Dear Nigel

 

Thank you for your OIA request received today.

 

We will respond to your request within 20 working days of the date it was
received.  However, should we have difficulty in meeting that deadline, we
will be in touch with you as to the reason why.

 

Regards

Anna

 

Anna Monastra I Senior Administration Assistant

Communications I Waitemata DHB

Level 2, 15 Shea Terrace, Private Bag 93-503, North Shore 0740

[1]www.waitematadhb.govt.nz

 

 

 

 

From: Nigel Jones <[2][FOI #5638 email]>
Date: 29 March 2017 11:00:56 pm NZDT
To: OIA/LGOIMA requests at Waitemata District Health Board
<[3][Waitemata District Health Board request email]>
Subject: Official Information request - Windows XP Deloyments at WDHB +
Contractors

Dear Waitemata District Health Board,

Today I became personally aware that WDHB/one of your contractors still
have Windows XP deployments in use.

Concerned, I'd therefore under the Official Information Act like to
request the following information:

1) How many devices do Waitemata DHB own that run Windows XP, or other
End-Of-Life'ed (EOL) operating systems (Including for instance:  Windows
Server 2003).
-> If possible, please advise counts for the following criteria:
---  Number of Devices that have network connectivity of any sort
---  Counts per different Operating System type & version

2) With regard to companies that provide services on behalf of WDHB that
handle patient information, or have access to patient information:
a)  What requirements are set out with regards to information security?
b)  Do WDHB perform any auditing of outside systems that may be used to
handle patient information?
c)  Regardless of b, does the WDHB perform any "OS fingerprinting" to
detect potentially insecure or "EOL" devices wanting to access patient
records.

3) With regards to WDHB controlled managed devices:
a)  What policies are in place for the connection of "EOL'ed" devices to
the hospital networks (even if they can't, for instance, access the
internet).
b)  For devices that run End of Life software or Operating systems:
  i) For what proportion does WDHB have special contracts for
extraordinary support from vendors.
  ii) What plans, if any does WDHB have for migration to supported
platforms for these devices.

I'm vaguely aware that some or all of question 2, may be related to Test
Connect and associated services run by Health Alliance (which itself
appears to be subject to the OIA due to the collective ownership of the
4 Northern DHBs).  I request if this is the case that the relevant parts
be transferred under the OIA to Health Alliance as soon as possible.

Yours faithfully,

Nigel Jones

-------------------------------------------------------------------

This is an Official Information request made via the FYI website.

Please use this email address for all replies to this request:
[4][FOI #5638 email]

Is [5][Waitemata District Health Board request email] the wrong address for Official
Information requests to Waitemata District Health Board? If so, please
contact us using this form:
[6]http://scanmail.trustwave.com/?c=7264&am...

Disclaimer: This message and any reply that you make will be published
on the internet. Our privacy and copyright policies:
[7]http://scanmail.trustwave.com/?c=7264&am...

If you find this service useful as an Official Information officer,
please ask your web manager to link to us from your organisation's OIA
or LGOIMA page.

-------------------------------------------------------------------

[8]Legal Disclaimer

References

Visible links
1. http://www.waitematadhb.govt.nz/
http://www.waitematadhb.govt.nz/
2. mailto:[FOI #5638 email]
3. mailto:[Waitemata District Health Board request email]
4. mailto:[FOI #5638 email]
5. mailto:[Waitemata District Health Board request email]
6. http://scanmail.trustwave.com/?c=7264&am...
7. http://scanmail.trustwave.com/?c=7264&am...
8. http://www.waitematadhb.govt.nz/Disclaim...

Dear Nigel

Waitemata DHB has considered your request and believes that collating the information you have sought would take approximately 30 hours of staff time.

Our Board has a policy of providing the first five hours of collation time required for each Official Information Act response free-of-charge.

Thereafter, we charge at the rate recommended by the Ministry of Justice:

https://www.justice.govt.nz/about/offici...

Our service believes that we could respond to the following points within the free five-hour period:

1.How many devices do Waitemata DHB own that run Windows XP
2) With regard to companies that provide services on behalf of WDHB that handle patient information, or have access to patient information:
a) What requirements are set out with regards to information security?
b) Do WDHB perform any auditing of outside systems that may be used to handle patient information?

3) With regards to WDHB controlled managed devices:
a) What policies are in place for the connection of "EOL'ed" devices to the hospital networks (even if they can't, for instance, access the internet).

Can you please advise whether you are willing to restrict the scope of your request within the free five-hour period or whether you are willing to meet the costs of your original request.

Your request is on-hold until I receive your response.

Kind regards
Matt

Matt Rogers I Director - Communications I Waitemata DHB
Level 2, 15 Shea Terrace, Private Bag 93-503, North Shore 0740
p: 09 486 8920 ext 8912 I ddi: 09 440 6912 I m: 021 228 9432
www.waitematadhb.govt.nz

show quoted sections

Hi Nigel

Please see the attached Waitemata DHB response to your recent Official
Information Act request regarding use of Windows XP.

 

Regards

Anna

 

Anna Monastra I Senior Administration Assistant

Communications I Waitemata DHB

Level 2, 15 Shea Terrace, Private Bag 93-503, North Shore 0740
p: 09 486 8920  I [1]www.waitematadhb.govt.nz

Hours: Mon, Tues, Thurs 9am – 2.15pm Wed 9am – 1.15pm

 

 

[2]Legal Disclaimer

References

Visible links
1. http://www.waitematadhb.govt.nz/
http://www.waitematadhb.govt.nz/
2. http://www.waitematadhb.govt.nz/Disclaim...