• facebook
A A A
Temperature Humidity
News Archive Can search within past 12 months
  • Home

Security stepped up at hospitals in wake of data leak

2026-04-09 HKT 11:20
Share this story facebook
  • The Hospital Authority has reached out to more than half of the affected patients through various means. File photo: RTHK
    The Hospital Authority has reached out to more than half of the affected patients through various means. File photo: RTHK
The Hospital Authority said on Thursday it had stepped up security measures after a contractor allegedly downloaded information of tens of thousands of patients without authorisation.

A 30-year-old system developer, who was in charge of a system related to operating rooms in the Kowloon East Cluster, allegedly accessed the personal data of more than 56,000 patients, which were then leaked on a third-party platform.

Speaking on an RTHK radio programme, the authority's director of strategy and planning, Tony Ha, described the suspect's act as “illegal and very inappropriate”.

He said that while security had been tightened since then, it would have no effect on clinical services.

"First, regarding the routine monitoring system, we have further intensified our efforts," Ha said.

"Also, we have immediately reviewed all of the Hospital Authority’s internal daily operating clinical systems and have not detected any abnormalities or data breaches.

"Third, we have suspended access of all contractors to our systems.

"If they need to carry out urgent maintenance work, they must do so with our approval and under our supervision."

The director revealed around 30,000 affected patients have been notified through the "HA Go" mobile app or by phone, with the rest to find out by mail.

He said that a dedicated hotline, 5215-7326, had received hundreds of inquires so far, mostly regarding the cause of the breach and whether services were affected.

Secretary for Innovation, Technology and Industry Sun Dong also said the Digital Policy Office had followed up on the incident by contacting the Hospital Authority to provide advice and technical support.

He pointed out that the office had set out clear guidelines and requirements to ensure that employees get only specific access rights in order to safeguard the security of government systems and data.

Sun added that it is the duty of each bureau and department to ensure public institutions under their oversight adhere to government IT security policies and guidelines.



Edited by Raymond Yeung

Security stepped up at hospitals in wake of data leak