Website snafu hits health watchdog

No confidential information exposed, NHPCOPC says

The office of the National Health Practitioner Ombudsman and Privacy Commissioner says its website suffered a “technical issue” yesterday evening “as a result of routine website maintenance”.

The Wordpress-based site temporarily showed a directory listing instead of the agency’s home page, offering direct access to files including an SQL database dump.

“The cause was not cyber security related, but a maintenance issue, and the situation was rectified by 9:40pm on Tuesday evening,” a spokesperson told Computerworld.

The National Health Practitioner Ombudsman and Privacy Commissioner role was established in 2010 as an independent statutory officer appointed by the Australian Health Workforce Ministerial Council. In addition to its FOI role, the office receives complaints relating to the bodies that oversee  Australia’s national health practitioner regulation scheme.

The spokesperson said that the office’s website is “public facing and its purpose is to provide general information only about the work of the National Health Practitioner Ombudsman and Privacy Commissioner.”

“It is important to note that the website does not host or collect identifying personal information, or health information such as medical records,” the spokesperson said.

Although no confidential information was exposed by the problem, it occurs at an inopportune time for the government, which is facing heightened scrutiny over privacy concerns relating to the national eHealth record system.

Earlier this month, a three-month ‘opt out’ period began for the My Health Record system. If individuals choose do not opt out, a record will automatically be created by the end of 2018.

A number of individuals have reported that had not realised they already had My Health Records. Some of those records may have been created as part of trials of the opt-out model in parts of Queensland and New South Wales.

The shift to an opt-out model follows a 2013 review of the system (then known as the Personally Controlled Electronic Health Record, or PCEHR), which concluded that it would help the system reach critical mass.

The opt-out period ends 15 October.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags privacyhealthMy Health Record

More about Australia

Show Comments