Many people will be afraid of deeply private information being shared after a health agency's systems have been hacked, a patient advocate says.
Wellington Primary Health Organization Tū Ora Compass Health yesterday reported its systems have been breached by cyber attacks multiple times since 2016.
It holds data on medical tests and treatments for about one million people from the Wellington, Wairarapa and Manawatū region.
Mark Fisher, head of HIV and AIDS support group Positive Body, said there are good reasons people might keep their health status secret.
In the past Body Positive members have lost their jobs, housing, friendships and family relationships when people have learned they have the virus.
He said patients with many different health conditions could fall apart if their private information was shared.
"There can be significant harm to their health and wellbeing, and mental health. It's very upsetting."
The PHO said it is not known if any patient information was accessed and that may never be known. Patient notes held by GPs are not at risk.
But information the PHO holds includes details about addresses, vaccinations, medical tests, treatments, diabetes checks and cervical screening.
The Ministry of Health has asked all DHBs and primary health organizations to confirm their systems are safe ahead of further independent reviews.
The Medical Association also said health providers would be rigorously checking their security systems after news of the cyber hack.
Kate Braddock, chair of the association, said health organizations take patient privacy and security extremely seriously.
"I'm sure all PHOs are doing their best to ensure that any unauthorized access potential is dealt with."