Liabilities and lessons: The MMH cyber-attack, and what the new addition to Privacy Law means for you

This Privacy update will cover two main issues: The MMH privacy breach has impacted thousands of patients and practices. This has not been the first cyberattack involving health information and is unlikely to be the last. In this interactive session we will discuss issues highlighted by this cyber-attack and some learnings made.  We also review your obligations under the law and consider your liability should this involve your patients.

We also discuss the new addition to Privacy Law, Information Privacy Principle 3A, which comes into force on 1 May 2026. This obligates us to notify patients when information is collected from someone other than the patient themselves. You will discover what this means for you and how to practically satisfy the requirements of this new principle.