Get all your news in one place.
100’s of premium titles.
One app.
Start reading
ABC News
ABC News
Health

Natasha Fyles says NT Health patient files were 'inadvertently shared' with overseas company during system upgrade

Chief Minister Natasha Fyles has continually denied the incident amounted to a "breach of identifiable data".  (ABC News: Michael Franchi)

Chief Minister Natasha Fyles has continued to deny a "breach of identifiable data" occurred during a transfer of Northern Territory public health patient files to an overseas software company. 

However, she admitted the identifiable medical information of a number of patients was "inadvertently shared" during the process. 

It comes after the ABC revealed last week that more than 50,000 patients had their health files sent between two NT government departments in 2018 and 2019 as part of a software system upgrade.

More than 3,000 identifiable records were then transferred to global software vendor Intersystems, which has offices in 27 countries including in Europe, South America and China.

Some patient items were classed as having very-high or high clinical risk, such as psychology reports and psychiatric facility visits, termination of pregnancy or stillbirth records, and electroconvulsive therapy — also known as electric shock therapy — records.

Patients including those classed as having high and very-high clinical risk have been impacted by the breach.  (ABC News: Che Chorley)

Speaking on ABC Radio Darwin, Ms Fyles has again refused to characterise the incident as a "breach". 

"At no point was there a breach of identifiable patient data, that did not happen," she said. 

"It was not a data breach in the sense that identifiable patient data was put out onto the dark wide web of the internet."

However, she admitted "some patient information was inadvertently shared" with the company. 

"Thousands [of files] were transferred...31, in error, had patients' information in them," she said.

Last week NT Health chief executive Marco Brecino said of the incident: "This is what we consider a breach."

"It was an error, it was a mistake made."

'I was not a decision-maker'

Ms Fyles, who was the health minister at the time of the incident and continues to hold the portfolio, has repeatedly said she was not involved in the process of deciding not to publicly disclose the incident. 

"No, I was not a decision-maker in this process. I was aware of the incident as I am aware of a lot of things as Health Minister," she said. 

"I'm happy to take responsibility and it should not have happened, absolutely."

Information Commissioner Peter Shoyer has distanced himself from the decision not to make the incident public.  (ABC News: Ian Redfearn)

Ms Fyles did not disclose who made the decision to keep the incident private, but said "the Information Commissioner was involved". 

However, Commissioner Peter Shoyer sought to distance himself from the incident last week, saying he only had the opportunity to offer "brief advice" to the government. 

He also referred to the incident as a "privacy breach". 

"We offered to assist further but there was no further request for assistance and we were later advised that the privacy breach was being managed in-house," he said in a statement.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.