Protecting practices against the potential threat of cybercrime

18/05/2018 3:05:32 PM

Following Privacy Awareness Week (13–19 May), the RACGP has a number of resources to guide health organisations in the right direction to protecting patients’ private data.

The RACGP has a number of resources that relate to data privacy and protection.

A recent cyber attack on a NSW family planning clinic’s website, which breached the privacy of around 8000 patients, has prompted the chief executive of the organisation to issue an apology and the state’s Health Minister to request confirmation that all health-funded government organisations comply with relevant privacy and data standards.

So what can health organisations do to avoid these types of cyber attacks, where patients’ private information is compromised – presenting risk to both the organisation and its clients?

‘It has to be a general consideration of the culture of the practice to be aware of patient privacy,’ Dr Rob Hosking, GP and Deputy Chair of the RACGP Expert Committee – eHealth and Practice Systems, told newsGP earlier this week.

Dr Hosking believes following basic ‘physical’ measures can help, such as locking computer screens if leaving the room so people cannot see the previous patients’ records, and having screens not visible at the front desk when patients check in and out.

The RACGP’s Information security in general practice covers the increasing threat of cybercrime and the effect this is having on general practices.

The guide states that general practices and other small businesses are at particular risk of cybercrime, as ‘their information security defences are more easily breached in contrast to larger businesses that often dedicate more resources to digital information security’.

Information security in general practice provides guidance for clinics to securely protect their patients’ data, including legal obligations, management processes, risk analysis and security governance. It also promotes the prevention of inappropriate access, protection of personal information, and preservation of data.

RACGP resources

Information security in general practice – educational and training resource for GPs and practice teams, detailing essential business practices, policies and procedures to help protect information systems.
Guide to information backup in general practice – recommendations, practical advice and checklists to support general practices to achieve secure and reliable information backup and data recovery processes.
Using email in general practice – guidelines for secure communications in general practice, including a privacy and security matrix.
Effective solutions for e-waste in your practice – information and advice for GPs, practice owners and practice managers on how to safely, thoughtfully and correctly recycle and dispose of e-waste from their practice.
Privacy resources – includes the Privacy policy template for general practices and Patient privacy pamphlet template.

cybercrime data eHealth information-security privacy

newsGP weekly poll Is it becoming more difficult to access specialist psychiatric support for patients with complex mental presentations?

Yes
	97%
No
	1%
Unsure
	0%

Digital and beyond: Protecting patient privacy in general practice

GPs among leaders in adopting healthcare technology

‘I was hacked’: GP’s stark warning for colleagues

Health sector remains biggest reporter of data breaches

Help parents search Dr Google about their child’s health, researcher urges doctors