The office of the Australian Information Commissioner was informed of the issue and the privacy commissioner said he had launched an inquiry into the same.
The data in question was extracted from the Pharmaceutical Benefits and Medicare Benefits schemes.
Dr Vanessa Teague, Dr Christopher Culnane and Dr Benjamin Rubinstein of Melbourne University's Department of Computing and Information Systems identified the issues with the dataset and notified the Department of Health on 12 September.
The department claimed the dataset did not include names or addresses of service providers, adding that no patient information was identified.
An announcement by the Attorney-General George Brandis on Wednesday that the Privacy Act would be amended to make it a criminal offence to re-identify government data that has been de-identified may be a reaction to this incident.