AU: MyGov health records breached in site flaw
AAP and Leon Spencer report:
Two data breach notifications were received by the Australian Information Commissioner last financial year in regards to the government-administrated online health system.
The first allowed healthcare providers to view the personal health notes of consumers following a flawed technical change to the eHealth system, according to the commissioner’s annual report.
The eHealth system operator identified the cause in December, and a fix was put in place to prevent further access.
The second data breach, which occurred in May, came about while consumers were linking their personal eHealth records to the myGov website — a one-stop shop for all online government services.
In some cases, the previous computer user had not logged out of their myGov account.
This meant that when the second user’s eHealth account was linked to myGov, the first user gained access to both sets of eHealth records.
Read more on ZDNet.