Health Minister Simeon Brown has directed the Ministry of Health to examine its handling of a cybersecurity breach at ManageMyHealth that exposed patient data.
“I know this breach will be very concerning to the many New Zealanders who use ManageMyHealth, and we need assurances around the protection and security of people’s health data,” Brown said.
“Patient data is incredibly personal, and whether it is held by a public agency or a private company, it must be protected to the highest of standards.”
“We must learn from this incident to avoid any repeat events in the future.”
The review aims to identify the incident’s causes, evaluate the sufficiency of existing data safeguards and the response measures, and propose enhancements to avoid future occurrences.
“While this review should commence as soon as possible, it is important that the focus continues to be on the immediate response to the incident and that we do not distract from this response.”
“An Incident Management Team has been meeting daily to coordinate advice and support across government agencies.”
Hackers threaten to leak 400,000 patient records unless ManageMyHealth pays up.
ManageMyHealth has filed for a High Court injunction in Wellington amid the breach. No hearing date has been set yet.