Become a student member today for free and be part of the RACGP community
Live and practise medicine in Australia
RACGP offer courses and events to further develop the knowledge you need to develop your GP career
Discover a world of educational opportunities to support your lifelong learning
The RACGP is working hard on transitioning to college-led general practice training
Become a provider with the CPD Program and be recognised for the quality education and training you offer GPs
The Abuse and violence: working with our patients in general practice provides the best-available current evidence for GPs
Stay up-to-date with the latest information and resources on the COVID-19 vaccine rollout.
Download the Standards for general practice (5th edition) - a benchmark for quality care and risk management in Australian general practices
Coronavirus (COVID-19) resources for general practitioners
Advice and guidelines for GPs and practice teams to help protect general practice information systems
Video consultations can provide convenient and accessible healthcare delivery
Read all of the RACGP reports and submissions on various healthcare topics
Read all of the RACGP position statements on various healthcare topics
Join our RACGP Facebook groups
Information security in general practice
Prevention and risk assessment
There are a rage of potential information security risk areas that your practice needs to ensure are not overlooked. These include:
‘Use of electronic communication in the general practice setting is essential, and yet it generates significant medicolegal risk’ .9
Your practice may electronically share information via your practice website or social media channels. Sharing information electronically requires a certain level of security to prevent it from being intercepted, changed during transmission or received by unintended recipients. Health information is sensitive by nature, so any communication of this information via electronic or other means must adequately protect your patients’ privacy.
Communication of clinical information to and from healthcare providers should be from within your practice’s clinical software using secure electronic messaging.
Secure electronic messaging involves two processes: encryption and authentication. Encryption means data is electronically ‘scrambled’ so it cannot be read unless the information is decrypted using a digital key. Authentication means the sender can be verified using electronic signatures.
eHealth information exchange in the Australian health system relies on and incorporates encrypted, secure messaging techniques. The software programs used will handle this function and are required to meet Australian standards.
There are two key types of information that your practice may electronically share:
Systems for electronic communication of clinical information are changing with the development of newer technologies, including those that use Fast Health Interoperability Resources (FHIR). Some of the first common uses of FHIR have been to provide two-way communication between GPs’ clinical software and the Australian Immunisation Register and the National Cancer Screening Register.
Currently, the most widely used method of communicating clinical information securely between healthcare providers is secure message delivery, commonly known as SMD.
Providers of SMD are required to meet Australian standards. These SMD packages enable letters and other messages to be sent from within clinical software, and incoming messages to be received into the GP’s electronic clinical inbox, where reports of pathology and medical imaging are received.
In the past, standard email lacked security features, making it susceptible to interception. The security of email has increased as a result of the use of encrypted connections between mail servers.
Some clinical software packages now enable documents to be emailed from within the clinical package to other health professionals and organisations, and to patients. These offer protection via the use of a password to access the email.
Your practice should take reasonable steps to make any electronic communication of health information safe and secure.
Your policy should cover:
Use the RACGP practice policy template sample to create your practice policies.
Donate to the RACGP Foundation today and influence the future of general practice