Wellington, NZ residents woke up last Saturday to the unpalatable news that local primary health organisation Tū Ora Compass Health had its IT system hacked four times over the last three years, and it is unlikely it will ever know if patient information has been accessed.
Two of the hacks appear to have been old-fashioned defacing of websites by a malicious hacktivist, but the other two may prove to be a bit more serious. While PHOs don't hold patients' medical data, they do keep records of people who are enrolled at general practices in the region, their National Health Index number, and their name, date of birth and address. That is all very valuable information for identity fraudsters.
The big news this week was the cyber attack on hospitals in Gippsland and south-west Victoria, which knocked out clinical and administrative systems in the region including some large facilities such as University Hospital Geelong and Latrobe Regional Hospital in Traralgon.
We received word that the attack involves Ryuk, a particularly nasty piece of ransomware that has also affected hospitals in the US and Canada, including three this week in Alabama that had to turn away patients. It has also been causing havoc for financial organisations and some major US newspaper groups since it first appeared last year.
The big news this week was the moves underway to put electronic prescriptions on the same legal footing as paper scripts, with the Department of Health announcing its plans for the required regulatory changes and the Australian Digital Health Agency releasing some draft documents laying out the proposed solution architecture.
The department is insistent that ePrescriptions will be available this year, with a so-called “success statement” included in its documentation stating that “by October 2019 the electronic prescribing project will allow an electronic prescription to progress from prescribe through to dispense and claim in an electronic format”.
Seven years after it was first encouraged to consider changing its laws to permit real-time monitoring of prescriptions, Queensland has finally come to the party and amended its poisons and medicines act and its therapeutic goods regulations to pave the way for a RTPM system to be introduced next year.
The difficulties that new entrants into health IT markets face were writ large this week when Pegasus Health, the main primary healthcare organisation covering general practices in Christchurch and surrounds, finally had to throw in the towel on its venture to co-develop and roll out a new practice management system for its 90 or so members.
A few other PHOs have followed in Pegasus' path of exploring the market for a new preferred PMS that suits contemporary and future general practice. The other three big PHOs in NZ's big cities – ProCare in Auckland, Pinnacle in Hamilton and Compass in Wellington – have all gone through a preferred PMS process and all have recommended migrating from incumbent Medtech to another vendor.
In late news this week we hear that the Australian Digital Health Agency hopes to approach the market in the next few weeks through a request for information (RFI) process about the potential to “re-platform” the national digital health infrastructure, including the My Health Record.
This move has been mooted for a few years now and was confirmed by ADHA's CIO Ronan O'Connor in a chat with Pulse+IT last year. The MyHR has been built on a clinical document architecture that while novel in 2011 – and ADHA says is still fit for purpose now – is quickly being overtaken by newer, shinier technologies.
ACT Health released a tender for a comprehensive digital health record this week, revealing that the record is intended to be much more than just an electronic medical record for its three hospitals.
The ACT government has allocated $70 million over four years for its digital spend, in addition to the $11 million it has already put up for a new laboratory information system, the winning tenderer for which should be announced shortly.
