3.3.7 Strengthen privacy and cybersecurity capabilities
Investing in our cyber security capability to improve our security posture and build a cyber aware culture for the protection of our patients, staff and organisations. Strengthening our data security capabilities to ensure the privacy of our patients records.
Initiative
High Level Description
Expected Benefits
Implementation considerations
Leading Entity
Ensure information continues to be protected from external and internal threats by enhancing data privacy management. Example actions to help achieve this outcome include: ► Aligning to national patient privacy principles and policies (e.g.: Australian Privacy Principles (APPs)) ► Ensuring the secure access protocols are in place for all district controlled data sets in accordance with statewide guidelines
Clinical, patient and consumer trust and visibility of the use of their data in a healthcare setting Reduction in data breaches involving personal identifiable information
Assess current gaps in compliance and privacy management against statewide policies to understand the gaps and the needs for change, for example through undertaking privacy impact assessments PIAs As the LHD continues to enhance the eMR and move towards more connected systems, including the SDPR, considerations to privacy implications need to be common ground Balance the end user needs for innovation with the requirement for security and data privacy.
Northern Sydney LHD
►
►
7.3 Enhance data privacy management
►
►
Ensuring required information, legal or policy mandated, is obtained and validated before access permissions are authorised. This covers all relevant scenarios including access to, management of, and sharing of sensitive information
►
►
► Considering utilising the possible log aggregator function referred in 7.1 to identify unwarranted access to records.
Page 56
Made with FlippingBook - professional solution for displaying marketing and sales documents online