Wellington, NZ residents woke up last Saturday to the unpalatable news that local primary health organisation Tū Ora Compass Health had its IT system hacked four times over the last three years, and it is unlikely it will ever know if patient information has been accessed.
Two of the hacks appear to have been old-fashioned defacing of websites by a malicious hacktivist, but the other two may prove to be a bit more serious. While PHOs don't hold patients' medical data, they do keep records of people who are enrolled at general practices in the region, their National Health Index number, and their name, date of birth and address. That is all very valuable information for identity fraudsters.
The big news this week was the cyber attack on hospitals in Gippsland and south-west Victoria, which knocked out clinical and administrative systems in the region including some large facilities such as University Hospital Geelong and Latrobe Regional Hospital in Traralgon.
We received word that the attack involves Ryuk, a particularly nasty piece of ransomware that has also affected hospitals in the US and Canada, including three this week in Alabama that had to turn away patients. It has also been causing havoc for financial organisations and some major US newspaper groups since it first appeared last year.
The big news this week was the moves underway to put electronic prescriptions on the same legal footing as paper scripts, with the Department of Health announcing its plans for the required regulatory changes and the Australian Digital Health Agency releasing some draft documents laying out the proposed solution architecture.
The department is insistent that ePrescriptions will be available this year, with a so-called “success statement” included in its documentation stating that “by October 2019 the electronic prescribing project will allow an electronic prescription to progress from prescribe through to dispense and claim in an electronic format”.