new requirements properly.

From my own experience in procuring cyber security services in different roles, significant time and effort goes into spelling out the requirements, finding the right provider, implementing and ensuring user adoption, all that to say, it requires time.

I therefore hope that the implementation of this Bill will be accompanied by the reassurance that: one, transition timelines will take into account of capacity of smaller providers; two, implementation support will be sustained and ongoing beyond simply the launch period. In practical terms, what this could look like means standard templates, shared tools, training resources, a clear helpdesk and escalation pathway and where necessary, support to uplift baseline cyber security since the system is only as strong as its weakest link.

Finally, Mr Speaker, I would like to raise a practical continuity of care issues brought up by some Singaporeans that I have had conversations with. In these interactions, a Singaporean shared with me, and I also understand so, because I have experienced that through my friends who are young parents as well. They shared that some of them would prefer to go overseas for screenings or procedures, because they perceive it to be cheaper and/or faster. For instance, with the initiative such as the Johor-Singapore Special Economic Zone and the MOU on Corporation in Health signed in December 2025, I think we are likely to see closer health linkages and maybe more Singaporeans might go up north for medical screening and treatments in the near future.

However, information generated overseas will not automatically be captured in our national health record system, so I would like to seek the Ministry's view on information generated overseas. In particular, would the Ministry consider capturing reliable and credible health information data from abroad in our system? Because in my experience when I spoke with some parents, when they have newly-born, they are quite excited to search for and know the gender of the child. They would go overseas to do a quick test so that they will know whether it is a boy or a girl.

Is there even a possibility for Singapore residents to share the clinically relevant overseas finding with Singapore providers in a way that clinicians can validate and incorporate safely? Of course, this should be considered with the intent that any integration of overseas health information should be done to strengthen our continuity of care and not compromise data quality and clinical safety.

Mr Speaker, in sum, the HIB is a necessary step for our modern healthcare system. If implemented with clear communication, assisted access pathways, and credible transparency, this Bill can help Singapore build a health data ecosystem that is both enabling and trusted. With this point, Mr Speaker, I support the Bill.

Mr Speaker: Dr Hamid Razak.

7.04 pm

Dr Hamid Razak (West Coast-Jurong West): Mr Speaker, Sir, I rise in support of the HIB. Before that, I declare my interest as an orthopaedic surgeon currently in private practice.

Drawing from both my clinical experience and ground feedback that I have gathered, I will focus my remarks on two areas that have surfaced repeatedly: one, the practical realities faced by clinicians, particularly in smaller healthcare settings; and two, the importance of patient trust, supported by robust access and privacy safeguards.

Mr Speaker, as clinicians, we do see every day how fragmented information can compromise care: duplicated tests; missed drug allergies or interactions; incomplete histories, especially for seniors with multiple medical problems. At the same time, many doctors, particularly those in smaller GP practices, specialist clinics and dental clinics, have raised practical questions about how this Bill affects their medico-legal responsibilities. I think this was alluded to earlier by Dr Haresh as well.

First, I would like to seek clarification from the Minister on the intended role of the NEHR in daily clinical practice. Can the Minister confirm that the NEHR is positioned as a supplementary clinical tool, and not a mandatory step that must be accessed in every single consultation?

Such clarity is important. Good medicine still begins with history-taking, physical examination, and the doctor's professional judgment, based on the presentation of the patient at that material point in time. Digital tools should enhance clinical decision-making, not replace it. Clear articulation of this principle will help address concerns that clinicians could be exposed to liability simply for not accessing NEHR in every encounter.

Second, clarity in guidance will be essential. As clinicians are required to contribute to and access NEHR responsibly, clear, practical guidelines on appropriate use will help healthcare professionals act with confidence: firstly, knowing when access is appropriate; next, how to document decisions made on the access of NEHR data; and then, how to meet their obligations without fear of inadvertent non-compliance. I therefore welcome the Ministry's intention to provide guidance and training to all healthcare professionals.

Third, I wish to speak for smaller providers who are concerned about cybersecurity and data protection requirements. Unlike large institutions, many smaller clinics operate with limited manpower and resources, as already alluded to by previous speakers. In this regard, I do welcome the funding support and the use of whitelisted systems to help smaller providers comply safely and securely. A calibrated enforcement posture, coupled with practical assistance, will be key to ensuring that compliance strengthens care rather than becoming an administrative burden.

Ultimately, Mr Speaker, clinicians want to do the right thing for their patients and for the healthcare system. This Bill works best when it enables clinicians, rather than paralyse them.

Mr Speaker, the second area I wish to address is patient trust. Trust is the bedrock of healthcare. Patients share deeply personal information because they trust it will be used solely for their care and not to disadvantage them in any way.

Unfortunately, on the ground, I personally have seen instances that undermine this trust. There have been cases where insurers have written to multiple clinics in the vicinity of a patient's residence, seeking information about the patient's medical history in the context of an insurance claim. These broad and often non-specific requests are deeply troubling because they go back in years. They ask about someone presenting with a particular symptom, 10 to 15 years before the current claim is being made. This places our clinicians in a very difficult position and risk compromising confidentiality between providers who may actually have no direct care relationship with the patient. These practices underscore why clear legal boundaries around access and use of health information are essential.

In this regard, I strongly support the safeguards embedded in this Bill. I understand that access to the NEHR will be both role based and purpose specific. Healthcare professionals may only access records for patients under their own care and only for direct patient care purposes. Crucially, the Bill explicitly prohibits access for employment and insurance purposes, except in narrowly defined statutory medical examinations. This clarity sends a strong and necessary signal and directly addresses public concerns about misuse.

I also welcome the transparency features enabled through HealthHub. Patients will be able to see who has accessed their records, restrict access where appropriate, and flag potential misuse. These features reinforce accountability and uphold public confidence.

Importantly, this Bill maintains a careful balance. Even when patients apply restrictions, a core set of critical health information, and full access in genuine medical emergencies, will remain available. This ensures that patient autonomy does not inadvertently compromise patient safety.

I was glad to hear fellow Member Mr Fadli prioritise patient autonomy in his speech earlier. This is why I believe a restricted access approach, rather than a complete opt-out approach would be more beneficial to patients, clearly demonstrating that in medical emergencies in the case of an opt-out system, critical information more not be available to the attending physicians.

Mr Speaker, related to this, I would like to seek clarification on how the Bill considers continuity of health information for vulnerable populations who receive care outside the conventional healthcare system. This includes inmates under the care of the Singapore Prison Service.

As we aspire to have inmates eventually transition back into the community or require care in our public healthcare institutions, timely access to critical medical information can be important for their safety and continuity of care. I seek the Minister's clarification on how such health information is treated within the broader framework of the NEHR and how safeguards are applied in these contexts.

Finally, I would like to seek the Minister's clarification on how the Bill safeguards particularly sensitive health information, including mental health data, and the penalties in place to deter misuse. Such safeguards are critical in protecting dignity and sustaining trust, especially for patients who already feel vulnerable at the point of care.

Mr Speaker, this Bill is not ultimately about data or systems. It is about ensuring that clinicians have the right information at the right time, that patients retain dignity, privacy and autonomy, and that trust remains the foundation of our healthcare system. When trust is preserved, seamless care becomes possible. For any healthcare system to function well, healthcare providers must trust the system, patients must trust the system and the healthcare system must be worthy of that trust.

With the safeguards for patients, clarity for providers, and support for implementation, I support this Bill.

7.13 pm

Mr Speaker: Order. I propose to take a break now. I suspend the Sitting and will take the Chair at 7.25 pm.

Sitting accordingly suspended

at 7.13 pm until 7.25 pm.

Sitting resumed at 7.25 pm.

[Speaker in the Chair]

Health Information Bill

Debate resumed.

Mr Speaker: Senior Minister of State Tan Kiat How.

7.25 pm

Mr Tan Kiat How: Mr Speaker, I thank all the Members who have spoken, for supporting the Bill, especially our new Nominated Members, Ms Kuah and Dr Haresh, contributing to the debate on the first day they are sworn in.

Sir, only by enabling data sharing and a unified health summary for each patient, can we support continuity of care when patients move between different healthcare settings and receive care from multiple healthcare providers.

The Members have raised a number of thoughtful views and constructive comments which I will address in four broad themes.

But before I do that, I would like to address the points made by the Member Mr Kenneth Tiong around the organisation of and his views on Synapxe, the health tech agency that implements many of the IT projects in MOH. As that topic does not pertain to the specifics of the HIB, I encourage Mr Tiong to raise a separate Parliamentary Question or raise the issue separately from today's debate. But suffice to say that Synapxe is not a commercial entity. Its fundamental role is to support MOH in delivering digital health and IT services to benefit the healthcare clusters to deliver better healthcare services to our Singaporeans.

Let me now turn to the substance of the Bill. There are four broad themes of comments that came in. First, it is around the safeguards for patients. Second, the obligations and support measures for healthcare providers. Third, the support measures for healthcare professionals. And fourthly, the sharing of non-NEHR health information. Let me start with the safeguards for patients.

Mr Yip Hon Weng, Mr David Hoe, Dr Wan Rizal, Dr Hamid Razak and Mr Fadili Fawzi highlighted the importance of safeguarding access to and the use of patients' NEHR information. And this has been a focus for us when we carried out the public consultation and prepared this Bill. There are broadly two sets of concerns that we hear from individuals.

The first is how a patient's NEHR information will be adequately safeguarded and accessed only as needed by healthcare professionals and providers. Of special concern is the access to health information that may be deemed more sensitive. There were also related questions about the Access Restriction feature. So, that is the first set of concerns. The second is around whether their NEHR information would be used beyond healthcare, such as for employment and insurance purposes.

Let me touch on the first set of concerns. Sir, we are not starting from scratch. We have been operating the NEHR for 15 years. Importantly, the vast majority of healthcare providers are already onboard – all public healthcare institutions, most private hospitals and the bulk of the GP clinics. So, this is a system that has been operating for many years. And we have built in various ex-ante safeguards into the design of the NEHR. This includes role-based access, such that authorised healthcare professionals can only access the types of health information required for their specific patient care roles. We also have technical controls and regular ex-post audits to flag unauthorised accesses to the NEHR.

With the HIB, we are enhancing the legislative safeguards and stiffening penalties for unauthorised access.

First-time offences of unauthorised access of NEHR are punishable with a maximum fine of $50,000 and/or up to two years' imprisonment upon conviction. And the penalty is doubled for repeat offenders. Healthcare professionals who access NEHR in an unauthorised manner could also be referred to the relevant Professional Boards or Councils for further action.

Mr Dennis Tan spoke about offences and whether the $1 million maximum fine was sufficient. Sir, the regimes he compared with as well as PDPA that he referred to, do not have criminal prosecution. The breaches to the HIB are serious and we take this seriously. For example, a conviction involves not just fines, it is imprisonment as well. But more basically, we take an approach that is more supportive, working together with our healthcare providers, the healthcare professionals. These are people – nurses, clinicians and administrators, who want to do well, who want to serve the patients, who want to take care of the patients. And we want to take a supportive role and approach to uplift data security and cybersecurity postures, not a punitive approach.

Mr Alex Yeo asked about audits on unauthorised accesses of the NEHR and Mr Tiong asked if Synapxe would proactively monitor against unauthorised access. Synapxe, the NEHR system operator, conducts regular audits and ongoing monitoring to detect suspicious behaviour or atypical patterns, including in response to patient alerts. For example, accessing the NEHR information of a patient who has not recently visited any healthcare provider is a flag. Synapxe will conduct investigations to determine whether an unauthorised access has occurred. Synapxe will regularly review its audit plans, including frequency, best practices and the use of new tools like artificial intelligence to ensure that the regime is robust.

In addition, instances when a patient's NEHR information is accessed over the preceding 12 months will be made known to him through the "NEHR Access History" feature in the HealthHub application. This provides an additional layer of transparency. Patients can monitor which healthcare providers have accessed their NEHR information and flag any unauthorised access to the authorities for investigation.

The logs will show access at the healthcare institution level to keep the function simple, useable and practical. In a multi-disciplinary team, healthcare professionals across different roles may access the patient's NEHR information at different times of the patient's care journey. Depending on the patient's condition, it is also not uncommon for nurses, pharmacists or allied health professionals to need access. In our healthcare system, the institution is ultimately responsible for care to its patient.

I would like to take the opportunity to clarify the comment made by Mr David Hoe. HealthHub access logs will show all accesses to NEHR, regardless of whether the access is through EMR or the portal. So, just to clarify on his point earlier.

Sir, I would like to assure Mr Hoe, Mr Fadli and Mr Yip that we will seek users' feedback when reviewing the interface to ensure it is simple and user-friendly.

Mr Speaker, we understand that some patients are particularly concerned about access to health information that may be deemed more sensitive. Mr Louis Chua, Mr Yip, Dr Hamid, Mr Hoe and Mr Tiong have commented on the need for safeguards for such information. Such health information includes sexually transmitted infections, delusional disorders and schizophrenia. The diagnoses and test results that confirm the condition are subject to additional safeguards.

First, there are restrictions on who can access this information. Only a select group of healthcare professionals are allowed to access this information, based on their role in caring for the patient diagnosed with the health condition. For example, a nurse who is working in a psychiatric ward will have access to the psychiatric condition of the patient he or she is caring for. So, that is the first control.

Second, before an authorised healthcare professional can access these types of health information, they will be subject to a double log-in, which requires the authorised healthcare professional to re-verify their credentials before access. This ensures that such information is only accessed when needed and avoids accidental access. Accesses to such health information are more closely audited by Synapxe and cases of unauthorised access to NEHR information will be investigated and penalties imposed.

Sir, we appreciate that despite all these safeguards, some patients may still have privacy concerns. To assuage the concerns of these patients, the HIB will allow patients to restrict healthcare providers from accessing their NEHR information or we call this "Access Restrictions" in the Bill. As I mentioned earlier in my opening speech, we do not encourage this, as it could lead to adverse impact on care delivery for the patient.

To address the queries raised by Members, the Access Restrictions have been designed to balance the impact to patient care; considering the welfare and interest of the patient, while taking into consideration their concerns around privacy.

So, patients may restrict access to their NEHR information at the healthcare institution level, but not at an individual healthcare professional level. As I have mentioned earlier, care delivery is team-based and increasingly multi-disciplinary. It is not operationally feasible to restrict access to specific healthcare professionals but not others, when they all work in a team, in the same healthcare institution. This is aligned with good practices we observed elsewhere, like in Australia.

Health information will be contributed to NEHR even if Access Restrictions are in place. As pointed out by Dr Hamid, who brings in a practitioner's perspective, an incomplete record, including if individuals opt not to contribute select healthcare information deemed to be more sensitive, will significantly reduce the utility of NEHR in supporting healthcare professionals to provide quality care and could pose a safety risk.

In certain situations, access to such records in a timely manner could save lives, as I mentioned earlier in my opening speech. One example would be when a doctor or pharmacist needs to have the ability to access drug interactions and his job is hindered due to incomplete medication information, the patient could suffer unintended consequences, especially in emergency situations when the patient may not be able to respond.

It also ensures that if patients change their mind in future, for instance, when they are older and remove such Access Restrictions, there would be no gap in NEHR information and this was a valuable learning point when MOH colleagues engaged other jurisdictions. The approach we are adopting aims to achieve a balance between patient choice and ensuring that patients receive better and more coordinated patient care.

Sir, in summary, healthcare providers would be granted access to NEHR to support patients' continuity of care across healthcare settings by default. Patients may, however, restrict access to all healthcare providers, or from the second half of 2026, limit access so that only select healthcare providers, such as their own Healthier SG clinic, may access their NEHR information. Whilst in place, restricted healthcare providers will not be able to, unless required by other written law, access the patient's NEHR information, except for the essential subset of records that cover allergies and vaccination records.

Next, I would like to also thank Members like Mr Yip, Mr Hoe, Mr Chua, Mr Fadli and Ms Kuah Boon Theng for highlighting the importance of educating the public on the implications of placing Access Restrictions and supporting patients who are less digitally savvy. We are likewise mindful of this point.

MOH will work with the healthcare institutions to set-up physical touchpoints for those who require help with placing Access Restrictions and help them understand the implications of doing so. Alternatively, patients may seek the help of trusted individuals, like their family members and caregivers to place Access Restrictions on their behalf.

Mr Yip raised the concern that the act of placing an Access Restriction may itself become a source of stigma or adverse inference. This Access Restriction will be known only to the healthcare providers managing the patient and all healthcare professionals are bound by their respective professional bodies' ethical codes and ethical guidelines to treat all patients fairly and without prejudice.

Let me now move to queries around NEHR access by insurers and employers. We understand Singaporeans' concerns about the potential discrimination or stigmatisation they may face if their health information is revealed to their employer or insurer. On this, I would like to reiterate three points that I have made earlier in my opening speech.

First, insurers and employers do not and will not have access to NEHR. Second, healthcare professionals are also prohibited from accessing NEHR for employment or insurance purposes, except for prescribed statutory medical examinations, which I will talk on later, or where authorised by other written law or Order of the Court. Third, the HIB imposes strict penalties for any unauthorised access to NEHR, with higher penalties for prohibited employment or insurance purposes.

Dr Wan Rizal asked whether statutory medical examinations may provide a backdoor for employers to gain access to NEHR information. The list of statutory medical examinations that is in the Bill is tightly scoped to those where NEHR access is necessary to protect the public and safeguard the health of the individual. This is the key principle.

We have no plans to expand this list to include employment-related screenings that are not necessary to protect the public and the individual. The current practice for employment-related screenings will remain – where doctors rely on their history-taking, clinical assessment and their own existing medical records for the individual, if any, without access to NEHR.

On Mr Yeo's query, on whether MOH would consider allowing individuals to give consent for their NEHR information to be accessed for insurance purposes for some situations, I would like to reiterate that NEHR is primarily for patient care purposes. When insurers request for health information, the current practice is for healthcare providers and professionals to rely on their medical records and patient interactions, which include history-taking, as well as physical examinations, to prepare the necessary reports for the insurer. This will continue to be the case after the HIB is enacted. NEHR must not be accessed for such insurance- and employment-related checks.

To Mr Tiong's query, healthcare providers and professionals should prepare separate medical reports, memos or clinical summaries for the insurer, instead of providing their raw medical records, such as printouts from their clinical medical records. This is because raw medical records contain extensive information, including potentially irrelevant information.

Where NEHR information is referred to during a medical examination, information relevant to the episode would be validated or confirmed with the patient during history taking and may be captured in the provider's own medical records, together with the doctor's clinical assessment. Such information would then be treated as part of the provider's own medical records. Healthcare providers and professionals will need to carefully assess what information in their own medical records is relevant and necessary to include in the report provided to an insurer.

MOH has issued a circular to healthcare providers and a guidance note to insurers to clearly state these positions. Healthcare providers may inform MOH if there are any inappropriate requests for NEHR information for insurance purposes.

Sir, let me now address questions about the contribution requirements in the Bill. Dr Haresh asked if mandatory contributions, coupled with access will encourage episodic care affecting initiatives, such as Healthier SG, which encourages building a trusted relationship between patients and their family doctors. Mr Hoe asked about the requirement to contribute information in a timely and accurate manner and the treatment of overseas medical records. Mr Fadli Fawzi asked about the level of details of key health information to be contributed to NEHR.

The Bill requires healthcare providers to contribute accurate and complete health information in a timely manner. This ultimately benefits patients by enabling their healthcare providers to access all relevant health information to provide the best care. Take a Healthier SG family doctor as an example. The bill will allow the doctor to deliver better patient care, taking account of the patient's medical history across different settings, including private specialist clinics.

This enables the doctor to build a trusted, and hopefully lifelong relationship towards better health outcomes. And to help healthcare providers comply with the contribution requirements in the Bill, we have whitelisted health information management systems (HIMS) that have the requisite technical features and encourage all healthcare providers to subscribe to these HIMS.

On overseas medical records, the HIB only applies within Singapore. Nevertheless, patients can bring their overseas health records to their local healthcare providers, who may then incorporate relevant information into their own medical records and once incorporated, these records will be contributed to NEHR.

To Dr Hamid's query on whether populations who receive care outside the conventional system, such as prison inmates, would benefit from the Bill, I would like to assure the Member that all Singaporeans key health information, including those under the care of the Singapore Prison Service, will be contributed to NEHR.

To Mr Fadli's query, NEHR is designed to be a "One Health Summary". We will only require the contribution of health information prescribed in the First Schedule of the Bill and not the doctor's detailed clinical notes. The design of the system and the data pipes take in only the prescribed data types.

For example, if a patient has diabetes and is prescribed with insulin, the doctor will only contribute "diabetes" as a diagnosis and "insulin" as the medication. So, only information that is needed for continuity of care.

Sir, let me now turn to Dr Choo Pei Ling's suggestion to extend NEHR access to other users, such as allied health professionals working outside of licensed institutions. I would like to thank Dr Choo for her suggestion to extend the access to other users. However, I would like to reiterate that the primary purpose of the NEHR is to support and enhance the continuity of care for patients. Hence, the HIB provides for NEHR access for licensed healthcare institutions. Within these institutions, NEHR access is only provided for healthcare professionals with clinical or care planning roles. This is the core principle governing NEHR access.

However, we recognise that as care models develop and evolve, we may need to grant new providers or services access to NEHR. In doing so, we will consider factors such as whether NEHR information is required for that role and whether the provider or service is able to comply with the HIB's requirements. Prior to changing the scope of providers that may access NEHR, we will consult relevant stakeholders and publicly communicate the changes through the MOH website.

Sir, Mr Louis Chua, Mr Yip and Mr Fadli Fawzi also asked about the sharing of NEHR information for non-patient care purposes under the HIB or other written laws such as the Criminal Procedure Code 2010.

NEHR was set up to facilitate patient care and the information within NEHR is primarily intended to be shared across healthcare providers for that purpose. This is a consistent principle adopted by other jurisdictions that we have studied.

MOH is of the view that identifiable health information should generally be interpreted and managed by qualified healthcare professionals. Parties from outside the healthcare sector generally do not require identifiable health information for non-healthcare-related purposes. Therefore, when parties seek MOH's views on this, MOH will suggest that such parties consider alternative data sources or ways of achieving its policy intent instead of using NEHR information or involve qualified healthcare professionals to partner parties in meeting the intent.

For public health purposes under the HIB, NEHR information may be needed in certain situations, for example, to quickly identify and enable healthcare providers to contact affected patients in the event of a major drug contamination incident. Another example is in the event of an outbreak of a serious infectious disease, there may not be sufficient time nor would it be feasible to seek consent from individuals to use their NEHR information to contain the outbreak. De-identified NEHR information may also be needed for public policy analysis and planning purposes, such as to review healthcare utilisation trends or to analyse the cost effectiveness of medicines.

I have given some examples to the queries raised by Members on the scenarios in which those clauses apply.

As a general rule, MOH will ensure requests for NEHR information have sound basis before supporting it. For all supported requests, whether from private entities such as academic institutions and health-related organisations or from public agencies under other written laws, MOH will share only the necessary data required to fulfil the intent.

Let me give another example to illustrate my point. For example, for requests from the Police to locate missing persons, we only provide administrative information about visits to healthcare providers without details of the patient's medical condition. This enables the Police to confirm if missing persons have been warded in an emergency and in turn alert worried family members. Requesting parties will also be required to protect the data against loss and against unauthorised access, use, modification, disclosure or other misuse.

Mr Chua and Mr Fadli asked specifically about the use of NEHR for research. De-identified NEHR health information may be shared through established platforms such as TRUST under the National Research Foundation for research purposes. This could include training for artificial intelligence models.

Where requests are received from commercial parties, possibly for commercial purposes, we are extremely cautious in assessing such requests, including whether the sharing of such data is helpful in contributing to better healthcare and better health outcomes. Primarily, NEHR is for continuity of care and for public health purposes, not for commercial purposes.

Mr Chua suggested allowing Access Restrictions to be applied to the sharing of NEHR information for broader public health interest purposes such as policy planning and analysis. This is not advisable as it could lead to incomplete analysis and would undermine the utility of NEHR informing national policies and planning.

Sir, now, let me turn to the third topic on resilience and security of the system.

A number of Members, including Mr Yip and Mr Dennis Tan asked about the resilience and security standards for NEHR, particularly in light of the SingHealth data breach in 2018. I would like to reassure Members that MOH has taken in the recommendations under the Public Sector Data Security Review Committee conducted in 2019. And NEHR is complying with the relevant resilience and security requirements for Government systems recommended by this committee. NEHR is subject to security and resilience audits, with vulnerability scans, penetration tests and exercises carried out regularly to ensure that systems are secure and backup systems are operational in the event of a downtime.

I must add that, really, the lesson from the SingHealth data breach is that we were open and transparent about the issue, convened a Committee of Inquiry, learned our lessons, applied them and made sure we work very hard to prevent such breaches from recurring. We took those lessons to heart as we built up our cybersecurity and data security standards. We have done so over the years.

Additionally, there are several lines of defence before the NEHR database, with intrusion detection at various parts of the network. Timely hardware, software and application upgrades are implemented, which include security patches as well as security controls to detect and block suspicious traffic from external sources.

MOH and Synapxe will continue to work with the Cyber Security Agency of Singapore, GovTech and independent auditing firms to conduct regular cybersecurity reviews and security assessments.

I would also like to thank Mr Yip for his feedback on the need to make NEHR more user-friendly. I assure him we will continue to invest in the improvement of NEHR's technology and features to help healthcare providers quickly identify the most relevant information for their patients.

Relatedly, Mr Yip, Dr Choo, Mr Hoe, Ms Joan Pereira and a number of Members like Mr Fadli Fawzi, Mr Tiong and Mr Dennis Tan asked for further details on the cybersecurity and incident management requirements, including their feasibility and the availability of MOH support.

Sir, I would like to clarify that today, healthcare providers are already required to make reasonable security arrangements to protect personal health information. This is an existing requirement in laws such as the Personal Data Protection Act and Healthcare Services Act 2020.

The Bill's cybersecurity and data security requirements are based on these existing standards and legal requirements, but contextualised for the healthcare sector. These include frameworks such as the Cyber Security Agency of Singapore's Cyber Essentials Mark and the Infocomm Media Development Authority's Data Protection Essentials, which were designed to be accessible and implementable by smaller organisations.

Examples of these requirements include the use of anti-malware solutions and firewalls in computers, the backing up of essential business information and data storage practices. Healthcare providers will also need to train their staff on cyber-hygiene and data governance practices to ensure safe and secure access to health information.

On the incident management framework, healthcare providers and their HIMS providers must put in place a framework to identify, resolve and mitigate cybersecurity and data breaches. This includes notifying MOH of prescribed security incidents and implementing mechanisms and processes to detect and respond to incidents such as ransomware attacks or unauthorised access to NEHR.

But even with the best preventive measures, a data breach may still occur. Healthcare providers will be required to notify MOH and affected individuals of significant data breaches. Once notified, MOH will work with the healthcare providers to understand the root cause of the breach, the extent of the data exposed, the potential harm to patients, and the containment and mitigation measures that need to be implemented.

In the event of any data breach, healthcare providers are expected to take necessary measures to remediate the situation and prevent such incidents from occurring again. Where MOH is of the view that the mitigation or preventive measures are inadequate, we will work with the healthcare providers on implementing the appropriate measures.

To Mr Fadli Fawzi's query on how significant harm will be defined, if a data breach causes or is likely to cause significant harm to an individual, for example, if it involves disclosure of health information that may be deemed more sensitive, healthcare providers must notify the affected individuals on or after notifying MOH.

Additionally, MOH will only require significant breaches to be notified in alignment with the approach under existing legal frameworks such as the PDPA. These details will be set out in subsidiary legislation.

Let me now turn to the support measures for healthcare providers. I appreciate the concerns that Members have raised about the support needed for smaller providers, especially smaller GP clinics. I mentioned earlier that with Healthier SG, most GP clinics have already onboarded to NEHR, with the support of MOH.

MOH recognises the importance of providing healthcare providers with reasonable time to comply with the HIB requirements and will offer the necessary support for healthcare providers to prepare and adapt their systems and processes. We see them as a valuable partner in supporting the continuity of care in the community.

Our support package will include measures to defray costs of subscription to whitelisted HIB-compliant HIMS to digitalise their clinical records and to contribute data to NEHR more seamlessly. There are also other support packages to engage professional services from whitelisted service providers to implement cyber and data security requirements.

Additionally, resources, guidance materials and training programmes will be available to help healthcare providers, including our community health partners, to meet the HIB cybersecurity and data protection requirements on an ongoing basis.

We would like to reassure providers that with this support in place, healthcare providers will be better enabled and supported to implement the relevant requirements.

We acknowledge the concerns raised by Mr Yip about potential fear-mongering tactics by some vendors. To address this, MOH is developing basic service packages specifically tailored to the needs of solo practitioners and small and medium enterprises so that they can self-help and prevent overselling of unnecessary services. We are also establishing clear guidelines for whitelisted service providers on appropriate engagement practices and transparent pricing. Healthcare providers that encounter unethical practices by whitelisted service providers can report them to MOH.

Additionally, we recognise that there is a small group of what Members call the pen-and-paper clinics that may face challenges in digitalising their clinics and meeting the Bill's requirements. As Members highlighted, these clinics may require additional implementation support.

Sir, digitalisation is becoming key to the provision of healthcare. It is critical for clinical documentation, transmission of information between providers and laboratories, and supports timely coordination with other providers.

Today, most clinics already have some form of IT system for clinic management, accounting and billing. Going forward, digital tools will increasingly become important, enabling clinics to rely on clinical decision support systems to close care gaps and deliver safer care. Therefore, in recent years, we have strengthened the digitalisation in the private primary care sector to support Healthier SG and other national initiatives.

Today, about 1,100 Healthier SG clinics are onboard suitable Clinic Management Systems and contribute to NEHR. Across the GP sector, more than 80% of them are on Clinic Management Systems. So, there are a large number of clinics, a vast number of them, already embarking on the digitalisation efforts. And we are supporting the remaining clinics to digitalise and onboard suitable systems to enable better delivery of care.

To Ms Joan Pereira's query if smaller clinics could collaborate on shared resources, this is a good idea for smaller clinics to explore. Currently, clinics can already join the Primary Care Networks (PCNs). PCNs not only provide peer leadership and support to small or solo GP practices, they also offer administrative assistance through the PCN headquarters. The PCNs will continue to offer advice and support to member clinics, share resources to smoothen the clinics' journey in digitalisation and fulfilling NEHR contribution. We will further consider Mr Dennis Tan's and Ms Pereira's suggestions on shared IT support services as part of the roll-out.

I would like to assure Members that MOH is mindful of the administrative effort required to contribute information to NEHR. And this is why we encourage all healthcare providers to adopt a whitelisted HIMS, which automates the process of contributing relevant health information to NEHR. That said, for smaller clinics that may require more time to digitalise, we will make available an alternative contribution channel so that these clinics will be able to start contributing data when required, while MOH continues to work with them on their digitalisation plans.

Ms Kuah reflected concerns from the ground about time and effort needed for compliance, and if MOH will take these considerations in event of non-compliance, especially in the initial period. MOH has worked closely with healthcare providers and professionals and have been engaging them over the last few years. We have taken their feedback on board.

First, the Bill will commence in early 2027 to allow sufficient time for healthcare providers and professionals to familiarise themselves with the Bill's requirements. Second, to support their transition, guidance materials and dedicated support channels will be made available from the second quarter of this year to help providers and professionals understand their options and navigate the process. Third, should there be challenges complying with the Bill by the required timelines, MOH will consider the facts of each case carefully and assist where appropriate.

Sir, now let me turn to the comments and suggestions for support for healthcare professionals.

Dr Hamid Razak and Dr Choo Pei Ling enquired about how MOH intends to support healthcare professionals, noting that they have concerns about increased liability arising from the HIB. I think Dr Haresh also pointed out concerns from healthcare professionals on medical and legal liabilities and how they should think about it.

We have been engaging the professional bodies and speaking to them over a period of time, and have taken their suggestions, ideas and feedback on board. MOH will publish a set of guidelines to support healthcare professionals' appropriate access and use of NEHR information. These guidelines will apply not only to doctors but also to other healthcare professionals accessing NEHR, such as dentists, nurses and allied health professionals. Let me share some examples of the guidance that will be provided.

Sir, healthcare professionals have asked whether they will be required to access NEHR for each consultation and whether they need to review each record in NEHR when they do access it.

Accessing patients' NEHR information is not compulsory under the HIB. NEHR supports and complements existing clinical practices, including good history-taking and physical examinations. The HIB does not change existing standards and practices. Healthcare professionals are encouraged to consider a range of factors before deciding whether NEHR access is required for a particular consultation, such as whether more information is required based on the information gleaned from the history-taking and physical examinations or whether health records in NEHR would be relevant to the particular consultation.

Sir, we will continue to work with respective professional bodies to disseminate these guidelines to all healthcare professionals. We will also support professional bodies in ensuring their members' compliance with the Bill. Sir, on this note, I would also like to take the opportunity to thank Ms Kuah for co-chairing the NEHR Guidelines Workgroup Committee.

Sir, let me now turn to health information that sits outside of NEHR and the clauses in the HIB that will enable the sharing of such information. Ms Pereira enquired about the timeline for enabling community health partners' sharing of such health information to be covered under the HIB. Mr Louis Chua asked why the HIB enables the sharing of non-NEHR health information without consent.

Today, AIC shares data with community partners to enable them to engage and provide befriending services or care to seniors. However, on the ground, there are difficulties with obtaining consent for data-sharing. Referencing my earlier example of Mr Lim, the 72-year-old gentlemen who is managing his diabetes condition. He stopped visiting his local polyclinic and his polyclinic has faced difficulties in contacting him to obtain consent. The HIB will address this by providing an additional channel for the sharing of health information.

With the HIB, Mr Lim's polyclinic can potentially share his contact information and broad health risk indicators, such as an indication of the presence of frailty or chronic conditions with AIC, without the details of specific medical conditions. AIC can then prioritise engaging Mr Lim to check on his well-being and link him with the necessary support as needed.

On whether to include other community health partners, like Active Ageing Centres and use cases in the future, MOH will carefully assess whether these other entities and use cases facilitate quality care and care continuity for patients. We will consider their readiness to meet the various responsibilities that come with sharing health information, such as cybersecurity and data security requirements under the Bill and we will consult key stakeholders.

8.07 pm

Mr Speaker: Senior Minister of State Tan, if I could just ask you to hold on for a minute, because you have reached your time limit. So, Deputy Leader.

Debate resumed.

Mr Speaker: Senior Minister of State, you may resume.

8.08 pm

Mr Tan Kiat How: Sir, we will consider their readiness to meet the various responsibilities that come with sharing health information, such as the various requirements under the Bill. Any community health partners which are added will be publicly communicated, including through MOH's website.

Sir, to conclude, the HIB will help us achieve the goal of "One Patient, One Health Summary, One Care Journey". We will work with and support healthcare providers and healthcare professionals in achieving this goal. Through our collective efforts, Singaporeans can benefit from better coordinated care, enhanced quality of care and lower costs.

Sir, I believe I have addressed the questions raised by all the Members and I beg to move.

Mr Speaker: Are there clarifications for Senior Minister of State Tan? Mr Kenneth Tiong.

8.09 pm

Mr Kenneth Tiong Boon Kiat: Thank you, Mr Speaker, for the clarifications. I also thank the Senior Minister of State. So, I mentioned the possibility of insurance. The Senior Minister of State mentioned that there will be cost support. But is there a reason why insurance is not offered, rather than general cost support? That is the first clarification.

Two, I thank the Senior Minister of State for saying there will be flexibility for IT-incapable practices, such as the senior GPs who are my constituents. Can the Senior Minister of State just double click and explain a bit what this flexibility for IT-incapable practices might entail?

Three, I think I did not hear an answer to what if there is a data breach. Can the insurers now use the now-public information in the data breach?

And I thank him for his response to my concerns about the inspection and right to audit clauses. The Senior Minister of State's response is that doctors should carefully assess what is relevant. I think that this may not be a great solution because I think the doctor is caught in the middle between the insurer and the patient, and they have to bear liability for the judgement calls as to what they put in the notes. So, I think what is probably going to happen is that there is going to be a chilling effect, where doctors will start avoiding documenting any sensitive data, both in their own medical records but also perhaps in NEHR as well. And so, if it percolates up to the NEHR, would the NEHR utility not be undermined if they cannot trust what to input?

So, I mentioned in my speech that it might be better to just go downstream and just say that we "work with MAS to prohibit insurers from requiring NEHR-derived information as a condition of coverage, claim processing and policy renewal." And if I may, that is a significant part of why I posed the Parliamentary Question to Minister Ong Ye Kung earlier today about needing a dual regulation framework by MAS and MOH for insurers, so that someone is cleanly accountable for insurer behaviour as a health system actor.

Mr Tan Kiat How: Sir, I thank the Member for his clarifications. I believe there are four clarifications and I will take them in turn. One about offering cyber insurance to GP clinics. Can I just get the Member to confirm that this is what he is asking about? Okay.

Sir, in my speech, I did outline a few measures that we are putting in place and will continue to put in place to support GPs, especially smaller GPs, to comply with the HIB requirements, including data security and cybersecurity. And there are a number of support packages we are discussing with them. These details we will make known in due course. So, that is one.

We are supporting them, and we want them to travel the journey together with us. And there is broad support among the doctors, including those smaller GPs who see the value of contributing to and assessing NEHR, and most of the GPs are already onboard. They understand the need for the cybersecurity and data security requirements under the Bill to protect the data, and we are working with them to look at the various whitelisted services and management systems they can adopt to meet the requirements.

In terms of cybersecurity insurance, this is something we certainly will consider, but today, unfortunately, there is not a very mature market for cybersecurity insurance, specifically for GPs. So, if this is something useful, we will certainly consider as part of the support packages and discussions with the relevant stakeholders.

Second, about flexibility for senior GPs or smaller GPs. I mentioned the support packages. We do intend to provide for them, including funding support, whitelisting service providers and the different mentioned systems. But I think what we want to avoid is having different standards of cybersecurity and data security requirements for different clinics based on the size.

I think that is not the sensible and practical way to do it, as mentioned by different Members earlier. It is about making sure that different clinics and different touch points to the NEHR system meet the appropriate level of cybersecurity and data security requirements and finding ways of uplifting the different GPs and we will certainly do so in the coming months and years.

If the Member could clarify on third question for me, please?

Mr Kenneth Tiong Boon Kiat: Data breaches. If there is a data breach.

Mr Tan Kiat How: Okay. Sir, it is quite clear that the insurance companies cannot assess NEHR for insurance or employment purposes. But in data breaches, I think it all boils down to the ethical considerations or how they access those data breaches in the first place, and that is something we have to work together with MAS, as the regulator, together with insurance companies, on understanding how they are using that information. And that is something we frown upon – using NEHR data for purpose of insurance. But it is a hypothetical scenario, something we have to think through.

On a dedicated regulation around insurance, whether they should just be prohibited, to avoid putting the healthcare providers or professionals in a very difficult situation – this is something we are working through with the healthcare providers, the industry associations as well as together with MAS with the insurance industry.

In fact, I had mentioned earlier in my closing speech that MOH has issued guidelines to the insurers and doctors on how we should think about the HIB when it is enacted. We will certainly work closely with MAS as the regulator for the insurance industry.

But I think, it is quite clear, the principle and approach under the HIB is that we prohibit the use and access of NEHR information for employment and insurance purposes. And we have to work through the insurance associations, the MAS, the professional bodies, including the healthcare professional bodies for how it is implemented on the ground. But our assurance to the public and to those Members who spoke about it, is that our approach and position is quite clear.

Did I answer all the Member's questions? Okay.

Mr Speaker: Mr David Hoe.

Mr David Hoe: I thank the Senior Minister of State for the response and the reassurance. I would like to clarify a comment that I made earlier. I wonder if I heard clearly that the access to information to electronic medical records by healthcare professionals will be captured in the NEHR access history. I ask this because the Singaporean who was particularly concerned about this Bill sent me the URL to the FAQ in HealthHub that reads, "Your healthcare professionals may be accessing your records from their own electronic medical records (EMR) systems. Access made to your records in their EMR systems are not included in the NEHR access history." I would be happy to share the URL. I just wanted to clarify whether what I heard was correct.

Mr Tan Kiat How: Sir, just to clarify. Access to NEHR, even through the EMR, will be logged as an access to NEHR. But accessing a patient's records on the healthcare institutions' own EMR system is separate. It is an internal operations system for the hospitals, for the polyclinics or for the private healthcare clinics. So, it is quite different. But if you use EMR to log to NEHR, the logs will be recorded and tracked.

8.18 pm

Mr Speaker: Any other clarifications from Members for the Senior Minister of State? No?

Question put, and agreed to.

Bill accordingly read a Second time and committed to a Committee of the whole House.

The House immediately resolved itself into a Committee on the Bill. – [Mr Tan Kiat How].

Bill considered in Committee.

[Mr Speaker in the Chair]

The Chairman: The citation year "2025" will be changed to "2026" as indicated in the Order Paper Supplement.

Clauses 1 to 114 ordered to stand part of the Bill.

The First to Fourth Schedules ordered to stand part of the Bill.

Bill reported without amendment; read a Third time and passed.

8.20 pm

Mr Speaker: Deputy Leader.