TENDERS1 NEWS NEWSLETTERS

How can we help you today?

How can we help you today?

Know Your Data Responsibilities: a brief guide on security governance and managing data breaches

Published 01 November 2021

This year, the Office of the Australian Information Commissioner (OAIC) reported that the highest number of data breaches occurred in healthcare.

news

A data breach occurs when there is unauthorised access to personal information (including where information has been lost), risk of serious harm to individuals to whom the information relates, or an organisation has been unable to prevent the risk of serious harm. There has been a “significant shift” in the source of data breaches. In the past human error was most frequently listed as the main cause, yet in 2021 criminal or malicious attacks were the main source. One of the most significant cyber incidents in the Australian healthcare landscape was the attack of Queensland’s Uniting Care, which forced them to turn to paper operations for over a month.

“We expect entities to have appropriate internal practices, procedures and systems in place to assess and respond to data breached involving ransomware, including a clear understanding of how and where personal information is stored across their network.” – Angelene Falk, Australian Information Commissioner and Privacy Commissioner.

If you are new to the world of data governance, or would benefit from a refresher, there are great resources available to assist you.

  • Privacy in Practice is a one-hour eLearning course containing three 20-minute modules including an introduction to the Privacy Act 1988 and key concepts, the safe handling personal information, and managing privacy issues. A certificate of completion is provided upon finishing the course.
  • The OAIC provide this sample Notifiable Data Breach form to assist with training staff. In its live form, it is used to inform the Australian Information Commissioner of an eligible data breach where required by the Privacy Act 1988.
  • RACGP’s Standards for general practices (5th edition) (Criterion C6.4 [information security]) contains indicators relating to practice’s legal obligation to manage health information. The RACGP’s information security in general practice guide can help you to set up your information security governance, assess the risks and keep your practice running, secure your network and equipment, and be safer online.

Managing and mitigating risk with good security governance allows your practice to operate successfully and sustainably, allowing you to focus on providing quality patient care.

Last updated: 23 February 2022

Related articles

Tagged in

Digital Health Security
Previous

Abortion and Contraception Services Map
Next

Grief and trauma support and advice for the aged care sector

Sign up to the fortnightly NQ Primary Health update.

Looking for something else?

back to top

Site links

Contact us

Northern Queensland Primary Health Network
Level 5, 111 Grafton St
Cairns Qld 4870
(07) 4034 0300

Northern Queensland Primary Health Network (NQPHN) is one of 31 regionalised and independent PHNs established nationally to provide local communities with better access to improved primary healthcare services, helping North Queenslanders live healthier, happier, longer lives.

NQPHN acknowledges the Aboriginal and Torres Strait Islander peoples as Australia's First Nation Peoples and the Traditional Custodians of this land. We respect their continued connection to land and sea, country, kin, and community. We also pay our respect to their Elders past, present, and emerging as the custodians of knowledge and lore.

© 2024 Northern Queensland Primary Health Network (NQPHN). All rights reserved.

Have your say Privacy Disclaimer Sitemap
Feedback