Cyber Risk – Are You Protected?

While you can't avoid cyber risk, it's important to ensure your practice is prepared for and protected against cyber-attacks.

Case study

The following is a loss scenario provided by Chubb Cyber Enterprise Risk Management, using information based on an actual claim.

Discussion

Although the above case study involves data theft in a law firm, it’s easy to see how such an incident could potentially happen in a medical practice, with serious consequences.

Loss of security of patients’ medical records could breach privacy law, cause harm to patients, damage your practice’s reputation, and significantly disrupt the practice’s ability to function. Under Australian privacy law, a practice must take reasonable steps to protect personal information it holds from misuse, interference or loss; and from unauthorised access, modification or disclosure.²

For more information on cyber security, see MDA National’s Cyber Resources page.

References

1. Office of the Australian Information Commissioner. Notifiable Data Breaches Scheme. Available at: oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme
2. Office of the Australian Information Commissioner. Chapter 11: APP 11 – Security of Personal Information. Available at: oaic.gov.au/agencies-and-organisations/app-guidelines/chapter-11-app-11-security-of-personal-information