Skip to main content
News Directory 3
  • Business
  • Entertainment
  • Health
  • News
  • Sports
  • Tech
  • World
Menu
  • Business
  • Entertainment
  • Health
  • News
  • Sports
  • Tech
  • World

Manage My Health Security Breach: Expert Warns of Lax System

January 15, 2026 Robert Mitchell News
News Context
At a glance
  • Here's‍ a breakdown of the key points from the provided text, presented as factual statements without reusing the source's language or structure:
  • * ⁣The Digital Health Association advocated against the therapeutic Products Act, which proposed regulating health software and imposing ⁣penalties for non-compliance.
Original source: nzherald.co.nz

“This is the same pattern. They should have invested. They’ve had two years and these⁤ are the exact same areas that ‍have caused them ⁣the issue.”

The company did not respond ‍to him, he said.

Manage My⁢ Health has said it ⁤is indeed required to ‍hold on to patients’ data – even if their GP switches⁣ provider – unless patients deregister themselves.

However, ⁢Chopra believes Manage My Health could have another reason for holding on to patient records.

Its own website proudly ⁢notes ⁢its database of “1.8 million Kiwis” and ⁢its ability to get its customers’ message to them “when they’re ⁤thinking about their health”.

“If this company did not have any commercial gains ⁢to make out of this ⁢data, then they would⁢ not be ⁢paying the extra‍ storage costs for this data,” Chopra said.

Terms and conditions gave company an ‘out’

A Wellington IT ⁤worker caught up in the manage My ⁤Health data breach – whom RNZ has agreed not to name⁢ – also questioned the lack of‍ regulatory checks and balances.

“Health services that have this‍ information⁤ and these functions should be subject to the same scrutiny and compliance requirements ⁤and auditing⁤ as financial institutions.”If your banking app is down,⁢ it’s a huge deal ⁣and it gets lots of scrutiny.”

However, Manage ⁢My Health’s users could⁤ not say they were⁣ not warned,⁤ she said.

“The irony is that I actually read their terms and conditions,‍ and they⁤ haven’t breached them as their entire terms of usage is they can’t guarantee their system is any ‍good or that they’ll fix it, even if it’s foreseeable and they know about it.

“It’s essentially,⁣ ‘we can’t guarantee our product doesn’t suck, but here, give it a go’.”

Digital specialist Callum‍ mcmenamin (who also alerted manage My Health to its security vulnerabilities ⁣six months ago) ‍said the 300-page ⁣Health Information ⁢Security Framework contained many good‍ things⁤ – but⁣ entirely relied on “hand-wavy” self-regulation.

“It’s all just a high-trust system where the Government sets the standards but then ⁢closes its eyes and doesn’t⁤ check if the standards are actually⁤ being met.”

Industry has opposed regulation – commentator

According⁢ to political analyst Bryce⁤ Edwards from The Democracy Project, the lack of regulatory ‍oversight was “not an accident”.

The Digital Health Association – the industry body for health software vendors ⁢- had lobbied against what it called “overly burdensome privacy laws and regulation”, h

Here’s‍ a breakdown of the key points from the provided text, presented as factual statements without reusing the source’s language or structure:

* ⁣The Digital Health Association advocated against the therapeutic Products Act, which proposed regulating health software and imposing ⁣penalties for non-compliance.
* A ⁣concern raised ⁢was that the proposed Act lacked clarity and could create ⁣overly broad definitions.
* The Digital Health Association stated its support⁤ for⁣ regulation aimed at ensuring patient safety and effective digital health service delivery.
* The association believes that simply increasing ‍penalties isn’t sufficient for data protection; ongoing investment in security is also crucial.
* ⁢ Health NZ ⁣holds Manage My Health accountable for data security.
* Health NZ has published a Health Information ‍Security Framework (HISF) to guide the‍ health⁤ sector on secure information management.
* Health NZ is ⁣exploring the possibility of requiring autonomous cybersecurity audits for third-party providers,including patient portals,in the future.

Share this:

  • Share on Facebook (Opens in new window) Facebook
  • Share on X (Opens in new window) X

Related

about, cybersecurity, Expert, Health, Hill, ignored, LAX, manage, my, ruth, security, System, Warning

Search:

News Directory 3

News Directory 3 catalogs US newspapers, news services, newsstands and digital news outlets across all 50 states. Browse local publishers by city, state, or topic, and follow current headlines linked back to their original sources.

Quick Links

  • Disclaimer
  • Terms and Conditions
  • About Us
  • Advertising Policy
  • Contact Us
  • Cookie Policy
  • Editorial Guidelines
  • Privacy Policy

Browse by State

  • Alabama
  • Alaska
  • Arizona
  • Arkansas
  • California
  • Colorado

© 2026 News Directory 3. All rights reserved.
For contact, advertising, copyright, issues email: office@newsdirectory3.com