TE WHATU ORA- GOVERNMENT AGENCIES STOP BLAMING THE WHISTLE-BLOWER BARRY YOUNG FOR YOUR CARELESS RECKLESS BEHAVIOUR AS TO COMPROMISING 1,000’s OF PATIENT INFORMATION
May 26th 2021 There was a widespread alarm as to what may happen to hugely sensitive patient and staff information from Waikato District Health Board where hackers had claimed to obtained scores of official records, documents containing names, phone numbers and addresses of patients and staff, this was referred to the police. Andrew Little refused to front up, but issued a statement instead offering assistance to Waikato DHB. . It was reported to say “ Cyber experts say the danger is that the hackers could sell the data to other cyber crims, which could be used to scam victims whether a ransom was paid or not, there was no guarantee data would remain secure.
Waikato hospital was hit by a cyber attack in May 2021.. Microsoft got a lot of flack over hacks The government has received advice from a King’s Counsel lawyer, and from privacy impact experts, that using foreign-owned data centres – even if the centres themselves are in New Zealand – places the data under the legal jurisdiction of the foreign country, and raises the risk the other country could obtain the data. The US has a Cloud Act that raises this possibility. Officials appear ambivalent on the issue, various OIA documents have shown, and the New Zealand government is increasingly committed to moving public data to hyper-scale data centres
July 2021 another RNZ report that SIS was not including the DHBs in their implementing a new cyber security programme. RNZ reported 20th December 2021 that the Health Minister announced $75.6 million over three years to plug cyber security gaps, to help health organizations improve their cyber security to protect sensitive information, to minimize risks of cyber attacks. (Obviously this needed to be done as patient and staff private personal info was at risk, but this funding was over 3 years – not for lets get it fixed right now, obviously leaving patients files – personal information seriously at risk, and knowing so.
Reporting also that the system needed upgrading. Patients Rights Chairperson Carolyn Mckenzie said “this is a very serious matter that could have a huge impact on some-ones life” Saying that patients feel a sense of violation that some-one could be using their information to advantage themselves, there is a deep sense of betrayal of those patients that have been exposed. There is no way of compensating somebody for that”
The National Secretary of the APEX Union and the Resident Doctors Association Debrorah Powell said “This is just low life behaviour, patient and staff information that is confidential, its just so very wrong”. She added “for medical staff the confidentiality of patients information “goes to the heart of the relationship between doctor and patient”, where patients will not feel comfortable to share highly personal information with their doctor. The disrespecting of the fundamental health care relationship, which is very upsetting for patients”. Staff at the DHB were trying to deal with the fallout themselves which is also very distressing”
It was confirmed that documents included recent data on staff numbers, names, including financial records, contracts, complaints as well as sensitive information about patients. The files included screenshots identifying hundreds of patients and staff, some document spelling out diagnoses and medical information. RNZ reported this article taking huge care not to divulge sensitive information.
Fast forward 18 months on to 6th December 2022 ‘Te Whatu Ora has lost 14,000 patient files amid cyber attacks relating to cardiac, inherited disease and bereavement care. (Confirmed by Te whatu Ora). The Ministry of Justice confirmed it had lost 14500 coronial files, approx. 4,000 post mortem examination reports due to a cyber attack. RNZ reported 17th December 2022 Te Whatu Ora was hacked, thousands of files and post mortem reports over the last 4 years were affected. The High Court granted an order to prevent files from being shared, or the publishing of these files obtained by the cyber attack. The Privacy Commissioner was notified in November 2022.
Ministry of Justice reported on their govt website that on 19th December 2022 Te Whatu Ora and the Ministry Of Justice confirmed they had filed a joint filed legal proceedings in the High Court to prevent people sharing information by obtaining information by the cyber attack on sensitive coronial and health information in a recent cyber security incident. Saying they were working with the Privacy Commissioner. Te Whatu OOra and Ministry of Justuice added the legal proceedings are prudent and proactive, an extra step to protect the people whose private and sensitive information had been compromised.
RNZ also reported on 6th December 2022 that an investigation was underway into the cyber attack which hit thousands of coronial and health files. Confirming this included 14,500 coronial files and approx. 4,000 post mortem reports, . Post mortem data from Northland, Waikato, Bay Of Plenty, Wellington, Horowhenua-Kapiti, Nelson-Marlborough, Otago and Southland regions from March 2020 to November 2022. Including 8,500 records of bereavement care services from Middlemore Hospital, 5500 files on the Cardiac and inherited Disease Register had also been impacted
Another article by RNZ 4th October 2022 ‘Patient details could be compromised as large North Island GP Network hit by Cyber attack. 28th September 2022 there was a cyber attack on Pinnacle Midlands Health Network’s regional primary health care practices across Taranaki, Rotorua, Turangi. Thames-Coromandal and Waikato. Pinnacle hold information like GP notes, however it was reported that the hackers appeared to have accessed information which included commercial and personal details from their system. They laid a complaint with police who then worked alongside Te Whatu Ora and a number of other govt agencies.
Stuff NZ reported 4th October 2022 Cyber attack on Health Provider Pinnacle ‘ a wake up call’. A top doctor is calling a cyber attack on a major primary health provider that has compromised the details of potentially thousands of patient details a “wake up call to the sector”. Chief executive Justin Butcher said that while investigations are still underway it appears that before the breach was notified and the IT was contained the malicious actors accessed information from the system, which could include commercial and personal details. Patients should brace themselves for their medical information being dumped on the dark web or on the web itself.. In May 2021 the then-Waikato DHB was the subject of an attack by hackers.
It left IT systems at Waikato Hospital and its satellites crippled, ham-stringing health care across the region for more than a week and causing ongoing problems long after. Some of the material appeared on the internet after the government refused to pay a ransom. The list of documents suggested it included folders containing patient information as well as information about employees and the DHB’s financial affairs. The IT systems of the DHB, which is the fifth-largest in the country and provides care to more than 430,000 people, were rendered inaccessible. Andrew Little said the Cyber attacks are the reality of this world.
Carry Young RNZ reported 19th December 2023 ‘Leaked Vaccine Data, a chance a small number of people may be identified, as Te Whatu Ora reports they are employing International experts to investigate the COVID-19 Vax data leak stated Margi Apa CEO of Te Whatu Ora. RNZ reported 19th December 2023 ‘Leaked Vaccine Data, chance a small number of people may be identified. 8th December Te Whatu Ora employs International experts to investigate COVI9 Vaccine leak, stated Margie Apa CEO of Te Whatu Ora.
Referring to Barry Young, it had been reported by Te Whatu Ora there is a small chance a number of patients may be identified. I suggest Te Whatu Ora keep their own house in check where they are responsible for protecting thousands of patients files that were cyber attacked over the last four years. If personal, private info is out their the shame and blame should be put squarely on your shoulder not one of a man whose really cares about the people of NZ.
Lets not just put the huge cyber security hacks out in the public arena. Thousands of patients files compromised, private info exposed. The Privacy Commissioner, the government knew about all these cyber attacks on the health system and post mortem files by November 2022 and before this. RNZ reported 9th September 2023 that ‘Te Whatu Ora looked overseas for its transformational plans – a digital shift needed to transform health systems.
The government was told in 2020 Health IT needed at least $2 billion in upgrades. The Health Minister had been warned of aging systems, IT funding was still lagging, according to Official Information Act request. Many current IT systems being reported as old with significant limitations. The health system that generates more and more data requiring upgrades . Te whatu Ora you have been sprung, accusing Barry Young that there is a small chance he risked exposing a few patients details”. This is rubbish he shared no identifying patient details. The Govt Agencies allowed through their inaction on cyber security allowed thousands of patient files to be compromised. Do Not Blame Barry Young for your total Incompetence and no conscious of allowing 1,000’s of patients private information to be robbed. I call this a bloody great red flag.