WA Health: No breaches of unencrypted COVID data means well managed and secure system
The Auditor-General of Western Australia has once again given state authorities a whack for security weaknesses in IT systems used in the state, with a report on its Public Health COVID Unified System (PHOCUS) tabled on Wednesday.
PHOCUS is used within WA to record and track and trace positive COVID cases in the state, and can contain personal information such as case interviews, phone calls, text messages, emails, legal documents, pathology results, exposure history, symptoms, existing medical conditions, and medication details. The cloud system can also draw information in from the SafeWA app on check-ins -- which the Auditor-General previously found WA cops were able to access -- as well as from flight manifests, transit cards, business employee and customer records, G2G border-crossing pass data, and CCTV footage.
"This demonstrates the robustness of PHOCUS and that the data is well managed and secure."
Related Coverage
WA government allocates AU$25.5m to expand cybersecurity services
The Office of Digital Government's cybersecurity unit will score additional personnel under the funding.
Auditor finds WA Police accessed SafeWA data 3 times and the app was flawed at launch
WA Health released SafeWA check-in information for purposes other than COVID-19 contact tracing, with six requests being made by the police despite government messaging that the information would only be used to support contact tracing.
WA Auditor-General drags local governments over horrendous cyber risk management
Usage of out-of-date software came in for special treatment from the Western Australia Auditor-General, with one entity vulnerable to a 15-year vulnerability.
Western Australia sets out digital to-do list in first roadmap release
The hard border state is running 22 projects across 12 government agencies to get it a step closer to achieving its whole-of-government digital strategy.
328 weaknesses found by WA Auditor-General in 50 local government systems
The computer systems of 50 Western Australian local government entities were probed and the result was the finding of 328 control weaknesses, with 33 considered as significant by the Auditor-General.