Statement on historic health data incident, no ongoing risk to patients

Published

NT Health and the Department of Corporate and Digital Development (DCDD) have been working to develop a new health digital system, Acacia. Acacia is replacing six ageing health systems and will transform the way patient care is delivered.

Implementing Acacia requires the transfer of patient data from old systems to the new Acacia system.

In 2018 and 2019, as part of the initial design process, example reports, forms and other documents existing within the ageing systems were required. Unfortunately, some of the clinical documents supplied contained identifiable information.

The issue was identified and immediate steps were taken to identify, contain and remove records with identifiable health information exchanged between officers working on Acacia, including two government agencies and one contractor, Intersystems.

NT Health patients are advised:

  • All records shared containing identifiable data were located, quarantined and deleted.
  • At no time were records stored outside Australia.
  • The data share of records was not related to a software security issue or a cyber security compromise – the information has not been accessed by a malicious actor.
  • InterSystems contractors work within the Acacia project team and operate within extensive confidentiality and information privacy requirements that are also codified in commercial contracts.
  • InterSystems staff working on Acacia operate within Australia.
  • NT Health data and systems are protected by NT Government information and communication technology (ICT) controls and stored in Australia.
  • Additional controls have been put in place to strengthen data governance of receipt of data to the Acacia project.

There is no ongoing risk to any individual and Territorians can be assured their health data is protected by NT Government ICT controls.

Any person with concerns about privacy protections in relation to health records can contact the NT Health Information and Privacy Unit at infoprivacyhealth.ths@nt.gov.au.

More information regarding privacy complaints to NT Health can be found on the freedom of information page or you can submit your feedback on the DCDD website.

NT Health offers its apologies for any distress this may have caused and reiterates that every step has been taken to reduce the possibility of any reoccurrence.

Back to news listing

Share this page:

URL copied!