The privacy of hundreds of thousands of patient records at the Canberra Hospital was vulnerable to compromise because of the poor quality of data management in the Emergency Department, according to the Auditor General.
Auditor-General Maxine Cooper told an Assembly Committee this morning that the poor quality of the department's systems had implications that went beyond the "data doctoring" scandal.
Dr Cooper was giving evidence to the Assembly's Public Accounts Committee about her report into the manipulation of patient records in the Canberra Hospital.
Dr Cooper told the multi-party committee that her audit had been confined to the data manipulation and that she had not inquired into whether there had been any breaches of privacy laws caused by the lack of control over information systems in the hospital.
"The very poor system and access controls over the Canberra Hospital's Emergency Department's management system has wider implication beyond the inaccurate reporting of timelines performance," Dr Cooper said.
"There are risks to the privacy and confidentiality of patient information."
Senior Hospital Executive Kate Jackson has admitted to tampering with thousands of patient records between 2009 and 2012 in an effort to make the department's performance on waiting times look better.
The committee heard today that Ms Jackson, who has been stood down from her $200,000-a-year job, used four different generic log-ins to access the data system and make changes.
Dr Cooper and her team believe it is highly probable that other staff members might have made changed to patient information but that the poor quality of record keeping made in almost impossible to identity other culprits.