Samuel Davis, Cape York Weekly
Simmering tensions between Queensland Health and a Cape York medical service over a major cyber security breach have surfaced in a leaked email sent to community leaders. Apunipima Cape York Health Council staff have been locked out of information systems since the remote service suffered a ransomware attack two weeks ago.
Since then, Torres and Cape Hospital and Health Service has severed all electronic links with Apunipima and an incident management team has been stood up to oversee its response.
But in an email to mayors that was forwarded to Cape York Weekly, TCHHS revealed it is urging Apunipima to finally tell them what has happened to confidential patient records.
“TCHHS has formally requested information from Apunipima to advise of Personal Identity Information such as Queensland Health patient information being stolen and held to ransom,” it read.
“At this stage TCHHS has not received confirmation from Apunipima as to whether personal information of TCHHS patients has been breached by the cyber attackers, any payment of ransom, or publication of TCHHS information.
Tension between health providers a major issue
“All Apunpima’s ICT systems are currently offline and patient care has been switched to paper-based processes.”
The breakdown in communication highlights data sharing problems amongst health services across the Cape, the Australian Medical Association of Queensland’s representative Dr Michael Clements said.
“This is a system problem within remote communities where you have so many fly-in fly-out services,” he said.
“When you have so many different service providers – not just Queensland Health but other services and specialists like Apunipima and the RFDS, problems can arise.
“If we have proper sharing, we can minimise unnecessary patient testing and possible harm.”
Dr Clements warned that limiting Apunipima’s access to health records in the future as a result of the breach would be a mistake.
“You can almost liken it to being in the military. Countries are unlikely to share secrets with other countries if they think they are likely to lose that information,” he said.
“But as soon as we stop sharing information in a safe way, or patients lose trust, it leads to poor health outcomes.
“We shouldn’t look at it as a singular organisation’s failure.
“We know medical centres get targeted regularly and will likely be more so in the future. So we need a coordinated approach.”
Last year, a Four Corners investigation revealed the tragic case of three women with severe Rheumatic Heart Disease (RHD) in Doomadgee who all died within a year after seeking treatment at the community’s hospital.
Dr Clements said the women’s deaths served as an example of what can happen when health information is not being shared across services.
“If we look at Doomadgee and when those patients presented at hospital, some of their information was held in a different system,” he said.
Cape York Weekly has made numerous attempts to speak with Apunipima. It has declined to comment.
Related story: Held to ransom – Apunipima left vulnerable after hack
This article appeared in Cape York Weekly, 18 October 2022.
