Waikato DHB failed OIA requirements over cyber security breach – Ombudsman

Natalie Akoorie reports:

A district health board has failed to meet its requirements under the Official Information Act, prompting intervention from the Chief Ombudsman.

Waikato District Health Board largely ignored a series of questions from Local Democracy Reporting in June regarding the cyber security breach that paralysed the DHB in May, forcing the postponement of surgeries and relocation of some cancer patients.

Read more on Stuff.

Of note, they claim that they have not yet fully restored all of their systems. But regardless, they had an obligation under NZ law to respond to inquiries within 20 days and they did not, giving the government a bunch of explanations as to how they interpreted the inquiries and why they granted themselves an extension to respond.

Revealed: Afghan data breach after MoD official left laptop open on train
Canada says hacktivists breached water and energy facilities
UK: FCA fines former employee of Virgin Media O2 for data protection breach
China Amends Cybersecurity Law and Incident Reporting Regime to Address AI and Infrastructure Risks
Alan Turing institute launches new mission to protect UK from cyber-attacks
Some lower-tier ransomware gangs have formed a new RaaS alliance -- or have they? (1)

Related: