Audit of GP clinics flags patient privacy risks | Australian Doctor
Page 1 of 2
Read Later
Home
News
Rural Doctor
Opinion
Clinical
The Fallout: Hiroshima
Education
Magazine
Smart Practice
HTT Year Book
Seminars
Patient Handouts
Jobs
ebooks
0
Pain
Your profile
Logout
Video
Sponsor a Seminar
Search Australian Doctor Home / News / Latest News /
Subscribe to the Newsletter Breaking news A daily must-read for GPs Delivered to your inbox
pa@healthandlife.com.au By clicking subscribe now you agree to our privacy policy here.
SUBSCRIBE NOW
⋆ Today's Top Picks Quiz: Diagnosing a blurred and watery eye Can talcum powder really cause ovarian cancer? Tweet
0
Like
0
Audit of GP clinics flags patient privacy risks Tessa Hoffman
| 19 November, 2015 |
0 comments Read Later
Lax security measures in GP clinics are putting patients’ electronic records at risk of privacy breaches, a government audit has found. The Office of the Australian Information Commissioner assessed privacy risks to patient information held by seven practices in Victoria and NSW. It found the clinics – which had between four and 20 GPs — were at medium to high risk of breaching privacy laws when using IT and the MyHeath Record (formerly PCEHR) system, details
Advertisement
Latest Poll Are patient records safe from snooping? Click to vote
Comments
Most read
Bryan Connor One that is growing, black and bleeding? I should hope so! Coroner criticises GP for not ordering biopsy · 2 hours ago
of which were released in a reported last month. Last month, Australian Doctor reported that GPs and practice staff face jail and fines of up to $108,000 for misuse of the e-health system under controversial laws being pushed through the Federal Parliament. Related News:
Bryan Connor To not send a bleeding black " mole" for histology is indefensible. Why not just do an excision biopsy in the first place? Coroner criticises GP for not ordering biopsy · 2 hours ago
• 'No bungle' over PCEHR rebrand, declares government • GPs face huge fines over PCEHR privacy breaches Some of the risks identified included:
Anonymous Now its time for AHPRA to address placebo knee surgery. Chiro board finally takes aim at rougue practitioners · 3 hours ago
• Passwords were too weak or not changed often enough and, in some cases, a record of the master copy was kept at the clinic, which was not best practice • Computers did not have self-locking screensavers turned on • Passwords to open patients' e-health files were at risk of not being handled or disposed of properly • Some staff were not aware of their privacy obligations around e-health • Many policy documents developed by clinics contained incorrect or out-of-date information • Some staff had access to e-health systems even though they didn’t need to "Best practice is that a master copy of passwords should not be retained. If a master copy of passwords is being retained, this file also should be protected with a strong password or passphrase or by strong physical security," the report said.
Advertisement
The report said there was a low risk that a patient’s documents or codes could be used inappropriately, however, this could increase as the uptake of the e-health system increased.
http://www.australiandoctor.com.au/news/latest-news/audit-of-gp-clinics-flags-patient-... 9/03/2016