WA Health traces data leak to third-party pager service

WA Health has suspended its use of a third-party paging service after information communicated over the service was found on a public-facing website.

The leak was first reported by 9News last night, which said that both “sensitive” and “confidential” information communicated between personnel from a number of agencies was contained on the website.

The website uploading the text of communications had been set up by an unknown party, 9News reported.

9News said the information included communications between doctors about suspected COVID-19 cases, and from “a child protection officer concerned about a young person in a group home.”

The state’s health department confirmed in a statement that the leak of such information constituted a breach, but said its own systems were secure.

“The Department of Health was alerted to a breach of confidential data associated with the use of a third-party pager service,” it said.

“[We] immediately contacted the vendor and asked that the paging component of its service be ceased until the issue is addressed.”

According to the department, the paging service provider “has indicated their services have not been compromised”.

“As a result of the breach, the Department has also reviewed its own data systems, and those of Health Support Services (HSS) – the shared service centre for the WA health system,” it said.

“The Department and HSS can confirm that there has not been a breach of health data sources. These systems remain secure.”

It said that “patient confidentiality is of utmost importance to the Department of Health”.

“[We are] dismayed that confidential information may have made it into the public domain.”