Here are a few I have come across the last week or so. Note: Each link is followed by a title and a few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.
General Comment
-----
It has been quite a week. We have had the opt-out process have 5 times more people opt out than happened in the trials (1.9%) and we have had so many data breaches reported I have lost count.
I’d worry about the myHR if I were you if the hackers are penetrating the Federal Parliament!
------
9 out of 10 Australians to have a My Health Record
The Australian Digital Health Agency has today announced that 9 out of 10 Australians will have a My Health Record following the conclusion of the opt-out period.
Based on the number of people eligible for Medicare as at 31 January 2019 (25,459,544), the participation rate is 90.1 per cent, with a national opt-out rate of 9.9 per cent.
While the opt-out period ended on 31 January 2019, Australians are able to cancel and have their My Health Record permanently deleted from the system at any time in the future. Similarly, individuals who may have opted out can create a record at any stage if they choose.
-----
More than 2.5M Australians opt out of MHR system
Hafizah Osman | 22 Feb 2019
New figures show that one in 10 Australians have opted out of the My Health Record (MHR) system, leaving participation rates at 90.1 per cent.
According to the Australian Digital Health Agency (ADHA), based on the number of people eligible for Medicare as at 31 January, more than 2.5 million people have opted out of the system, amounting to a national opt out rate of nearly 10 per cent.
This is a stark increase from the three per cent, or about 900,000 people, who opted out from when the opt-out period began in July to 9 September last year.
While the opt-out period ended on 31 January, legislation was recently passed by the Australian Parliament allowing Australians to cancel and have their MHR permanently deleted from the system at any time in future.
-----
Almost 300,000 Australians cancelled their My Health Record by mid-November
Although the government would not reveal the latest opt-out numbers, it did reveal where people have cancelled an existing My Health Record.
By November 11, 2018, nearly 300,000 Australians had removed themselves from the My Health Record system and cancelled their electronic medical record.
Responding to Senate Estimates Questions on Notice, the Department of Health broke down the final 288,000 number by state, giving just over 96,000 citizens in New South Wales; 66,500 in Queensland; 61,000 in Victoria; and 24,500 and 21,000 in Western and South Australia, respectively; followed by the ACT with 8,000; Tasmania with 7,500; and the Northern Territory with just under 2,000 cancellations. Approximately 1,200 cancellations were not attributed to any state.
Many other statistics to do with My Health Record, including an updated number of opt outs, were met with a standard response.
"As the opt-out period has now been extended to 31 January 2019, the Australian Digital Health Agency is unable to provide a response to this question," the Department of Health's boilerplate read.
-----
18 February 2019
RACGP Hello Health deal is now murkier than ever
Jeremy Knibbs
Last week the RACGP announced that it had signed a three-year marketing and consultancy deal with US-based software vendor, Hello Health, via software development company Myca.
At the time the deal was first mooted last year the official line from the RACGP was that there was no commercial deal, that it was not endorsing the company, and that Hello Health simply was a major sponsor of its conference. That statement now looks like it was misleading to members.
The announcement belies some very serious potential issues of conflict and governance for the RACGP. Far more than it seems to be currently contemplating. In the statement last week the RACGP says:
“The intent behind the arrangement with Myca is simply to improve the products GPs use at their desks every day. GPs will always have a choice of provider, so Hello Health will provide an additional choice in the market.”
-----
Nauru bans 'telemedicine' for medical transfers in threat to new Australian laws
By Michael Koziol
February 19, 2019 — 11.48am
The government of Nauru has rushed through new laws that prevent residents of the island nation being granted medical transfers if the referral is based on the recommendation of a doctor who consulted the patient online.
Meanwhile, the Department of Home Affairs has confirmed any sick refugees and asylum seekers transferred from Papua New Guinea or Nauru will be sent to Christmas Island in the first instance unless there are exceptional circumstances.
The Australian government was unsure on Tuesday morning how the Nauruan laws would intersect with the medical transfers bill that passed the Australian Parliament last week and grants Australian doctors greater power to compel the immigration minister to transfer refugees and asylum seekers to Australia for treatment.
But Australian lawyer and refugee advocate George Newhouse said the Nauruan laws made it clear the country was preparing to block medical transfers requested by Australia, and meant refugees and asylum seekers were effectively "prisoners" of Nauru.
-----
20 February 2019
What does MD’s stumble say about the cloud PMS market?
Last month, Medical Director (MD) laid off 14 staff who were variously doing integrations, e-referrals, patient engagement, major contracts and software development, according to sources.
There is a lot of rumour around MD and its cloud-based product, Helix, but not a lot of hard information, probably because the company is owned by private equity. But if the leaks are to be believed, the company is struggling internally with the transition to its Helix product and how that is interfacing with the core market of GP practices.
Staff turnover at the company over the last year has been regular, and high. One past employee who spoke to The Medical Republic said Helix had failed and probably needed to be started again from scratch.
A major company that MD supplies told TMR last year that Helix wasn’t up to the requirements that had been promised resulting in tension with MD. One of MD’s own employees confirmed directly with TMR last year that Helix was not working well.
-----
The embarrassing reason why health is king of data breaches
Cyber criminals are enemy no.2 - the real 'villains' are much closer to home
Antony Scholefield
18th February 2019
It’s been about a year since the Notifiable Data Breach scheme came into effect, legally obliging GP clinics to report unauthorised disclosures of patient information that created a significant risk of harm.
Initially there were fears the requirement would bury practices under a paperwork mountain.
But the latest report from the Office of the Australian Information Commissioner notes there were 163 breaches between February and December last year.
Given the number of health organisations in Australia, this means most escaped with no paperwork.
-----
Liberals, Labor hit by parliament hack
Prime Minister Scott Morrison says the computer networks of political parties were part of a recent foreign-based cyber hack of the federal parliament.
Australian Associated Press February 18, 201912:17pm
The computer networks of Australia's major political parties were affected by a recent sophisticated cyber attack on federal parliament, Prime Minister Scott Morrison has confirmed.
Mr Morrison says a "state actor" is believed responsible for the attack 10 days ago, and political parties are being offered support from the Australian Cyber Security Centre.
"Our cyber experts believe that a sophisticated state actor is responsible for this malicious activity," he told parliament on Monday.
-----
Government says ‘state actor’ hacked Australian political parties’ networks
Networks of Liberal, National and Labor parties penetrated, prime minister says
The Australian government believes that an unnamed state actor penetrated the networks of the Liberal, National and Labor parties, Prime Minister Scott Morrison said today.
The Department of Parliamentary Services (DPS) earlier this month reset the passwords of MPs and staff after the Australian Cyber Security Centre (ACSC) identified what the PM described as a “malicious intrusion into the Australian Parliament House computer network.”
During the investigation of that intrusion — which the government believes was conducted by a state-backed hacker — the ACSC “became aware that the networks of some political parties – Liberal, Labor and Nationals – have also been affected,” Morrison said.
-----
Australia’s major political parties victims of cyber attack by a ‘sophisticated state actor’, PM says
Australia's major political parties hit by cyber attack
- February 18, 2019
The computer networks of Australia’s major political parties have been the subject of a cyber-attack by a “sophisticated state actor”, the Prime Minister has told Parliament.
The news comes after the attempted hack of Australia’s parliamentary network in early February.
“Members will be aware that the Australian Cyber Security Centre recently identified a malicious intrusion into the Australian Parliament House computer network,” Mr Morrison said in a national security statement in the House of Representatives.
“During the course of this work, we also became aware that the networks of some political parties, Liberal, Labor and Nationals have also been affected.
“Our security agencies have detected this activity and acted decisively to confront it.
-----
Political party networks caught up in parliament's IT breach
But no evidence of electoral interference.
The networks of Australia’s largest political parties were caught up in the malicious intrusion of the parliamentary computing network by a state-based actor earlier this month.
Prime Minister Scott Morrison on Monday said the activity was uncovered during the investigation into the security breach that forced parliamentarians and their staff to reset their passwords.
“During the course of this work, we also became aware that the networks of some political parties – Liberal, Labor and Nationals – have also been affected,” he said.
“Our security agencies have detected this activity and acted decisively to confront it. They are securing these systems and protecting users.”
-----
Parliament attackers appear to have used Web shells
- 19 February 2019
- Written by Sam Varghese
Attackers who infiltrated the Australian Parliament network and also the systems of the Liberal, National and Labor Parties appear to have used Web shells – scripts that can be uploaded to a Web server to enable remote administration of a machine.
The Australian Cyber Security Centre uploaded a number of malware samples found on the systems attacked to VirusTotal, among which was at least one Web shell, according to former NSA hacker Jake Williams, who worked with the agency's elite Tailored Access Operations group (which was disbanded in 2016 and absorbed into the agency’s new Directorate of Operations).
Re this - several recent big attacks (Equifax, Oz Parliament etc) have used web shells. Very easy to deploy, very poor anti-malware control coverage. One to look out for. https://t.co/ORUh90miNQ
— Kevin Beaumont (@GossiTheDog) February 18, 2019
-----
Hackers in Iran behind Parliament House security breach, says US cyber research company
- By Rob Taylor
- The Wall Street Journal
- 9:39AM February 22, 2019
Hackers based in Iran and implicated in attacks on the US and Western allies were behind a computer breach of Australia’s parliament and political parties, a US cyber research company has alleged.
The attacks were part of a global espionage campaign that cybersecurity companies say began last year and that has mostly targeted the Five Eyes intelligence alliance comprising the US, Canada, the UK, Australia and New Zealand. They think the attacks were retaliation for President Donald Trump’s decision to withdraw from a nuclear agreement with Iran.
The focus and pattern of the attack is compatible with the activity of an Iranian state actor connected to the Mabna Institute, said cybersecurity company Resecurity President Charles Yoo. The Mabna Institute is a technology company linked to the Iranian Revolutionary Guard.
-----
LandMark White data posted on darkweb forum
Company enters trading halt after data breach
Property valuation firm LandMark White says its decision to yesterday request the ASX pause trading of its shares came as it sought “clarity” around the impact of a data breach on its services.
It also revealed that confidential data related to property valuations was available on a “darkweb forum” for at least 10 days after the company closed the security hole that allowed it to be accessed. The forum post was made “on or about 11.57pm GMT, 31 January 2019” and the company believes that shutting down the vulnerability prompted the posting of the dataset.
The company earlier this month revealed that it had been alerted by a partner firm that “dataset containing property valuation and some personal contact information” had been exposed. LMW said the culprit was an “exposed programming interface” that it had shut down on 23 January. The company says it is not clear how many people accessed the data.
-----
Valuation firm hit by data breach LandMark White pleads for long share suspension
Banks still staying away.
Shares in property valuation data firm LandMark White will stay suspended from trading on the ASX for up to a month in the wake of the revelation of a data breach that has prompted major banks to pull their business as questions continue to emerge over the extent of data loss and disclosure.
LandMark White company secretary John Wise told the ASX on Tuesday that the company could not guage the financial impact of the hack because it did not yet know if its customers would return.
“LMW has been suspended from receiving work from a significant number of our clients which is impacting our revenues, profitability and cashflows,” Wise said.
-----
Melbourne Heart Group hit by Windows ransomware
- 21 February 2019
- Written by Sam Varghese
The Melbourne Heart Group, a medical unit located at Cabrini Hospital in the Melbourne suburb of Malvern, has been hit by a Windows ransomware attack that has resulted in about 15,000 patients being locked.
The incident, which occurred some three weeks ago, has been reported to the Australian Cyber Security Centre. It was first reported by Nine Entertainment.
An ACSC spokesperson told iTWire that it had been recently alerted to a cyber security incident by the MHG.
"[We] provided cyber security advice and assistance to MHG," the statement added. "As the matter is ongoing, it is not appropriate to comment further."
-----
Crime syndicate hacks 15,000 medical files at Cabrini Hospital, demands ransom
By Cameron Houston and Anthony Colangelo
February 20, 2019 — 11.45pm
A cyber crime syndicate has hacked and scrambled the medical files of about 15,000 patients from a specialist cardiology unit at Cabrini Hospital and demanded a ransom.
The attack is now the subject of a joint investigation by Commonwealth security agencies.
Melbourne Heart Group, which is based at the private hospital in Malvern, has been unable to access some patient files for more than three weeks, after the malware attack crippled its server and corrupted data.
-----
Medical records at Victorian hospital get hacked
Hafizah Osman | 21 Feb 2019
In a suspected ransomware attack, a cybercrime syndicate has hacked and scrambled around 15,000 medical records at a Victorian hospital.
Medical files from Melbourne Heart Group, a specialist cardiology unit based within the Cabrini Hospital premises in Melbourne, had been compromised, with the hackers restricting access to the records for more than three weeks and demanding a ransom for access, according to The Age.
It was reported that the hack started as a malware attack, crippling its server and corrupting the data and that the cybercrime syndicates demanded ransom be paid in cryptocurrency for a password that breaks the encryption.
This resulted in some patients not having any records at the unit, while others got told that their “files had been lost”.
-----
Toyota Australia hit by cyber attack
Takes down email and other systems.
Toyota Australia has suffered an “attempted cyber attack” that has taken out its email and other online systems.
The carmaker said in a statement that it is still investigating the source of the attack.
“The threat is being managed by our IT department who is working closely with international cyber security experts to get systems up and running again,” the company said.
“At this stage, we believe no private employee or customer data has been accessed.”
-----
Catholic Church, major super fund and Toyota hit by cyber attacks
By Farrah Tomazin and Anthony Colangelo
February 21, 2019 — 11.45pm
Cyber attackers have hit Melbourne’s Catholic Archdiocese, demanding a ransom from the church and paralysing its computer system for days, while Australia's biggest corporate superannuation fund, TelstraSuper, has admitted it has also been targeted.
The Age has confirmed the attacks, after revealing on Wednesday that a cyber crime syndicate hacked and scrambled the files of Melbourne Heart Group, a cardiology unit based at Cabrini Hospital.
Car maker Toyota has also been hit by a cyber attack in Australia, with employees locked out of their emails for days. Toyota Australia's servers were targeted on Tuesday and an investigation involving federal authorities is under way into who was behind the potentially malicious cyber attack.
-----
Sam Kekovich sells AI and IoT to seniors to stay at home
New CTO also appointed.
For Sam Kekovich, some things make sense.
The outspoken ‘Lambassador’ and former AFL player is throwing his weight behind in-home aged care tech concern HomeStay as its latest brand ambassador.
The ASX-listed ageing technology company, whose partners include Telstra, Samsung, Garmin and Data#3, has also named DXC’s former head of software engineering Manoj Chandra as its new chief technology officer.
HomeStay deploys wearables and internet of things sensors into seniors’ homes to improve the quality and responsiveness of care through a platform underpinned by artificial intelligence, machine learning and predictive analytics.
-----
When is Software a Medical Device?
Draft Guidance
Health Canada recently released a draft guidance document on software as a medical device (SaMD). This guidance is intended to help industry better understand the regulatory compliance requirements for software technology that has a medical purpose. In particular, it aims to clarify when software may be considered a medical device, as well as the related regulatory classification (i.e. device class) and corresponding licensing requirements.
What is Software as a Medical Device
The draft guidance defines SaMD as software intended to be used for one or more medical purposes and performs these purposes without being part of a hardware medical device.
More specifically, Health Canada generally interprets "medical purposes" in the context of software as follows:
- Intended to acquire, process, or analyze a medical image, or information from an in vitro diagnostic device or a measurement/signal from a monitoring device or imaging device.
- Intended for the purpose of supporting or providing recommendations to health care professionals, patients or non-healthcare professional caregivers about prevention, diagnosis, treatment, or mitigation of a disease or condition.
-----
Miya Precision goes live at NZ’s MidCentral District Health Board, improving patient flow and bed management
In General News
MEDIA RELEASE
Adelaide, South Australia – Alcidion Group’s (ASX:ALC) next-generation software platform Miya Precision has gone live for the first time anywhere in the world, with successful launches at Palmerston North Hospital and Horowhenua Health Centre, part of New Zealand’s MidCentral District Health Board (MDHB).
MDHB staff have already seen noticeable improvements to bed allocation, smoother patient flow, and a more efficient allocation of hospital resources.
Alcidion Managing Director Kate Quirke said, “This is a really important project for Alcidion, with MidCentral DHB being the first roll-out of the next-generation Miya Precision platform, a ground-breaking approach to meeting the needs of healthcare interoperability requirements through the integration of data from any source, making it both useable and actionable, in real-time to improve patient safety and clinician experience.”
-----
Government hack proves it can't keep encryption backdoors safe
By Carlo Minassian
Updated Feb 18, 2019 — 3.40pm, first published at 3.06pm
Earlier this month, Australian Parliament computer systems were breached in what was just the latest horse on a perpetual carousel of inadequacy.
On this week's episode of The Australian Government Gets Hacked, we learned the attacker has now compromised the servers of "all major Australian political parties".
This is a significant escalation of what occurred after the initial attack against Parliament.
These breaches have occurred against the networks used by politicians and their staff, complete with detailed voter databases, emails, and other troves of personal information. As yet, we're still in the dark about how long the attackers have been in the system.
-----
Tech industry peak body expects ‘encryption’ law to hit exports
AIIA calls for urgent analysis of impact
The chief executive of the Australian Information Industry Association has warned that laws designed to help police and national security agencies intercept encrypted communications are likely to affect the nation’s “ICT innovation and export activities”.
“The act is likely to negatively impact the competitiveness of Australian software and hardware manufacturers in international markets,” AIIA CEO Ron Gauci said. “We believe this could result in declining employment and export revenue, and consequently a significant reduction in local R&D and manufacturing.”
Parliament last year passed the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018, with the legislation receiving bipartisan support.
-----
UK says Huawei is manageable risk to 5G
By Demetri Sevastopulo and David Bond
Updated Feb 18, 2019 — 9.40am, first published at 7.26am
Washington/Munich | British intelligence has concluded that it is possible to mitigate the risk from using Huawei equipment in 5G networks, in a serious blow to US efforts to persuade allies to ban the Chinese supplier from high-speed telecommunications systems.
The UK National Cyber Security Centre has determined that there are ways to limit the risks from using Huawei in future 5G ultra-fast networks, two people familiar with the conclusion, which has not been made public, told the Financial Times.
The finding comes despite stepped-up US efforts to persuade countries to bar Huawei from their networks on the basis that it could help China conduct espionage or cyber sabotage.
-----
NBN profitability 'on track': CEO Stephen Rue defends the network's costs
By Jennifer Duke
February 18, 2019 — 11.02am
National Broadband Network Co chief executive Stephen Rue has defended the prices charged to telecommunications companies and confirmed the future profitability of the $50 billion taxpayer-funded internet infrastructure business is "on track".
The NBN Co's revenue reached $1.3 billion in the six months to 31 December 2019, up 46 per cent compared to the same period in 2018, results posted on Monday morning show. The average revenue per user has reached $45 a month, which is on track for the NBN Co's plan to reach $51 by the 2022 financial year, Mr Rue said.
“I have full confidence in our ability to reach our 2020 target as our strong track record demonstrates," Mr Rue said in a statement. The NBN's corporate plan shows the roll out is forecast to be complete by 2020 with profitability expected about two years later.
-----
NBN Co sees ARPU, revenue rise; loses $1.7b for HY19
- 18 February 2019
- Written by Sam Varghese
NBN Co, the company rolling out Australia's national broadband network, has increased the average revenue it earns per user by a dollar to $45 and has more than 4.6 million premises connected as of the end of the half-year 2019, the company's chief executive Stephen Rue says.
The company continues to bleed red ink, though, running up a loss of $1.7 billion for the half-year. However this represents a decrease of 29% year-on-year. In the six months to the end of 2017, the loss was $2.4 billion.
For the full-year 2018, NBN Co made a loss of $4.1 billion, slightly less than the loss of $4.24 billion for the full-year 2017, but much more than the $2.75 billion loss the company posted for the full-year 2016.
-----
NBN scales-up release of HFC premises after ‘pause’
Most ‘paused’ premises to be released by end of this month
NBN Co CEO Stephen Rue says the company will conduct a “significant release of optimised HFC premises over the next six months”.
Presenting the company’s half-year results today, the NBN Co chief executive said that as of the end of December some 70 per cent of Australian homes and businesses — around 8.1 million premises — were able to order an NBN service. A further 1.4 million premises were ready for service; essentially located in an area served by the new network but not able to order an NBN service.
The scaled-up release of hybrid fibre-coaxial (HFC) premises will help narrow the gap between premises ready for service and ready to connect, Rue said today.
-----
Bad news for Labor, the NBN is on track
By Stephen Bartholomeusz
February 18, 2019 — 3.00pm
The national broadband network is on track, both in terms of the rollout of the network and its financials. That will really complicate matters for Labor if it wants to change either.
With more than 4.6 million premises activated and another 8.1 million ready to connect, NBN Co has only three million more premises to go to complete the rollout and says it is on schedule to achieve that by June next year.
December-half revenue rose 46 per cent, to $1.3 billion, from the same half last year and average revenue per user has edged up from $44 to $45. Chief executive Stephen Rue said NBN Co was on track to meet its projected $5 billion of revenue by 2021-22.
-----
NBN Co wants a broadband product to attract renters
Hits back at mobile operators eating its lunch.
NBN Co is exploring product options that would make its services more appealing to transient users such as renters.
The move, if NBN Co can pull it off, is a clear swipe at mobile operators whose services are considered to appeal more to that subsection of the broadband market.
In particular, having such a product could allow NBN Co to see off potential competition from precursor 5G services like Optus’ forthcoming 50Mbps wireless product.
-----
NBN Co faces calls to endorse good quality modems
After internal tests uncovered dud devices.
NBN Co is facing calls to endorse modems that work best on its network after internal tests uncovered some retail service provider-supplied devices that weren’t performing to specifications.
The calls were led by Labor Senator Deborah O’Neill at senate estimates on Tuesday night and backed by Twitter users.
They came after NBN Co revealed that internal tests had found somewhere in the region of five percent of modems experienced more dropouts and resyncs than expected.
-----
NBN Co plans four-month HFC blitz
Releasing up to 200,000 premises a month to sale.
NBN Co is planning to release just shy of 200,000 HFC premises a month from April to June this year, purging a great deal of the footprint that is currently listed as unserviceable.
The company raised the prospect of a “significant release” of optimised premises over the first half of this calendar year in a financial briefing on Monday.
However, CEO Stephen Rue put some numbers around the planned release schedule during a senate estimates hearing on Tuesday night.
-----
Opportunity: The little Mars rover that could
By Usha Lee McFarling
February 20, 2019 — 2.13pm
The tributes, poignant cartoons, emotional tweets and even love songs keep pouring in. I'm feeling surprisingly sad as well. I covered the building and launch of Opportunity, and its twin rover Spirit, for the Los Angeles Times 15 years ago, and I feel like I've lost a close friend.
It's always very hard to get a spacecraft to Mars, and in 2003, NASA was reeling from a series of high-profile failures. As the rovers were being built, the space shuttle Columbia crashed, killing seven astronauts – and placing even more pressure on the $800-million rover mission to succeed.
-----
Enjoy!
David.
Thank you David, I always look forward to the Monday list, the ADHA comms branch censors a lot of content and the network snopping tools the deploy makes it difficult at best to seek other views.
ReplyDeleteA post over the weekend made mention of NT EHR, I think the comment or may have seen the figures as described in the first ZNET article. - Responding to Senate Estimates Questions on Notice, the Department of Health broke down the final 288,000 number by state, giving just over 96,000 citizens in New South Wales; 66,500 in Queensland; 61,000 in Victoria; and 24,500 and 21,000 in Western and South Australia, respectively; followed by the ACT with 8,000; Tasmania with 7,500; and the Northern Territory with just under 2,000 cancellations. Approximately 1,200 cancellations were not attributed to any state.
I am not sure if that means they also pulled out of the NT system or if it is one of the same these days, not good either way.
I think when you use ‘5 times more people opt out than happened in the trials‘ you need to use ADHA speak - so it is correctly stated as 5 Hundred Percent (500%) more people opt out than happened in the trials.
Tim is certainly a work leader is opt-outs