Two cyber hacks have highlighted the vulnerability of New Zealand’s digital health systems – and the vast volumes of patient data we rely on them to protect.

Following the hacking of Manage My Health – compromising the records of about 127,000 patients – and an earlier breach at Canopy Health, a concerned public is asking how this happened and who is to blame.

The most urgent question, however, is whether it can happen again.

Manage My Health (MMH) – a patient portal used by many general practices to share test results, prescriptions and messages – published its first public notice about a cyber security incident on New Year’s Day.

According to the company, it became aware of unauthorised access on December 30, after being alerted by a partner. It says it immediately engaged independent cyber security specialists and that the compromise was limited to its “Health Documents / My Health Documents” module.

The Office of the Privacy Commissioner confirmed it was notified on January 1 and later published guidance for those affected. The National Cyber Security Centre

© The Conversation