Updates from the Practice Team

MMR and people visiting Samoa and other Pacific Island countries and the Philippines

Nov 21 2019

Current MMR priority groups within the Wellington region have been updated. The existing groups cover children's vaccinations (15 month and 4 years), opportunistic vaccination for those aged 5-15 years, and babies going to Auckland and other countries experiencing measles outbreaks. 

Patients travelling to Samoa, and other Pacific Island countries and the Philippines who does not have documented evidence of having the MMR vaccine, will need to book in with a nurse to get the vaccine. If you are unsure of your MMR status, this can be checked on Manage My Health or alternately you can call Newtown Medical Centre. 


NMC Team 

NMC Holiday Working Hours

Nov 12 2019

NMC Holiday Working Hours

December 2019 - January 2020

Tuesday 24th        7:45am – 3.30pm

Wednesday 25th  CLOSED

Thursday 26th      CLOSED

Friday 27th       7:45am – 5:30pm

Monday 30th     7:45am – 5:30pm

Tuesday 31st    7:45am – 3.30pm

Wednesday 1st               CLOSED

Thursday 2nd                 CLOSED

Friday 3rd         7:45am – 5.30pm

We will return to normal hours starting on 

Monday 6th of January.




Free Menopause group session

Oct 24 2019

Free Menopause group session

Hot & Bothered? Poor sleep? Fuzzy Brain?

Are you going through menopause and interested in meeting in a small group with Dr Jill Shepherd to discuss menopause and what you can do to help get through it.

Please email Dipa.Patel@newtownmc.co.nz to express your interest in attending a session.

More details on the time/date/place to come - watch this space!

Labour Day

Oct 22 2019

Newtown Medical Centre will be CLOSED on Monday 28 2019 due to Labour day public holiday. We will re-open on Tuesday 29 at 7:45am. 

If you are needing urgent medical care, Wellington accident and urgent medical centre on Adelaide road will be open on Monday. 

Tu Ora Compass Health Cyber Update

Oct 07 2019
Please read the FAQ below to find some answers to questions that you may have about this incident

What happened?

Tū Ora Compass Health’s website was defaced in August 2019 during a widespread global cyber incident, which exploited a vulnerability first identified in early July. The August attack prompted Tū Ora to take our server offline, strengthen our IT security, and an in-depth investigation by the relevant authorities was started. This included the National Cyber Security Centre, Ministry of Health, Police and other agencies.

What became clear during the investigation was evidence of previous attacks by cyber criminals dating back to 2016.
Despite careful investigation, we cannot say for certain whether or not the cyber-attacks resulted in any individual patient information being accessed. It is likely that we will never know.

Who is Tū Ora Compass Health and why does it collect data?
Tū Ora Compass Health is one of 30 Primary Health Organisations (PHO) in New Zealand. One of the roles of a PHO is to collect and analyse general practice data. Medical centres provide PHOs like Tū Ora Compass Health some limited patient data e.g. details of all those who have had immunisations. The data is analysed by Tū Ora and then given back to the medical centres where it is used to help GP teams to provide high quality care e.g. people to contact who have not had immunisations to encourage them to do so.
The reason we collect this information and provide it back to GPs is to improve the care people receive. Ensuring people get proactive screening for diseases like cancer and get treatment for chronic conditions like diabetes. This helps save lives and keep people well.

Tū Ora also delivers some clinical services such as podiatry, mental health, and diabetes care. Patient information collected as part of delivering these clinical services is contained within the Tū Ora IT systems.

Who is potentially affected by this cyber-attack?
People who have been enrolled with a medical centre in the greater Wellington, Wairarapa and Manawatu regions since 2002.
The current population of these areas are around 648,000 people, but including those now deceased or who have moved away from the area, the data covers nearly 1 million people.

Was patient data accessed illegally?

While we have no evidence that access to patient data has occurred, we cannot rule out the possibility that some patient data may have been accessed during the cyber-attack.

What patient data is held by Tū Ora?
Tū Ora does not hold your GP notes, these are is held by individual medical centres. This means notes made on consultations you have had with your GP are not at risk. We do not hold the data contained in your patient portal if you have one.
We hold data that includes, who is enrolled at which medical centre, their National Health Index Number, name, date of birth, ethnicity and address.
We also hold some medical information provided by medical centres to us that we analyse and provide back to the medical centres to support timely quality care. 

For instance, Tū Ora provides GPs and practice nurses with information on:
• Which children are due for immunisation
• Whether people with diabetes are up to date with all the checks and are being treated according to best practice
• Whether people aged over 65 have had a flu vaccination yet
• Who has been admitted to hospital for a potentially avoidable condition
• Which women are due to be recalled for cervical screening
• Who is due for a heart and diabetes check.

As part of delivering clinical services such as podiatry, mental health and diabetes care, Tū Ora also holds some patient information required for those services.
We also hold some organisational financial data for the practices and other health care providers that we work with e.g. invoices and account details, that enable us to pay for services delivered.

The Piki youth mental health programme data is not included in the information potentially illegally accessed.
We do not hold ACC claims data.

Is there any other information you may have on me?
We hold no banking, credit card or financial information for patients. We do not hold any information such as passport numbers, driver license numbers, or, tax numbers. We only hold a part of a medical record for data analysis, reporting and specific service delivery purposes.

Why don’t you know whether patient data was accessed?
We do not have Audit logs back to 2016.

What is being done to stop this happening again?
As soon as we found out about the August 2019 cyber-attack, we took the affected server offline. We increased security for our systems and contacted relevant authorities immediately, who began a thorough investigation.
We’re currently moving to a new more modern, and more secure digital platform that is in line with international best practice.

Can you guarantee a cyber-attack won’t happen again?
While we are committed to using the best, most up to date security, international experience shows that not even the largest corporations or organisations can guarantee they are immune to criminal activity.

What does this mean for me?
While we have no evidence that patient data was accessed, criminals can use personal data to commit crimes such as identity theft and fraud, by combining the data with information stolen from other sources.
Are people affected by this potentially more susceptible to scams now?
Yes. We are advised that cyber criminals, even if they have no actual information, try to scam people by claiming they have it even when they don’t. Unfortunately, if they do have it, then there is also the likelihood of more scams or attempts to use any information they hold to get more or to obtain money.

What action do I need to take?
While we have no evidence that patient data was accessed, we encourage you to be vigilant to unusual online requests; never share your passwords or account details and follow good online security practices.
This means:
• keeping software up to date
• regularly changing passwords and
• ensuring that you have different passwords for different activities for all online activities.
Cert NZ has more information about staying safe online here.

How can I get more information and support? 

If you want to know more, please call our support line on 0800 499 500. If you are calling from overseas please use +64 6 9276930.

If you are feeling distressed and need support, please call the 1737 mental health support line. 1737 is free to call and doesn’t use up any of your mobile data.

How do I report fraud or cybercrime?
Contact the Police if you believe your identity may have already been used in a fraudulent way cybercrime@police.govt.nz

Did I consent for my data to be collected?

Yes. When you enrolled with your GP, the enrolment form includes a consent item around data collection and use of health information.

How can I opt out of my data being collected by my GP?

At the moment is not possible to opt out of this arrangement due to system limitations. But we are working with the Ministry of Health and other agencies to consider this for the future.

Can I trust that information I share with my GP is safe?

GP patient notes are not held by Tū Ora Compass Health. They have not been affected by this cyber-attack. The primary care summary record system that is used by hospital service providers and by after-hours services, is also not affected by this cyber incident.

Cultural concern
If you have specific cultural concerns around health information, please call the support line on 0800 499 500.
Can I find out what information Tū Ora holds on me?
Not yet. We do not store your information as one health record. Information is collected for specific claiming and reporting purposes and we don’t have a process to amalgamate the data yet. We are working on this.

What’s happening to make Tū Ora data safer in the future?
Tū Ora has already moved its public websites to a new platform, and has strengthened its security measures by:
1) Enhancing its anti-virus and email scanning software
2) Implementing Security Incident and Event Management (SIEM) system
3) Implementing a Web Application Firewall (WAF)
4) Established a Security Operations Centre (SOC) for real time monitoring and resolution of cyber threats.

We are also part way through a planned movement to more modern more secure infrastructure using Microsoft Azure.

The new Tū Ora Microsoft Azure environment will be fully secured, with a defence in depth approach to protecting all our electronic assets.

Microsoft Azure itself is fully compliant with the international ISO 27001 cyber security standard.
Tū Ora will also be using the Advanced Threat Protection features available from our investment in the Microsoft 365 suite of products, including device and application protection, data loss protection and full data encryption.
We expect to have completely moved to the new platform by April 2020.

What about Research Data?
Tū Ora holds data relating to ethics approved research studies conducted with academic institutions. Some of this research includes some notes from some GP consultations from some medical centres for some people. Recent research project topics have included: Influenza like illness prevalence, child health, and osteoarthritis prevalence.


Measles Update

Sep 16 2019

For the next 4 weeks Newtown Medical Centre will not be booking in adults for the MMR vaccine. Our priority at this stage is to immunise our under 5's until Ministry of Health is confident of MMR stock supplies in the central regions. 

Below are some useful websites: 

IMAC Website: https://www.immune.org.nz/hot-topic/measles-overseas-and-new-zealand

Regional Public Health website: ww.rph.org.nz/measles

Refer Parents of children up to 14years immune status queries to NIR@compasshealth.org.nz 

Kind Regards

Newtown Medical Centre Team  

Urgent prescription requests

Sep 09 2019

As of Monday 9th September 2019, all URGENT/SAME DAY prescription requests will need to be in by 1pm on the day. Any requests after 1pm will be dealt with in next working day. This is to allow enough time for your request to be actioned as there is not always a clinician on hand to process prescriptions.

Kind Regards

Newtown Medical Centre Team. 

High Call Volume

Sep 03 2019

We are currently experiencing a very high call volume. We do apologise for any inconvenience this may cause.

We advise that if your call is in regards to MMR vaccines, please do visit www.newtownmc.co.nz or https://www.health.govt.nz/ (ministry of health website) for more information regarding MMR.

Did you know, appointments and script requests can be made on Manage my health. If you are not yet signed up to Manage my health, please ask at reception.

Thank you,
Newtown Medical Centre Team

Copyright : Compass Health 2019