We're aware of a cyber security incident affecting the electronic prescriptions provider MediSecure. The eRX Script Exchange (eRX) and the National Prescription Delivery Service (NPDS) continue to operate as usual and have not been impacted. Find out more and read our statement here.

Information security in general practice

Prevention and risk assessment

Social media

        1. Social media

Last revised: 21 Apr 2023

Social media

The past few years have seen a rapid increase in the number of GPs and general practices embracing social media for business purposes.  

While there are clear benefits to using social media for business purposes, there are also potential risks associated with GPs and general practice staff participating in social media.

The RACGP has developed a series of webinars and guides which provide guidance around safe and professional use of social media in general practice settings.

Transmission of images of documents by Facsimile (‘fax’)

Individuals and organisations need to exchange sensitive patient information in a way that is safe, secure and efficient. The RACGP advocates for the use of secure messaging systems because they are the safest, most secure and most efficient communication method.
However, despite the considerable efforts of professional bodies, government agencies and industry, the lack of interoperability between secure messaging systems remains a significant barrier to widescale adoption. As such, the use of email in a way that aligns with advice provided in the RACGP’s Using email in general practice guide is preferable to the other less secure methods for exchanging patient information, such as fax.
With nearly all general practices neither making nor keeping paper records, fax is now a less useful method of sharing information between health professionals and others who make and keep their records electronically.
Where paper documents are being faxed (by being passed through a scanner), it is critical to:

  • include a cover sheet indicating that the fax is confidential, addressing it to the intended reader without any patient-sensitive information
  • ensure fax machines are kept in a secure area to protect information from unauthorised visitors
  • verify the recipient’s fax number and confirm that the fax was received by the correct recipient/s
  • not leave sensitive documents unattended.

To maintain privacy of documents that are received and printed on to paper, the fax device needs to be kept somewhere inaccessible to unauthorised people.
Paper documents that have been faxed or received by fax or post need to be disposed of securely once scanned/imported into the clinical record. 

Paperless sending and receiving of faxes

The efficiency and security of using fax can be improved, and costs reduced, by eliminating paper. This can be done through virtual fax printing and virtual fax receiving.
In virtual fax printing, the document is ‘printed’ to the fax modem instead of on to paper. The networked fax modem is listed as one of the printers on the system. This results in a clearer image at the receiving end.
In virtual fax receiving, incoming fax messages are received as images, which are moved to the GP’s electronic clinic inbox or other location as needed.