Health professionals top cyber targets
PHARMACY owners are being urged by the Office of the Australian Information Commissioner (OAIC) to embrace guidelines introduced to minimise their risk of data breaches.
Launching the guide this week, OAIC Commissioner, Angelene Falk, noted that health professionals had been the leading source of notifiable breaches since Feb 2018, when reporting was mandated.
Falk warned that pharmacists could face penalties of up to $2.1 million per privacy breach.
Pharmacy Guild of Australia Victoria Branch President, Anthony Tassone, told Pharmacy Daily the guide highlighted the need for pharmacy owners to ensure they adopt security measures to minimise cyber attacks and human errors, noting insurance products can assist risk management.
“Like other health care practices, pharmacies have a particular responsibility to protect data due to the sensitive nature of much of the information stored including information concerning the use of scheduled medicines, delivery of health services and patient health records,” he said.
“This is further the case in the current environment of digital health/e-health initiatives encompassing electronic transfer of prescriptions, My Health Record and the Australian Immunisation Register to name a few.
“Pharmacies are a custodian of their patients’ personal information and this responsibility underpins community pharmacy’s highly trusted role in the community.
“It’s important to be reminded that data breaches are not limited to malicious actions, but may also arise from internal errors or failure to follow information handling policies that cause accidental loss or disclosure of information.
“Sadly, none of us are immune to the risks of cyber attacks and in the modern digital age we all must be absolutely vigilant both at work and at home to protect sensitive information of ourselves and those of patients in the pharmacy.”
Tassone encouraged pharmacy owners and managers to visit www.staysmartonline.gov.au for more resources and information about cyber security.
The OAIC also published a privacy action plan for health practitioners to limit their risk of data breaches, which is available at oaic.gov.au.