Reminder to members to ensure their patient data management practices are safe
AMA members are reminded to be up to date with patient data management.
The Office of the Australian Information Commissioner (OAIC) has published the latest information about notifications received under the Notifiable Data Breaches (NDB) scheme capturing notifications received from 1 January to 30 June 2023. OAIC publishes this information to help entities and the public understand privacy risks identified through the NDB scheme.
With health service providers continuously being the top sector for NDBs, the AMA would like to remind members of the importance of handling patient data in a secure way. Key sources of breaches are human error and malicious or criminal attack. The OAIC encourages entities to embed good privacy practices into all aspects of their functions and activities. This includes designing systems and processes that anticipate and minimise the risk of human error. The AMA Position Statement on Data Governance and Patient Privacy outlines the AMA position on the best practice when handling patient data.
The NDB scheme was established in February 2018 to drive better security standards and accountability for protecting personal information and to improve consumer protection. Under the scheme, any organisation or government agency covered by the Privacy Act 1988 that experiences an eligible data breach must notify affected individuals and the OAIC.