Managing Data Breaches and New Mandatory Disclosure Requirements in Medical Practice

Australasian Medical Publishing Company Ltd
Publication Type:
Journal Article
Medical Journal of Australia, 2018, 17 September 2017
Issue Date:
Filename Description Size
10.5694mja17.00577.pdfPublished Version212.25 kB
Adobe PDF
Full metadata record
The Australian Government has introduced new mandatory disclosure rules, which came into force in February 2018, requiring most health and medical providers to notify patients or others affected when there is a serious data breach that results in unauthorised access to personal information.1 With fines of up to $420 000 for individuals and far higher fines for businesses that fail to report serious data breaches,1 the mismanagement of a breach by a medical practice will potentially be very serious. With the current scheme, early data show that health care organisations are responsible for almost one-quarter of data breach reports, while just over 50% of all reported breaches are due to human error.2 These results underscore the importance of the scheme for health care practitioners and practices, as well as the central role internal systems and staff play in combatting the risk of a data breach.
Please use this identifier to cite or link to this item: