Health minister slams Medibank breach affecting SA Health program
Health Minister Chris Picton has told Medibank it has a “responsibility to take action to support patients” after it was revealed thousands of clients from a South Australian home hospital service are affected by the company’s data breach.
Health Minister Chris Picton. Photo: Tony Lewis/InDaily
The hack of the major private health insurer has now implicated public patients of the Medibank/Calvary My Home Hospital program, a State Government service delivered by a joint venture between Calvary and Medibank.
Wellbeing SA announced yesterday the personal data of approximately 4400 My Home Hospital patients had been accessed as part of the wider Medibank information breach.
The service sees patients receive treatment and monitoring for mild conditions at home, which would otherwise occur in hospital.
Minister Picton said shortly after being informed of the breach’s repercussions to these patients he sought assurances from the CEO of Amplar Health (the Medibank health services division).
“I made clear my expectation that patients be provided with full support at Medibank’s expense, that patients be notified as soon as possible, that the public be made aware and that Medibank undertake a fully independent investigation,” Picton said.
“This was a contract which was signed with Medibank and Calvary in October 2020 by the former Liberal Government, [which] started the operation of the private program in January 2021.
“We will now examine the terms of the contract signed by the former government as to whether it has been complied with and whether the outsourcing contract contained sufficient protections.”
On Wednesday, Medibank confirmed all its customers along with offshoots AHM and international student customers had their data breached in this month’s cyber hack.
Chief Executive of Wellbeing SA, Lyn Dean said until yesterday the state government group was told there was no identified impact to the My Home Hospital patients.
“All of the patients impacted by the data breach are being contacted by Medibank to inform them of the situation and what actions they can take,” Dean said.
“My Home Hospital patients who accessed the service for the first time on or after 13 October are not impacted by the breach.
“My Home Hospital patients are the only SA Health patients aligned with Medibank and therefore the only ones who could have been affected.”
Dean told ABC Radio that in Wellbeing SA’s understanding, no drivers licence or Medicare numbers had been accessed as part of the breach.
“The data has been accessed, but they [Medibank] do not know whether at this point whether the data has been stolen – so it may well be that it’s been opened and seen and closed and no further action but they are working through this to determine that.”
Medibank has set up a hotline for My Home Hospital patients on 1800 081 245.
