The Australian Privacy Commissioner, Timothy Pilgrim, has stepped in to investigate whether any personal information has been compromised in the wake of a potential data privacy breach within the Department of Health. The speedy move to investigate comes in the wake of the health department’s removal of a reseach dataset from data.gov.au following an alert by Melbourne University researcher, Dr Vanessa Teague from the Department of Computing and Information, who was analysing the 10 per cent linked dataset and found it was possible to decrypt some service provider ID numbers. “The Department of Health has notified me of a potential vulnerability within the Medicare Benefits Schedule and Pharmaceutical Benefits Scheme datasets, published on data.gov.au,” Pilgrim said in a statement. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe “Based on the information provided, I have opened an investigation under section 40(2) of the Australian Privacy Act 1988. The primary purpose of the investigation is to assess whether any personal information has been compromised or is at risk of compromise, and to assess the adequacy of the Department of Health’s processes for de-identifying information for publication.” Pilgrim said he welcomes the decision of the Department of Health to immediately suspend access to the data set, and the results of his investigation will be published at its conclusion. At this stage, the Department of Health has temporarily removed datasets that were drawn from the Pharmaceutical Benefits and Medicare Benefits schemes and published on the government’s open data portal, data.gov.au. It stresses, however, that the dataset does not include names or addresses of service providers and no patient information was identified. “However, as a result of the potential to extract some doctor and other service provider ID numbers, the Department of Health immediately removed the dataset from the website to ensure the security and integrity of the data is maintained,” the department said. “No patient information has been compromised, and no information about the health service providers has been publicly identified or released.” The Department of Health said it is undertaking a full, independent audit of the process of compiling, reviewing and publishing this data and this dataset will only be restored when concerns about its potential vulnerabilities are resolved. Related content opinion The changing face of cybersecurity threats in 2023 Cybersecurity has always been a cat-and-mouse game, but the mice keep getting bigger and are becoming increasingly harder to hunt. By Dipti Parmar Sep 29, 2023 8 mins Cybercrime Security brandpost Should finance organizations bank on Generative AI? Finance and banking organizations are looking at generative AI to support employees and customers across a range of text and numerically-based use cases. By Jay Limbasiya, Global AI, Analytics, & Data Management Business Development, Unstructured Data Solutions, Dell Technologies Sep 29, 2023 5 mins Artificial Intelligence brandpost Embrace the Generative AI revolution: a guide to integrating Generative AI into your operations The CTO of SAP shares his experiences and learnings to provide actionable insights on navigating the GenAI revolution. By Juergen Mueller Sep 29, 2023 4 mins Artificial Intelligence feature 10 most in-demand generative AI skills Gen AI is booming, and companies are scrambling to fill skills gaps by hiring freelancers to make the most of the technology. These are the 10 most sought-after generative AI skills on the market right now. By Sarah K. White Sep 29, 2023 8 mins Hiring Generative AI IT Skills Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe