Patient notes not at risk: GPs
Doctors network moves to allay fears after system hacked
The chief executive of a network of GP services has fronted up after a cyber attack that has left patient details potentially compromised. The attack, which targeted Pinnacle Midlands Health Network, affected services at offices and practices in Taranaki, Rotorua, TaupōTūrangi, Thames-Coromandel and Waikato.
The network includes Taupō Health Centre, Taupō Medical Centre and Lake Surgery in Taupō and Pihanga Health in Tūrangi.
Speaking from Hamilton, Pinnacle Incorporated CEO Justin Butcher says Pinnacle covers 86 regional practices.
He says malicious practice has breached their system, and the attack could have an impact on their commercial and patient records.
“We cannot confirm what data has been affected, this will take time. We will support those people who have been impacted.
“Patients may expect delays at our practices, patient notes are not at risk, as we only hold their NHI number, addresses and names.
“Unfortunately, malicious cyber activity is a constant threat and NZ is not exempt from it.
“The Privacy Commissioner has been informed and we are setting up a 0800 number for people to contact.
“We encourage people to be vigilant when online. As we are at an early stage of response and can't comment further.”
Investigations are still under way, but he believes the attackers accessed information that could include commercial and personal details.
“This will take time. However, we believe it is important to disclose this incident now, so we can support those people who have potentially been impacted,” he says.
“Our systems flagged the incident with us, and we were able to move swiftly to take the affected IT offline.
We engaged external support partners and launched an in-depth investigation alongside relevant authorities.
“The affected IT was immediately taken offline and contained.”
Butcher says they have laid complaints to police, Te Whatu Ora and other government agencies.
Pinnacle holds personal information such as names, addresses and national health index numbers.
Butcher says GP notes are not stored on their files.
He says the Office of the Privacy Commissioner has also been notified.
Practices that were affected are operating as normal with some delays.
“So, if you are needing care, please call your doctor or medical centre as you normally would,” Butcher says.
Those wanting more information can call a freephone support line and details would also be shared as they become available to www.pinnacle. co.nz
“We know that people will rightfully be very concerned about this, and we want to ensure the public that Pinnacle takes our role as stewards of people's information seriously, and security is of utmost importance to us. Unfortunately, malicious cyber activity is a constant threat and New Zealand is not exempt from this.”