The state's public health system is highly vulnerable to cyber attacks but staff awareness of data security is low with issues around physical security, password management and other access controls, Auditor-General Andrew Greaves said in a report.
"We exploited these weaknesses in all four audited agencies and accessed patient data to demonstrate the significant and present risk to the security of patient data and hospital services," the report released on Wednesday said.
In two of the agencies, auditors managed to gain access to areas storing critical technology infrastructure, such as servers. And the auditors managed to get into restricted administration and corporate offices of all the agencies.
Share
