Following a series of significant health data breaches, the government released a cyber security strategy and action plan to establish a national framework for responding to escalating cyber threats.

The strategy covers New Zealand’s critical infrastructure, from the electricity grid to transport, financial payment systems and the health sector. The government held consultations with each sector this week.

We argue better regulatory oversight is particularly urgent for the health sector.

Late last year, more than 120,000 New Zealanders had their medical records compromised when the patient data portal Manage My Health was hacked.

Then in February, the prescription app MediMap was taken offline after patient information was found to have been altered in a cyber attack.

These security breaches have damaged trust in New Zealand’s entire health system. They are being investigated as part of a government review and an inquiry by the privacy commissioner.

To stop this from happening again, the government must require all parties holding, transferring or sharing health data to be subject to regulatory oversight and mandatory audits, regardless of whether they are in the private or public sector.

Lack of a single cyber security law

From a public standpoint, the distinction between public........

© The Conversation