COMMUNITY leaders are seeking answers as to how a Cape York health care service’s computer systems were hacked leaving medical records and staff information vulnerable to cyber crime.
Apunipima Cape York Health Council contacted the Australian Cyber Security Centre and law enforcement authorities last week after a third party gained unauthorised access to its computer network.
Health officials believe hundreds of patients’ health records may be compromised as a result of the breach.
“While we are making measurable progress, we do not yet have an expected timeline for system functionality restoration,” an Apunipima spokesperson said.
“However our I.T. teams are working around the clock to achieve this, supported by our leading external advisors and experts. Our number one priority is the continuity of care and health services to the people and communities we serve, which is proceeding accordingly.
“Per our business continuity plan, we have transitioned to manual processes, which are working effectively, albeit with some minor delays.”
It’s understood the Aboriginal Community Controlled Health Organisation – which provides care to 11 communities across the Cape – first became aware of the issue on Monday morning.
Staff have told Cape York Weekly some Cairns-based staff were sent home during the week while computer systems were down.
Kowanyama mayor Robbie Sands said he had yet to be contacted by Apunipima.
“I’ve only heard about it on the news,” said Cr Sands, who is also the chair of the Torres and Cape Indigenous Councils Alliance.
“It’s a concern when data gets sucked in. I haven’t spoken to the chair or the board yet.
“At some stage, I’d like to get briefed on what they’ll do to protect data and improve security efforts in the future.
The breach should serve as a warning to all Cape-based businesses and councils, Cr Sands said.
“It’s not good when anybody’s information is potentially taken,” he said.
“That’s the perils of this day and age with everyone connected.
“It shows that it doesn’t matter how small your business is, it’s still vulnerable if you’re not protected.”
Lockhart River Aboriginal Shire Council mayor Wayne Butcher said he would be seeking answers on behalf of his community.
“I think it’s concerning if we are talking about people’s privacy and the potential for identity theft,” Cr Butcher said.
“The question they can’t answer is, how did this happen?
“Did they have proper security measures?”
The attack comes in the aftermath of two of Australia’s biggest telecommunication companies being hacked by cyber criminals.
“It is worrying after what happened with Optus,” Pormpuraaw Aboriginal Shire Council CEO Edward Natera said.
“No one has been able to tell us what has been accessed. Why don’t they have security to prevent these things from happening?”
Monash University clinical ethicist Dr Paul Komesaroff said safeguarding private health information from falling into the wrong hands is critical.
“We’ve got to find ways for Queensland Health to work with Aboriginal Community Controlled Health Organisations to make sure communities are adequately protected,” Dr Komesaroff said.
“Because next time there may be serious adverse consequences.
“The impact on people in those communities is that there could be information that can’t be shared because of cultural norms. Maybe that’s related to men’s or women’s business and sharing it can be corrosive to society.
“The other issue is the data privacy issue and identity theft with information used for illegal purposes.”
Cape York Weekly submitted specific questions to Apunipima regarding the cyber security breach last week.
The health service declined to comment, pointing to an update published on its website on Sunday evening.