Information security in general practice


Last revised: 01 Sep 2019

Information security in general practice


Information security is critical to the provision of safe, high-quality healthcare and the efficient running of a general practice. It is a fixed cost of doing business, and requires adequate allocation of financial and human resources to ensure business continuity and the protection of information assets.

Information security involves prevention of inappropriate access, protection of personal information and preservation of practice data.

The threat of cybercrime – inappropriate or unauthorised criminal access to practices’ electronic data – is growing significantly. General practices frequently face new forms of malicious software and cleverly designed social engineering scams that can place your clinical and business data at risk. The single leading potential risk in a general practice’s information security is an internal breach through human error or malicious intent. Cyber-criminals are known to target smaller businesses, like general practices, as their information security defences are more easily breached in contrast to larger businesses that often dedicate more resources to digital information security.

Your entire practice team has a responsibility to ensure cybersecurity measures are in place to protect your practice information systems from cybercrime and online threats. Each person in the practice needs to actively contribute to protecting the practice’s information systems.

Patient or practice team data that is lost, stolen, inappropriately used or accessed can result in identity theft or privacy breaches that could ultimately place your practice at risk of incurring substantial fines or penalties.

This event attracts CPD points and can be self recorded

Did you know you can now log your CPD with a click of a button?

Create Quick log

Related documents

  RACGP-policy-template.DOCX (DOCX 0.02 MB)