Security & Privacy Tips For Australian Digital Healthcare Practices

The healthcare industry in Australia accounted for 123 of 539 of notifiable data breaches between July to December 2020, which was more than any other industry, according to data published by the Office of the Australian Information Commissioner.

For the full July- December 2020 Data Breach report click here.

Everyone involved in providing and supporting Australian healthcare plays a role that is crucial in maintaining the privacy of people’s information that healthcare provider organisations hold. This means making sure everyone is secure in their online behaviors, both at work and at home.

Here are seven helpful and effective tips to help digital healthcare providers create good privacy and security practices, at both home and at work:

1. Take a “Privacy by Design” approach only collecting, using or disclosing the minimum amount of personal information

• Initiating and sustaining a ‘privacy by design’ approach means designing your products and services to minimise, manage or eliminate privacy risks from the start, embedding good privacy practices into internal operational processes.

2. Revisit your Privacy Policy

• Develop & provide an easy to read privacy policy setting out what data you’re collecting, what systems you use to collect the data, why you need to collect the data, where the data is processed, how & who will use the data, what you do with the data when it’s no longer required.

3. Use digital tools built on Australian Compliant Frameworks

• Use Australian compliant digital health ready tools, technology and software that support privacy, security and healthcare industry standards.  e.g. HL7, FHiR, CDA, Privacy Act/ APP’s, ISO, SOC.

4. Make training for your Team a Priority

• Incorporate regular privacy, security & confidentiality related continuous professional development & training for yourself and your teams.

5. Secure the access points to your information

• Use Multifactor Authentication (MFA), strong passphrases and password management softwares.

6. If you experience a data breach, act quickly to reduce the risk of harm.

• Make sure your organisation is prepared for a data breach with a clear and practical response plan that follows four key steps: contain, assess, notify and review.

Learn how to prepare a Data Breach Response. Click here.

7. Incorporate “Covid Normal” additional measures including team members & clients.

• Trigger guidelines and reminders on how to be secure during TeleHealth consultations for both practitioners and clients, via email, social media channels or the digital health tools in use.

As we all continue to have greater participation in the digital economy, privacy and security practices will pave the way for better customer experiences, better workplaces and quality brands to stand out, working toward a clinically safe, secure, private and seamless digital health world.