Friday, November 03, 2017
Remember This When You Are Repeatedly Told That The myHR Is Secure And Has Not Been Breached!
This appeared a few days ago.
Lynne Minion | 25 Oct 2017
Fraudulent behaviour or human error were responsible for My Health Record data breaches, the Australian Digital Health Agency has confirmed, following the release of the Australian privacy commissioner’s annual report containing details of the security failures.
"This year we received six data breach notifications from the My Health Record System Operator,” the Office of the Australian Information Commissioner’s annual report says.
“These notifications related to unauthorised My Health Record access by a third party.”
The annual report also confirmed 29 breach notifications had been received from the Chief Executive of Medicare, including reports of “intertwined” records.
“Nine of these notifications involved separate breaches related to intertwined Medicare records of individuals with similar demographic information. This resulted in Medicare providing data to the incorrect individual’s My Health Record.”
Further cases saw Medicare claims information loaded into the wrong My Health Records.
“Twenty notifications, involving 123 separate breaches, resulted from findings under the Medicare compliance program. In these circumstances, certain Medicare claims made in the name of a healthcare recipient but not by that healthcare recipient were uploaded to their My Health Record.”
According to the Australian Digital Health Agency, the breaches were caused by fraudulent behaviour or human error.
“In each instance the access has been limited to Medicare information related to fraudulent behaviour, or isolated human processing errors,” an Australian Digital Health Agency spokesperson said in a statement to Healthcare IT News Australia.
“No clinical incidents have resulted from these matters. All privacy breaches has been investigated and resolved, and the affected parties have been notified of the situation.”
More discussion and commentary here:
Would be nice to know just who was committing these frauds, when they had been charged and what the outcome of the enforcement actions were if any had happened.
The Government is keen to expose other fraudsters so why not now I wonder? Is there further news to come?
Posted by Dr David G More MB PhD at Friday, November 03, 2017