The Federal Court has ordered Australian Clinical Labs (ACL) to pay AU$5.8 million in civil penalties following a 2022 data breach involving its then-newly acquired Medlab Pathology business. The breach affected over 223,000 individuals whose data was accessed and infiltrated by malicious actors and is one of Australia’s most significant healthcare cyber incidents.
Read MoreBy Cameron Abbott, Michelle Aggromito and Alyssia Totham
The Australian Competition and Consumer Commission (ACCC) is taking on Australia’s largest online health marketplace, HealthEngine. In return for a fee, HealthEngine provided without adequate disclosure, patient information to nine private health insurance brokers.
The MedTech platform functions as an online booking service for many health care providers Australia-wide. During the booking process, HealthEngine would ask users two additional questions. Firstly, they would ask if the user had private health insurance. Secondly, they would ask if the user would like to be contacted with health insurance comparison information. By clicking ‘Yes’ to the second question, users had their personal information transferred to health insurance brokers. This information comprised the user’s name, contact details, date of birth and private health care status.
Read MoreCopyright © 2025, K&L Gates LLP. All Rights Reserved.