The healthcare sector is a lucrative target for cyber-attacks, which means cyber security should be a top priority for hearing practice owners, writes Australian digital health expert DANIELLE PENTONY.
Digital transformation is central to ushering in a new era of patient care and improved operations, but implementing this is a complex process.
Healthcare providers, health technology partners and consumers have all come to trust in and rely on digital platforms to store and access health information.
As we pioneer the future of healthcare at an increasingly rapid pace, it is important to remember any digital tool, system or process is scalable, interoperable and user-friendly with a strong emphasis on data security and privacy.
Therefore, it’s critical that digital health infrastructure remains fit for purpose and cyber resilient, even as changes occur in the cyber threat environment, where both the pace of change and the levels of risk are elevated.
Human factors and technologies can inadvertently create vulnerabilities or introduce security risks. These factors can include staff mistakes that may put their organisation’s data or systems at risk. Mistakes may be accidental, or come from a lack of required training, and at times it could be with malicious intent.
Cyber criminals can exploit weaknesses within hearing practitioner and audiology organisations by targeting their system vulnerabilities. Attackers are often driven by the potential for financial gain, with the healthcare sector particularly lucrative due to the potentially sensitive nature of patient data.
The consequence of these cyber-attacks can lead to:
- Data breaches through the loss or theft of sensitive information
- Significant interruptions to healthcare service delivery
- Reputational damage
- Decreased consumer confidence in the organisation’s ability to protect data.
It requires bold new ways of working
The path forward for hearing practitioners and audiologists demands strategic thinking, concerted action, and a steadfast commitment to cyber resilience.
Collective effort and innovation from leaders are important as we work collaboratively towards a more secure, resilient and trustworthy digital future.
At the Australian Digital Health Agency, we have embarked on a collaborative journey with the digital healthcare sector to build a unified vision for the future security of digital health. We have collaborated with states and territories, and peak bodies, to deliver the requirements of the Cyber Security Strategy 2022-2025.
In addition, there are three key strategies and initiatives specific to digital transformation and cyber security in the health sector: the Digital Health Blueprint, the National Digital Health Strategy, and the Agency Cyber Security Strategy.
All three recognise the importance of cyber security and security by design in the healthcare sector.
A core part of this strategy is uplifting cyber security awareness across the entire healthcare ecosystem, including with allied health practitioners, to ensure we proactively adapt to changes in the threat environment and support the secure evolution of digital health. Security underpins the agency’s strategic priorities and achievements in digital healthcare to date. It will remain a critical enabler into the future.
How can hearing practitioners get involved?
Digital Health Security Awareness – the agency has developed free cyber security e-learning courses from a range of healthcare settings and disciplines, including allied health. The Digital Health Security Awareness e-learning course includes five modules and examples that relate cyber security concepts to scenarios in healthcare organisations.
Cyber Security Alerts – audiologists and hearing practitioners can register to receive Cyber Security Alerts and understand the cyber security risks that can impact their operation. The agency actively monitors potential cyber security risks through our dedicated Cyber Security Team. Should the team identify any potential threats, the agency sends out alerts regarding digital health software vulnerabilities and cyber-attack campaigns.
Cyber Champions Network – join the agency’s new Cyber Champions Network. This program is fostering a proactive, engaged, and security-conscious healthcare ecosystem to significantly strengthen Australia’s defence and response against cyber threats.
Cyber skills can protect organisations through:
- Enhanced security awareness and intelligence sharing
- Threat identification abilities
- Leading and driving cultural and behavioural change
- Reducing the likelihood of cyber incidents and data breaches
- Improved workplace cyber resilience
- Improved and more up-to-date compliance and risk management.
It is only by working together that the agency and the Australian healthcare community will be able to continue strengthening our individual and collective cyber posture for a truly resilient healthcare ecosystem.
Visit the Australian Digital Health Agency’s website at www.digitalhealth.gov.au to learn more about how to manage cyber security effectively.
ABOUT THE AUTHOR: Danielle Pentony is the Australian Digital Health Agency’s chief information security officer. She is a champion of digital healthcare, and responsible for the development, deployment, and secure operation of critical national healthcare assets, including the sensitive healthcare information of Australians.
