The scheme, which aims to collect and hold patients’ health data online from registration until 30 years after their death, is running an “opt-out period” from now until 15 October, after which time all Australians who haven’t withdrawn from the program will receive a record. For some, there’s nothing dodgy about having your medical records available to around 900,000 health professionals. For others — myself included — the scheme feels a touch more troublesome.

Of course, it’s a fine idea in theory, and at least some of the government’s aims appear to be altruistic: to protect people in the case of an emergency by having all their medical data efficiently available to any health professional around the country, including allergy information and chronic illness history.

But in the lead-up to the scheme and its ensuing rollout, questions have been raised about how our personal health information may be made vulnerable by My Health Record. Everyone from online privacy specialists to sceptical medical professionals are asking who is allowed access, how the government will protect against misuse of the data, and what will happen in the (likely) event of a security breach.

These “security breaches” don’t even need to be elaborate. Cybersecurity experts have said potential vulnerabilities to the system lie mostly at the edges of the security web — in GP’s offices, for example. The Deputy Chair of the My Health Record expansion program, Dr Steve Hambleton, admits he can’t guarantee there won’t be a breach, while experts say a breach is “inevitable”.

The small benefit of the scheme suddenly appears outweighed, at least to me, by a multitude of much greater risks.

So early last week, as the opt-out period began, I went online to exercise my freedom of choice and withdraw from the government’s latest exercise in data roundup. But I was surprised (and a little confused) to discover I couldn’t opt-out — because I already had a My Health Record.

Appearing initially pernicious, it turns out I’m one of almost six million Australians now vulnerable online for beyond the rest of my natural life.

See, in its premiere opt-in form, My Health Record was the Personally Controlled Electronic Health Record (PCEHR). A portion of Australians “opted-in” to this service — though many of us apparently unwittingly, most likely while linking our Medicare account to the MyGov website online — well before MHR began. About one million more people were then signed up to My Health during targeted opt-out trials in Queensland and New South Wales in 2016.

Because I was registered for a PCEHR, a disturbing proportion of my medical history — including prescriptions, doctor’s appointments and claimed rebates that have gone through my Medicare card — is now in the hands of The Australian Digital Health Agency (ADHA).

And for people like me, who have discovered we already have a record without knowingly consenting to one in the first place, our only choice now is to go through the arduous process of “cancelling” our record online — which still doesn’t guarantee our data will ever be safe from wandering eyes.

Although described as a simple process on the My Health information page, it took my boyfriend and I several goes to finally cancel our registration. After spending about 90 minutes each trying to opt out on the slowed-down My Health Record website, we then spent another hour or so trying to link our Health Record to MyGov — also mind-numbingly slow — so we could log in.

Once in MyGov, we searched our records to see what data had already been collected (spoiler: a lot). Then after reading all the information about what “cancelling” our records would mean, we decided to call the My Health Record helpline to ask an operator if there was any way to actually remove our data. Turns out cancelling your record does not remove it from the database, but simply restricts access to it; your records will still remain with the ADHA until long after you are dead.

Between the two of us, we tried three separate calls to the helpline, each lasting at least half an hour (and the longest lasting two and a half hours), before we gave up and gave in: simply cancelling our records and resigning our data to ADHA forever. My Health had defeated us.

And our struggle, it seems, is not an uncommon one.

Since the opt-out process began, many families struggled to opt out their children due to the aforementioned inconsistencies in My Health’s rollout. Some parents report they are unable to opt out their children if they’re not on the same Medicare card; while others have discovered their infants already possess records, with officials claiming they may have been created “at birth or during a vaccination” while filling out paperwork.

Parents and carers are spending hours waiting on the ADHA’s My Health Record helpline for assistance, only to be told they are able to opt-out one child but not another — or even, mysteriously, that they’re not recorded as having any dependants at all.

Meanwhile, opting-out this week is a mere pipe dream for many, because the MHR website is often so clogged users can’t even access it, and over at HQ the operators’ servers are crashing from overuse.

And although our records will no longer be pulled into the scheme, what little (or lots, in some cases) has already been collected could be open to nightmarish data-security breaches like the one reported just a few days ago in Singapore, where a massive health data breach of around 1.5 million Singaporean records, including those of President Lee Hsien Loong, were swiped by hackers targeting the leader.

So while Australia’s Health Minister Greg Hunt has claimed MHR is subject to “some of the strongest legislation in the world to prevent unauthorised use”, many others are worried that the system will have “a chilling effect” on those who need it most. Let’s not forget, this is a government that allowed a “vulnerability” in the federal Health Department’s security to be exploited just last year, resulting in the sale of patients’ Medicare details on the dark web.

To me, My Health can never be truly beneficial because there are too many negatives attached to outweigh the small positive of efficient access to my medical records at any time. I’ve survived for years without a My Health Record; so have my friends, colleagues, parents and grandparents. Until this government gravely considers the risk of duping our personal liberty and right to privacy for the sake of risky data centralisation, I’m going to consider My Health a serious tax on my trust.