Articles and Case Studies

Cyber Risk – Are You Protected?

29 May 2018

cyber risk

Cyber risk is a growing threat to Australian medical practices. The risk is further increased by the adoption of electronic health records and billing systems, cloud storage of medical records and the Federal Government’s mandatory data breach1 obligations.

While you can't avoid cyber risk, it's important to ensure your practice is prepared for and protected against cyber-attacks.

Case study

The following is a loss scenario provided by Chubb Cyber Enterprise Risk Management, using information based on an actual claim.

cyber case study chubb

Discussion

Although the above case study involves data theft in a law firm, it’s easy to see how such an incident could potentially happen in a medical practice, with serious consequences.

Loss of security of patients’ medical records could breach privacy law, cause harm to patients, damage your practice’s reputation, and significantly disrupt the practice’s ability to function. Under Australian privacy law, a practice must take reasonable steps to protect personal information it holds from misuse, interference or loss; and from unauthorised access, modification or disclosure.2


MDA National’s Cyber Risk Program

Ransomware in health care is on the rise, and an increasing number of doctors and practices have been contacting us to discuss data intrusions into their practice computer systems. To provide peace of mind, MDA National has recently launched its Cyber Risk Program – a collection of cyber risk initiatives:

  • Cyber Risk Education for MDA National Members and Practice Indemnity Policyholders which includes:
    • online access to case studies, articles and blogs by global cyber experts
    • quarterly cyber risk email updates to support you in mitigating cyber risk
    • cybersecurity education sessions.

References

  1. Office of the Australian Information Commissioner. Notifiable Data Breaches Scheme. Available at: oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme
  2. Office of the Australian Information Commissioner. Chapter 11: APP 11 – Security of Personal Information. Available at: oaic.gov.au/agencies-and-organisations/app-guidelines/chapter-11-app-11-security-of-personal-information

Practice Management, Technology, Anaesthesia, Dermatology, Emergency Medicine, General Practice, Intensive Care Medicine, Obstetrics and Gynaecology, Ophthalmology, Pathology, Practice Manager Or Owner, Psychiatry, Radiology, Sports Medicine, Surgery, Physician, Geriatric Medicine, Cardiology, Plastic And Reconstructive Surgery, Radiation Oncology, Paediatrics, Independent Medical Assessor - IME
 

Library

Career complications and contending with uncertainty

Among the many challenges of the COVID-19 pandemic for junior doctors is how to respond to medical training impacts and career uncertainty. In this podcast, Dr Caroline Elton (a psychologist who specialises in helping doctors)and Dr Benjamin Veness (a Psychiatry registrar) share advice for coping with medical training and career delays, disruptions and unknowns.

Podcasts

10 Aug 2020