The Australian Digital Health Agency would like to confirm that secure messaging software – including Argus – does not connect to the My Health Record. Instead, this type of software allows one healthcare provider to send a message directly to another through a secure electronic channel.
The Agency understands that a vulnerability existed for a very small number of Telstra Health’s Argus customers operating without appropriate system security. The vulnerability has been addressed with a security patch and customers have been provided with the steps necessary to ensure they have the basic security settings in place. Telstra Health has communicated with its customers on multiple occasions about this vulnerability, the availability of the patch and steps on system security configuration.
Telstra has issued the below statement. If you have any questions or concerns about this issue, please contact Telstra Health.
Telstra Health statement
We became aware that a small number of our Argus customers' computers had been affected by Malware in January. We worked with the impacted customers to minimise damage, install a patch and quickly restore their access to the Argus platform.
We then informed our entire Argus customer base multiple times about the threat, the need to install the patch and provided technical support. We also recommended customers take steps to put in place security measures to remove any open internet access in the configuration of their systems.
We confirmed with the affected customers that there was no indication that personal information has been improperly accessed or disclosed.
To date, a majority of our customers have installed this patch. No additional incidents have been reported since the issue was addressed in late January.
[Source: Australian Digital Health Agency]