SIDVOKODVO: The Luke Commission,a health facility used mostly by high profile people,is using a data system that is allegedly vulnerable to hacking.
Reached for comments on Monday afternoon, Echo Vanderwal,the Luke Commission Executive Director denied that the system of the organization was vulnerable to hacking,instead, she said it was the health staff that acted unethically.
When asked if she would consider strengthening the security of the data to protect patients’ information, the Manager threatened to sue this publication if the story was published.
“It’s not vulnerable to hacking, it’s vulnerable to professionals, who are not professionals and behaving in a criminal way, this is criminal behaviour.It’s violating the Data Protection Act and if you print anything, we will pursue you at the fullest extent of the law,” said the Luke Commission Manager.
But shortly after speaking to this journalist, insiders told this Swaziland News that the Manager rushed to change passwords and removed some staff members of the system.
In the Republic of South Africa, patients information is also protected by the Protection of Personal Information Act(POPIA), a legislation that sets out the minimum standards regarding accessing and 'processing' of any personal information belonging to another person.
The Act defines 'processing' as collecting, receiving, recording, organizing, retrieving, or the use,distribution or sharing of any such information.
An independent investigation conducted by this publication uncovered that despite being aware of such laws, the Luke Commission has been negligent and or staggering in strengthening the security of patients information.
The system from Slak Technologies is used by staff members including nurses and doctors to communicate,this investigative journalist managed to gain access to it and has been monitoring same for the past three(3)months, the sensitive data cannot be revealed for ethical reasons.
On or around 21st November 2022, two police officers were mistakenly shot by a soldier while on duty during a roadblock at Mkhondvo, the cops were subsequently rushed to the Luke Commission.
The system also contains data of civilians who were shot in the midst of the political unrest,some of the patients were dumped by the police at the Luke Commission after being shot thus making part of the information contained in the system of vital public interest.
Mswati’s Government has been denying shooting and killing civilians, however, data from the various hospitals and Ministry of Home Affairs where death certificates are registered exposes how Government has been hiding such critical information.
While monitoring the system, this journalist discovered that patients’ data was recorded from the guard house to wards,staff members take pictures of the patients, communicate and monitor their treatment through the system.
The data system also allows the staff to communicate via voice calls, on 22nd December 2022 around 13:04,Tengetile Mhlanga made a call seeking assistance from another staff member in her line of duty, due to the vulnerability of the system,the ‘hacker’ is able to listen to voice calls and or communication.
On the same day(22nd December 2022 Rachel Mpanza made a call at exactly 1644hours again, the ‘hacker’ was able to listen to the communication.
A screenshot on the Luke Commission data system that is vulnerable to hacking.