WA Health criticised over Covid-19 data management

By on
WA Health criticised over Covid-19 data management

Audit finds insufficient protections in PHOCOS.

Western Australia’s auditor-general has criticised lax protection of personal data collected as part of the state’s response to the Covid-19 pandemic.

Caroline Spencer said in a statement (PDF) WA Health’s Public Health COVID Unified System (PHOCOS) “contains some of the most sensitive and consequential data” the state has collected in the last two years. 

In the report (PDF), Spencer wrote that “WA Health does not adequately log and monitor who has accessed information to detect inappropriate changes or snooping, and has provided an external vendor with inappropriate access to personal and medical information.”

She was also critical of the public information offered by WA Health.

The department “has told the community little about the types of personal and medical information PHOCUS collects (about positive cases, close and casual contacts, and travellers) to support contact tracing, and that this information is stored indefinitely.”

The lack of transparency could erode trust in government institutions, Spencer wrote.

The auditor also noted that she had raised similar issues delivering an audit of SafeWA in 2021.

Spencer also found that manual processes in WA Health’s contact tracing system eroded data quality.

“Manual data entry processes were inefficient and prone to increased errors, especially as large datasets were involved”, the audit report stated.

WA Health has accepted all recommendations made in the report, but noted: “the report highlights many historic items that have largely been previously addressed or were issues where existing controls were strengthened.”

The department also said that “no breach of privacy has occurred”.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
covid19privacysecuritystrategywestern australia

Sponsored Whitepapers

Planning before the breach: You can&#8217;t protect what you can&#8217;t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership
Don&#8217;t pay the ransom: A three-step guide to ransomware protection
Don’t pay the ransom: A three-step guide to ransomware protection

Events

Most Read Articles

Kmart Australia stands up consent-as-a-service platform

Kmart Australia stands up consent-as-a-service platform
NSW digital driver's licences 'easily forgeable'

NSW digital driver's licences 'easily forgeable'
Kmart Australia re-platforms ecommerce site to AWS

Kmart Australia re-platforms ecommerce site to AWS
Westpac promotes its head of technology to mortgage role

Westpac promotes its head of technology to mortgage role

Digital Nation

Metaverse hype will transition into new business models by mid decade: Gartner
Metaverse hype will transition into new business models by mid decade: Gartner
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
As NFTs gain traction, businesses start taking early bets
As NFTs gain traction, businesses start taking early bets
Case Study: PlayHQ leverages graph technologies for sports administration
Case Study: PlayHQ leverages graph technologies for sports administration
The other &#8216;CTO&#8217;: The emerging role of the chief transformation officer
The other ‘CTO’: The emerging role of the chief transformation officer

Log In

  |  Forgot your password?