Key Takeaways
- The Public Service Association (PSA) is calling on the Privacy Commissioner to investigate the impact of cuts to Health NZ’s digital services workforce.
- A security breach at ManageMyHealth, a privately run platform, has highlighted the risks of cutting IT experts in public health.
- The breach has affected between 6 and 7 percent of the approximately 1.8 million registered users.
- The PSA is warning that the government’s decision to cut IT experts’ jobs has left the public health system vulnerable to security risks.
- The Health Minister has stated that government agencies are working with ManageMyHealth to understand the scope of the breach and protect patient privacy.
Introduction to the Issue
The Public Service Association (PSA) is sounding the alarm over the recent security breach at ManageMyHealth, a privately run platform that provides digital health services to patients. The breach, which involved unauthorized access to the platform, has affected between 6 and 7 percent of the approximately 1.8 million registered users. The PSA is calling on the Privacy Commissioner to reconsider investigating the impact of cuts to Health NZ’s digital services workforce, citing the breach as a "wake-up call" for the entire health sector in New Zealand.
The Risks of Cutting IT Experts
The PSA’s national secretary, Fleur Fitzsimons, has stated that the government’s decision to cut the jobs of many IT experts in the public health system has left it vulnerable to security risks. She noted that hospitals are using outdated systems, but no longer have the experts who can understand their weaknesses. This has created a "ticking time bomb" that poses a significant risk to patient data. Fitzsimons warned that the government had "blundered" when they cut off the jobs of IT experts who were safeguarding the public health system.
Previous Security Breaches
The PSA is pointing to previous security breaches, such as the Waikato Hospital ransomware attack in 2021, as evidence that the government should have taken steps to address the risks posed by outdated systems and lack of IT expertise. Fitzsimons noted that the government failed to heed the lesson from that breach and instead forced Health NZ to cut the jobs of experts running digital services. This decision has left the public health system exposed to security risks, and the recent breach at ManageMyHealth has highlighted the consequences of this decision.
Government Response
The Health Minister, Simeon Brown, has stated that government agencies are working with ManageMyHealth to fully understand the scope of the breach and to protect the privacy of patients. He noted that there is currently no evidence that any Health NZ systems, including My Health Account, have been compromised, as ManageMyHealth has separate systems. However, the PSA is calling for a more comprehensive investigation into the impact of cuts to Health NZ’s digital services workforce and the risks posed to patient data.
Call to Action
The PSA is urging the Privacy Commissioner to reconsider a previous request to investigate the impact of cuts to Health NZ’s digital services workforce. Fitzsimons noted that the breach at ManageMyHealth is a clear example of the risks posed by the government’s decision to cut IT experts’ jobs. She warned that the public health system is at risk of further security breaches unless the government takes steps to address the lack of IT expertise and outdated systems. The PSA is calling on the government to take immediate action to address these risks and ensure that patient data is protected.
Conclusion
The security breach at ManageMyHealth has highlighted the risks posed by the government’s decision to cut IT experts’ jobs in the public health system. The PSA is warning that the public health system is vulnerable to security risks and that the government must take immediate action to address these risks. The call for the Privacy Commissioner to investigate the impact of cuts to Health NZ’s digital services workforce is a crucial step in ensuring that patient data is protected. The government must take a comprehensive approach to addressing the risks posed by outdated systems and lack of IT expertise in order to prevent further security breaches and protect patient data.
