Australian Information Security Audit Report May 29 2019

Four health services audited, all four exploited.

Reported in: iTnews

An auditor-general report released Wednesday exposed widespread security weaknesses and vulnerabilities that it said left patient data at risk.

“There are key weaknesses in health services’ physical security, and in their logical security, which covers password management and other user access controls.

The audit covered Barwon Health, the Royal Children’s Hospital, the Royal Victorian Eye and Ear Hospital and two different areas of the Department of Health and Human Services (DHHS).

In all four agencies, the auditor-general’s team was able to exploit weaknesses and access patient data.