Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Monday, November 30, 2020

Weekly Australian Health IT Links – 30 November, 2020.

Here are a few I have come across the last week or so. Note: Each link is followed by a title and a few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.

General Comment

-----

Clearly the big news of the week was that telehealth support from Medicare is to become an ongoing program. One can only hope the Government has now worked out all the kinks!

Otherwise the best item is one that points out that the Government did not like how the NBN was rated globally so they got PWC to invent new better for the NBN metrics. Jeez!

-----

https://www.news.com.au/lifestyle/health/health-problems/medicare-health-minister-greg-hunt-confirms-telehealth-here-to-stay/news-story/c6f4ff84b9563749b39e6a0a3227f225

Medicare: Health Minister Greg Hunt confirms telehealth here to stay

Telehealth will remain a permanent fixture of Medicare as a hiccup in a potential COVID-19 vaccine is downplayed as a bump in the road.

Finn McHugh

NCA NewsWire

November 27, 20204:03pm

The centrepiece of this federal government announcement is $669 million to make telehealth services available to all Australians.

Telehealth is here to stay after the Health Minister confirmed it would remain in place after the COVID-19 pandemic.

The service, which allows bulk-billed consultations online and over the phone, will become a permanent fixture of the Medicare system. It was expanded at the height of the pandemic to make social distancing possible during medical appointments.

Health Minister Greg Hunt said the scheme had already led to 40 million online consultations.

-----

https://www1.racgp.org.au/newsgp/professional/racgp-welcomes-news-telehealth-is-here-to-stay

RACGP welcomes news telehealth is here to stay

The college wants GPs to be ‘front and centre’ in working with the Federal Government on a long-term telehealth service plan.

Doug Hendrie

27 Nov 2020

‘Universal whole-of population telehealth … will now be permanent,’ Federal Health Minister Greg Hunt announced in a Friday 27 November press conference.
 
‘There’s not been much good that’s come from COVID. One thing that has come from COVID is the fact that we have skipped a decade and jumped from 2030 to 2020 for the delivery of telehealth for all Australians.’
 
At the time of publication, detail has not been released regarding how permanent telehealth will operate or what funding is attached.
 
During the first wave of the pandemic, the Federal Government
heeded RACGP calls to expand Medicare-subsidised telehealth to all Australians in a bid to keep GPs, staff and patients safe.
-----

https://medicalrepublic.com.au/telehealth-items-to-be-made-permanent/37763

27 November 2020

Telehealth items to be made permanent

COVID-19 Medicare RACGP Telehealth

Posted by Francine Crimmins

Federal Health Minister Greg Hunt says telehealth is set to become a permanent fixture on the Medicare Benefits Schedule, praising medical professionals for its success during COVID-19.

The announcement comes just two months after the temporary telehealth items numbers were thrown an additional lifeline that pushed their expiry back to 31 March 2021.

But doctors will now have to wait to see if the government follows through with making the items permanent before temporary bulk-billed telehealth expires early next year, and whether there will be any changes to the rebate structure.

Mr Hunt said that the fast delivery of telehealth for all Australians had been one of the few good things to come out of COVID.

-----

https://www.zdnet.com/article/my-health-record-document-views-up-as-records-near-23-million/

My Health Record document views up as records near 23 million

Record oversight agency says the modernisation of national health infrastructure will only further the uptake.

By Asha Barbaschow | November 24, 2020 -- 01:21 GMT (12:21 AEDT) | Topic: Innovation

The oversight body for Australia's My Health Record is expecting the modernisation of the country's health infrastructure will be a further "catalyst" for accelerating the use of the online medical file.

Speaking with media on Tuesday, Australian Digital Health Agency (ADHA) acting national health chief information officer Kerri Burden said the number of documents viewed within My Health Record has this year increased.

"In 2020, the number of documents viewed each week at public hospitals has increased to more than 100,000," she said. "This is showing that when information is being uploaded into the My Health Record system that the information is then being viewed.

"My Health Record use is growing, modernisation of our national infrastructure will be a further catalyst for accelerating this growth."

-----

https://www.itnews.com.au/news/covidsafe-data-incidentally-collected-by-intelligence-agencies-in-first-six-months-558129

COVIDSafe data 'incidentally' collected by intelligence agencies in first six months

By Justin Hendry on Nov 23, 2020 5:45PM

But not decrypted, access or used, IGIS says.

One or more of Australia’s key intelligence and security agencies “incidentally” collected data relating to the COVIDSafe contact tracing app in its first six months of operation.

But there is no evidence to suggest that any of the data was decrypted, accessed or used, the Inspector-General of Intelligence and Security (IGIS) has found.

The finding is contained in IGIS’s first report to the Office of the Australian Information Commissioner on Covid app data [pdf], released on Monday.

The report, which looks at agencies like ASIO and ASD, said the collection occurred “in the course of lawful collection of other data”, which is permissible under the Privacy Act.

-----

https://www.ausdoc.com.au/news/software-glitch-changing-doses-gp-scripts-rhd-drug

Software glitch changing doses on GP scripts for RHD drug

The issue could result in potential under-dosing in patients with acute rheumatic fever and rheumatic heart disease

25th November 2020

By Kemal Atlay

A glitch in Best Practice software means the wrong dosages have been printed when doctors issue repeat scripts for a rheumatic heart disease (RHD) treatment.

SA Health has urged all GPs who manage patients with acute rheumatic fever or RHD to be aware of the issue when prescribing Bicillin LA injections, warning it could result in significant under-dosing.

The issue emerged after Pfizer changed the unit measurements for the long-acting penicillin from 900mg/2.3mL to 1,200,000 units/2.3mL in early 2019.

At the beginning of this year, a GP in South Australia reprinted an old script for Bicillin from a patient’s past prescription list.

-----

https://www.news.com.au/technology/gadgets/wearables/new-smartwatch-to-help-keep-dv-victims-safe-record-evidence-of-abuse/news-story/f45f67fba112c15fb01e378fa81f17ff

New smartwatch to help keep DV victims safe, record evidence of abuse

New technology developed to help women experiencing domestic violence is giving victims an added layer of security, and their abusers more scrutiny.

Emily Cosenza

NCA NewsWire

November 15, 202012:01am

Secret and secure technology that can be programmed to a smartwatch could be the key to helping at risk women stay connected and get much needed help at the time of crisis.

The StandbyU Foundation have developed a world-first solution to put control back in the hands of the victim with technology that can record what is happening so it can be used as evidence against the predator.

Women who face high to low risk family and domestic violence can simply click a button on their watch to activate an alert, allowing chosen support networks to listen in, find the victim and organise help for them.

The alert loops through a caller list of selected contacts – which comes through as a regular phone call – and can allow a conference call for all members who answer and so they determine their next move in order to help.

-----

https://www.bandt.com.au/study-68-of-aussies-dont-want-their-health-data-used-for-marketing/

Study: 68% Of Aussies Don’t Want Their Health Data Used For Marketing

The vast majority of Australians show a strong level of discomfort (68 per cent) with health and wellbeing brands using their data to market and advertise more appropriate products and services to them, according to a study published today by global tech communications consultancy Hotwire, in partnership with data and insights leader The Leading Edge.

Approximately the same proportion of respondents (66 per cent) said they were worried that companies and brands would exploit their health data, and an outstanding 81 per cent think that only health professionals should have access to them.

Further analysed in a whitepaper What Australians want from healthcare and technology: seven key principles for health marketing, the results provide insights for health brands and organisations on the way to engage efficiently with Australians, while considering their concerns about the way their health and wellbeing data are handled.

The data lockdown

More than one in four Australians (27 per cent) use health and wellbeing related apps on a daily basis. Despite the uptake in the use of healthcare digital devices and services in recent years, it is clear that Australians want to track and limit sharing their health data as much as possible. More than half (53 per cent) say they would never share their health or wellbeing data with any company or brand, only one in six (15 per cent) would share data with health care companies, or health insurers, and one in ten (11 per cent) with medical device companies.

-----

https://www.safetyandquality.gov.au/

29 Nov 2020 8:00 AM AEST –

New standards open the door to safe and effective digital mental health care                      

The introduction of world-leading standards for digital mental health services in Australia is set to be a game-changer for the nation at a time when the delivery of high-quality mental health care has never been more important.

The announcement today of new National Safety and Quality Digital Mental Health (NSQDMH) Standards by the Australian Commission on Safety and Quality in Health Care (the Commission) has been embraced by the mental health sector and consumer and carer advocates.

The NSQDMH Standards will support the delivery of high quality and safe care including counselling, treatment and peer-to-peer support services via telephone, videoconferencing, websites, SMS, webchat and mobile apps. They encompass mental health, suicide prevention and alcohol and other drug services.

With one in five adults and one in seven adolescents experiencing a common mental health disorder each year in Australia – combined with unprecedented demand for digital delivery of mental health services this year – there are tangible benefits in being able to access safe and effective care on digital platforms.

-----

https://rpassistants.com.au/news/electronic-prescriptions-a-guide-for-pharmacy-assistants/

Electronic prescriptions: A guide for pharmacy assistants

Margaret Mielczarek

November 26, 2020

Providing customers with the convenience and flexibility to choose how they get their prescriptions – electronic prescriptions are a big change to community pharmacy, one that is sure to transform the way pharmacy staff interact with their customers.

Implementing this new operating system will require significant change to pharmacy workflows and it’s important that all pharmacy staff are educated on electronic prescriptions, so that they can meet the needs of their community.

To help ensure a smooth transition towards electronic prescriptions, Guild Learning and Development, in partnership with the Australian Digital Health Agency, have produced a new online module titled, Electronic prescriptions: A guide for pharmacy assistants.

-----

https://www.ausdoc.com.au/practice/app-review-iyarn-fresh-take-mental-health

App Review: iYarn - a fresh take on mental health

The app ask users to set priorities and focus on areas of their life they're neglecting

26th November 2020

By Antony Scholefield

The iYarn app puts a new spin on the mental health app formula.

The app asks users to nominate areas of importance to them — work, exercise, personal development, family, diet, mindfulness — and the amount of time they have devoted to each recently.

The results are shown in a colourful ‘wheel’ or pie chart, with the size of the slices representing each topic and how much time users feel they have devoted to it. 

The idea is to encourage users to refocus on areas of life they may be neglecting, checking and readjusting the wheel as they go. The app suggests daily, but clearly it is up to the user.

-----

https://www.itnews.com.au/news/nsw-govt-calls-on-ai-experts-to-join-new-committee-558322

NSW govt calls on AI experts to join new committee

By Justin Hendry on Nov 27, 2020 12:55PM

Wants advice on the development and use of the technology.

NSW government is calling on artificial intelligence (AI) experts to join a new committee that will advise on the appropriate use of the technology in the state.

The AI advisory committee, which is the first of its kind for any federal, state or territory government in Australia, was a key commitment in NSW’s inaugural AI strategy.

Chaired by the NSW government’s chief data scientist Dr Ian Opperman, the eight-person committee will play a central role in the development of the state’s AI assurance framework.

The framework will be used to determine the level of risk based on the data that the solution is using and the types of decisions it will generate.

-----

https://wildhealth.net.au/how-using-digital-medical-records-delivers-a-better-patient-experience/

How using digital medical records delivers a better patient experience

    

Close to 80 percent of all health care data is unstructured and remains an untapped resource for many organisations.

Under pressure to simultaneously reduce costs, provide high-quality care and comply with government regulations, hospitals and health care providers can no longer settle for labour-intensive, error-prone, manual paper handling. Physicians, nurses and other medical professionals need electronic access to all patient-related data at the point of care, wherever that may be.

Unfortunately, up to 80% of medical data is unstructured (such as patient discharge summaries, clinical notes, imaging and test results, etc.) and remains inaccessible and untapped after it is initially created.

Fast access to accurate data is not just important for compliance and audit reasons—it can often save lives by enabling clinicians to view digital medical records for rapid decision making, particularly if accessing remotely. These records must comply with Australian digitised paper record standards such as AS 2828.2, HL7, Secure Messaging, and ICD10.

Read this white paper to see how this can be accomplished so the care you provide in your hospital is superior and dependable.

-----

www.alcidion.com

Alcidion expands partnership with NextGate to UK market

 

Key Highlights:

  • Alcidion’s reseller agreement with NextGate now expanded to include United Kingdom and Ireland.
  • Expansion strengthens competitive position in UK market as NHS transitions to digitised healthcare solutions and integrated care records.

Melbourne, Australia – Alcidion Group Limited (ASX:ALC) is pleased to announce an expansion of its reseller agreement with NextGate to the United Kingdom and Ireland. 

In 2018, MKM Health (which was acquired by Alcidion in 2018) signed an agreement to resell NextGate’s market leading Enterprise Master Patient Index (EMPI) and Provider Registry solutions in Australia and New Zealand. Following a successful two-year relationship, this agreement has now been extended to also include the United Kingdom and Ireland.

NextGate is the global leader in healthcare enterprise identification, helping healthcare organisations overcome the clinical, operational and financial challenges that result from duplicate records and disparate data. 

Alcidion’s reseller agreement with NextGate has already realised success with two significant state-wide contracts in Australia. The Queensland Health Referral Service Directory based on the Provider Index was delivered by Alcidion working closely with NextGate. For the Victorian Department of Health and Human Services Unique Patient Identification program, Alcidion supported NextGate in delivery of their EMPI capability. 
-----

https://www.hospitalhealth.com.au/content/clinical-services/news/monash-superbug-project-to-mobilise-genomics-digital-health-and-ai-115086280

Monash superbug project to mobilise genomics, digital health and AI

Monday, 23 November, 2020

A Monash University research team will harness the power of technology to help diagnose, treat and prevent antimicrobial resistance — one of the globe’s most pressing health concerns.

The SuperbugAi Flagship project — awarded $3.4 million from the Medical Research Future Fund — involves researchers from the Faculty of Medicine, Nursing and Health Sciences (MNHS) Department of Infectious Diseases, the Faculty of Information Technology (IT) and The Alfred’s Department of Infectious Diseases.

The innovative project will integrate genomics, electronic healthcare data and artificial intelligence (AI) technologies to address antimicrobial resistance in the healthcare system. The research will also create a tracking and response system that will lead to earlier detection of superbugs, personalised treatment for patients and prevention of outbreaks.

Lead researcher Professor Anton Peleg is one of The Alfred’s leading physician-scientists and is internationally recognised for his work in antimicrobial resistance. Professor Peleg said the project will apply advanced technologies in healthcare settings.

-----

www.intersystems.com

InterSystems Releases HealthShare 2020.2

New enhancements expand FHIR API capabilities and data accessibility

SYDNEY, Australia, November 25, 2020 – InterSystems, a creative data technology provider dedicated to helping customers solve the most critical scalability, interoperability, and speed problems, today announced the availability of the latest version of the InterSystems HealthShare® suite of connected health solutions. Designed to improve overall value and accessibility of unified healthcare data, HealthShare 2020.2 is the formal release of product enhancements that have been made throughout 2020 in direct response to the changing healthcare landscape and the COVID-19 pandemic.

Patients, providers, and payers need unimpeded health data sharing capabilities now more than ever. Through the application of HealthShare 2020.2, users can take advantage of InterSystems expanded HL7® FHIR® API capabilities to deliver “data liquidity” with connection to services such as Apple Health.

Expanded data coverage and FHIR R4 APIs for clinical, payment, and provider directory data included in the release provide the underpinning for the recently announced HealthShare CMS Solution Pack, which gives customers full data and application support to address the CMS Interoperability and Patient Access Final Rule. The InterSystems healthcare data model maps to FHIR profiles from CARIN Alliance’s Blue Button 2.0 implementation guide, and supports the United States Core Data for Interoperability (USCDI) v1 standards and Da Vinci Patient Data Exchange (PDex) Plan-Net standard for search and retrieval.

-----

https://developer.digitalhealth.gov.au/resources/faqs/basic-fhir-terminology-services-recording

Basic FHIR terminology services - recording

This recording provides an introduction to the NCTS products and services.

Topics include:

  • A recap of the structure of CodeSystem, ValueSet and ConceptMap resources
  • A recap of the basic FHIR SCRUD actions (Search, Create, Read, Update and Delete)
  • Specific terminology operations; including $lookup, $subsumes, $expand, $validate-code, $translate and $closure
  • Various terminology use cases and which operations are applicable
  • Some tips and hints.

Products: 

FHIR Gateway (Mobile)

-----

https://www.healthcareit.com.au/article/ramsay-health-care-implement-modeus%E2%80%99-hs8-electronic-controlled-drug-platform-australia

Ramsay Health Care to implement Modeus’ HS8 electronic controlled drug platform in Australia

Dean Koh | 25 Nov 2020

Modeus’ HS8 electronic controlled drug register will be implemented across private healthcare provider Ramsay’s 36 hospital sites in Australia and completed by the end of 2020, the Australian healthcare software company announced.

WHAT’S IT ABOUT

HS8 is a comprehensive medication management software platform specifically designed for hospitals, enabling paperless controlled drug administration in all areas of a hospital including pharmacies, wards and theatres. It integrates with existing hospital software systems and improves medication governance and compliance via intelligent functions that help to reduce diversion and increase transparency with respect to controlled drugs.

THE LARGER PICTURE

Last May, Ramsay Health Care signed a multi-year digital network and telecommunications services deal with Optus Business. Optus will provide voice and data services for Ramsay’s facilities across Australia, giving healthcare professionals high-speed data services, streamlined network migration transitions and enhanced billing systems designed to improve accuracy.

-----

https://www.zdnet.com/article/australian-government-develops-its-own-metrics-and-ranks-nbn-highly/

Australian government develops its own metrics and ranks NBN highly

Department of Communications has chosen to deny reality and impose a view of its own.

By Chris Duckett | November 27, 2020 -- 03:33 GMT (14:33 AEDT) | Topic: Networking

A year after NBN decided it didn't like the idea of speed tests as a broadband measurement, the viewpoint has spilled over to the Bureau of Communications, Arts and Regional Research (BCARR).

In the case of the BCARR, it has paid PricewaterhouseCoopers to develop metrics that are more suitable to it. On the hit list was tossing out perennial chart-toppers like South Korea and Singapore.

"No country is easily comparable to another. For example, by global standards, Australia is wealthy and highly urbanised, but our population is also spread across a vast landmass," the BCARR said.

"Our income and geography mean that Australia is more readily comparable with Canada than with city states like Singapore, or densely-populated countries such as the United Kingdom."

With Singapore on the outer, the list of comparable countries included a country only 17 places higher in a ranking of places by geographic size, Qatar. The other nations deemed worthy of comparison included Switzerland, Norway, Ireland, the United States, Denmark, Sweden, Austria, Finland, Germany, Belgium, Canada, United Arab Emirates, United Kingdom, New Zealand, Israel, France, Japan, and Italy.

-----

https://www.itwire.com/telecoms-and-nbn/consumer-complaints-about-telcos-increase-over-quarter.html

Monday, 23 November 2020 09:38

Consumer complaints about telcos increase over quarter

By Peter Dinham

Consumer complaints to Australia’s telcos increased by 7.8 complaints per 10,000 Services- in Operation (SIOs) for three months of the July-September 2020 quarter, an increase over the previous quarter’s ratio of 7.4.

Australian telecommunications industry peak body Communications Alliance has just released its most recent Complaints in Context report for the July - September quarter, which allows comparison of the customer service and complaint handing performance of service providers, regardless of their size.

Communications Alliance CEO John Stanton said: “While the increase in complaints is disappointing, industry continues to work on improving customer experience and is looking at how we can learn from the results of this last quarter.”

The industry-driven report is published by Communications Alliance using complaints data provided by the Telecommunications Industry Ombudsman (TIO) and SIO data supplied by participating providers.

-----

Enjoy!

David.

 

Sunday, November 29, 2020

It Seems We Are Going To Need To Ramp Up Our Cyber Efforts Given The Increasingly Hostile World.

The level of priority, at a national level, could not now be plainer seeing this report.

Cyber security promoted to cabinet in rejig

Simon Benson

Geoff Chambers

6:32AM November 27, 2020

Scott Morrison will create a cyber security role in cabinet as part of a ministerial reshuffle next month, as the Prime Minister prioritises responsibilities in line with the government’s COVID-19 econo­mic and security commitments.

The Australian understands Mr Morrison will permanently reduce­ cabinet from 23 to 22 following the departure of Mathias Cormann earlier this month.

The special cyber security role would be added to the Home Affairs­ portfolio, which has oversight of cyber security legislation and the roll out of the decade-long Cyber Security Strategy, and comes as the government ramps up its defences against state-based and criminal actors.

Water, food and health providers have been hit by attempted cyber attacks this year, with digital strikes escalating against Aust­ralian critical-infrastructure operators and companies during the coronavirus pandemic.

The Australian can reveal two new cyber attacks on critical infrastructure, including a regional Queensland water provider that repelled an intrusion that could have inflicted a catastrophic impact­ across water supplies and farms. If the attack had been successful, the impact on water quality would have affected human and livestock consumption and dispersed chemicals into crops.

The Home Affairs Department also confirmed a major national food wholesaler had its systems attacked­, disrupting their ability to “provide foods to Australians at a time of unprecedented pressure on the food and grocery sector”.

Regional hospitals in Victoria have also been targeted, resulting in disruptions to health services and surgeries.

Lots more here:

https://www.theaustralian.com.au/nation/politics/cyber-security-promoted-to-cabinet-in-rejig/news-story/6f26f73ddf638a7d99c4fd1d818f74f0

This makes it clear there is a lot going on – a lot of which we don’t seem to hear about.

At a corporate level there now also seems to be increasing concern – witness these two articles here:

APRA flags tougher stance to get boards to take security seriously

By Tim Biggs

November 26, 2020 — 5.01pm

The Australian Prudential Regulation Authority (APRA) has put the boards of banks, insurers and superannuation funds on notice, warning that many of them are still failing to adequately protect their systems from hackers.

Unveiling its updated cyber security policy on Thursday, the regulator said boards will be required to engage an external audit firm to review if their cyber defences were in line with the CPS 234 standards put in place by APRA last year.

"It’s close to 18 months since CPS 234 came into effect, and we are still seeing too many basic cyber hygiene issues across the industry", outgoing executive board member Geoff Summerhayes said in a livestreamed speech to the Financial Services Assurance Forum.

"We want compliance independently verified, and we will be applying serious pressure when it’s not forthcoming." "If boards are unwilling or unable to make the required changes in a timely manner, we will consider using formal enforcement action," he said.

Lots more here:

https://www.smh.com.au/technology/apra-flags-tougher-stance-to-get-boards-to-take-security-seriously-20201126-p56i6r.html

and here:

APRA targets cyber hygiene and board oversight with new security strategy

By Tess Bennett on Nov 27, 2020 11:28AM

Toughens cyber stance.

APRA has unveiled a new cyber security strategy and flagged it will step up its review of current cyber compliance, holding boards accountable for shortfalls. 

The prudential regulator’s cyber security strategy for 2020 to 2024 seeks to lift cyber security standards and introduce heightened accountability where companies fail to meet their legally binding requirements. 

In a speech to the Financial Services Assurance Forum yesterday, Geoff Summerhayes, executive board member of APRA said the new strategy seeks to safeguard an increasingly connected network of financial entities, increase board oversight and improve basic cyber hygiene practices.  

Summerhayes said APRA wants to “eradicate unnecessary or careless cyber exposures” by establishing a baseline of cyber controls. It is starting with sharpening its enforcement CPS 234 compliance. 

More here:

https://www.itnews.com.au/news/apra-targets-cyber-hygiene-and-board-oversight-with-new-security-strategy-558317

In the health sector we saw very recently a less than honourable mention here:

Five reasons why COVID-19 has left the health sector vulnerable to cybercrime

Tuesday, 24 November, 2020

An industry white paper published by cybersecurity firm Kroll explores the impact of COVID-19 on the healthcare industry’s cybersecurity landscape and shares best-practice guidance for healthcare providers.

The risk landscape resulting from the pandemic is characterised by five key vulnerability points:

  • Rapid shift to remote working
  • Expansion of telehealth
  • Workforce under pressure
  • Interoperability
  • PPE shortages
     

A rapid shift to remote working, the expansion of telehealth services and a workforce under increased pressure — all triggered by the COVID-19 pandemic — have led to an 86% increase in healthcare data breach notification cases globally between March and September 2020.

According to the Notifiable Data Breaches Report by the Office of the Australian Information Commissioner (OAIC), Australia’s healthcare industry experienced more data breaches than any other industry, accounting for 22% of notifiable data breaches between January and June 2020.

“The sensitive nature of patient data and the criticality of healthcare systems means that they are an attractive target for cybercriminals,” said Louisa Vogelenzang, Associate Managing Director and Asia-Pacific lead for Identity Theft and Breach Notification services in Kroll’s Cyber Risk practice.

“Due to the COVID-19 pandemic, remote working and telehealth services have surged and IT providers have struggled to keep up with the demand, leaving important systems and data vulnerable.

“Healthcare providers hold some of the most sensitive data in the country and operate systems that support people’s wellbeing, so it’s important that their systems have the same level of cybersecurity we’ve come to expect from critical infrastructure.”

Vogelenzang noted that, with Australia’s healthcare industry experiencing more notifiable data breaches than any other sector, there are some key areas for improvement:

  • Getting cyber hygiene basics right, which includes patching and ensuring multifactor authentication is enabled for remote access, as well as many more fundamental steps to eliminate the most common risks.
  • Ensuring security awareness programs are in place and that they include how to spot and report phishing emails as well best practice for sharing sensitive information.
  • Conducting reviews of third-party service providers, ensuring that they are appropriately protecting the most sensitive information and systems.
  • Having an incident response plan that includes scenarios like ransomware and data breaches, practising this plan regularly through tabletop exercises, and ensuring the right partnerships are in place for support, should an incident occur.

More here:

https://www.hospitalhealth.com.au/content/technology/article/five-reasons-why-covid-19-has-left-the-health-sector-vulnerable-to-cybercrime-1158220727

And here:

25 November 2020

Treating the underlying causes of cyber symptoms

Networks Technology

Posted by Chris Fisher

Australia’s health sector is constantly the target of cyberattacks, and in the first half of 2020, a total of 22 per cent of all Australian data breaches were in the health sector.

Through our own research, we know the real threat is already in healthcare networks in the form of privileged access misuse, the growth in healthcare IoT devices, and that the majority of attacks occur due to underinvestment in security operations or a lack of security awareness by insiders.

The increased number of cyber threats the Australian health sector has encountered in recent months led the federal government to warn that cyber attackers were taking advantage of the COVID-19 pandemic, targeting hospitals, medical services and crisis-response organisations.

The Australian Strategic Policy Institute’s International Cyber Policy Centre recently noted that hospitals are targeted because they are essential services and more likely to pay a ransom to regain control of their network from hackers.

Many people within the healthcare industry have access to patient medical records, making it easy for some to take advantage of that privilege. Internal actors – meaning employees who access patient data with unlawful intent – are largely responsible for healthcare data loss, and healthcare is the only industry where this occurs at such an alarming rate. Indeed, our own research demonstrated that human error and misuse occurred more frequently in the healthcare industry than external threats such as hacking or ransomware.

More here:

https://medicalrepublic.com.au/treating-the-underlying-causes-of-cyber-symptoms/37436

And to top it all of we have this:

China, Russia spreading lies, digital discord: former US National Security Agency director Mike Rogers

Geoff Chambers

Chinese and Russian state-based cyber actors are orchestrating industrial-scale malicious attacks and disinformation campaignsto gain global competitive advantage and weaken democratic institutions via “manipulation” and theft of sensitive data.

Amid a surge in cyber attacks targeting Australian governments, critical infrastructure and private sector firms, former US National Security Agency director Mike Rogers has called on Western nations to work together in neutralising active threats.

Admiral Rogers, who also led the US Cyber Command and Central Security Service under presidents Donald Trump and Barack Obama, said establishing cyber deterrence frameworks would help nations manage fast-evolving threats.

“My attitude always was: can you explain to me how Russia, China, North Korea and the Iranians have come to the conclusion that cyber represents low-risk — that they can engage in aggressive activities in cyber and not trigger a significant response … or at least a response that they think outweighs the benefits?” Admiral Rogers told The Australian.

“How is it that we have got two diametrically opposed world models? We have got to change this dynamic, we have to reshape the risk calculus of these cyber actors whether it be nation states or criminal actors.”

Canada, a member of the Five Eyes intelligence alliance alongside Australia, the US, Britain and New Zealand, last week named state-sponsored hackers from China, Russia, Iran and North Korea as the country’s “greatest strategic threat”.

Lots more here:

https://www.theaustralian.com.au/nation/defence/china-russia-spreading-lies-digital-discord-former-us-national-security-agency-director-mike-rogers/news-story/86b8efb90dda1001a814cff2129a2dd8

And to wrap up we have a great overview of the issues here:

Cyber warfare - is attack the best form of defence?

Gilbert + Tobin

Cyber-attacks by nation states are on the rise and are becoming an increasingly common method of “warfare” and diplomatic disruption. Countries such as China and Russia are developing cyber weapons for use in any future conflicts, while the USA, the UK, France and Israel have also invested in developing cyber capabilities. Australia’s recently launched Cyber Security Strategy 2020 recognised the significant threat posed by nation states to our government and critical infrastructure providers and committed to invest $1.67 billion over 10 years in relation to cyber security (see our analysis of the strategy - Australia’s Cyber Security Strategy 2020: What you need to know). A critical question is how countries such as Australia should defend themselves, and should this defence involve offensive attack?

According to Verizon’s 2019 Data Breach Investigations Report, cyber-attacks by nation states, and affiliated parties, represented 23% of data breaches, up from 12% in 2018 and 19% in 2017. The report also highlighted that a quarter of all breaches were associated with espionage.

Australia's Cyber Security Strategy 2020

Australia’s Cyber Security Strategy 2020 identifies nation states as major threat actors who “seek to compromise networks to obtain economic, policy, legal, defence and security information for their advantage”. It recorded that in the year to 30 June 2020 government entities were the target of approximately 35% of incidents while attacks on critical infrastructure providers (delivering services such as healthcare, education, banking, water, communications, transport and energy) comprised a further 35% of incidents.

A successful attack of this nature could have a catastrophic effect on the Australian economy and our society. For example, the 2015 BlackEnergy attack (which Russia is accused of mounting) against Ukraine  cut power to over 700,000 homes for a period while the 2017 NotPetya attacks (also allegedly mounted by Russia) resulted in the radiation monitoring system at Ukraine’s Chernobyl Nuclear Power Plant going offline while Ukraine’s national bank, state power company and largest airport were also affected.  You don’t need to be an expert to imagine the fallout from a cyberattack on our financial markets, particularly if financial records are destroyed or altered. Similarly the panic and chaos that would result from any interference with the operations of nuclear plants and water systems, or the interruption of critical transportation systems bringing cities to a halt.

Lots more here:

https://www.lexology.com/library/detail.aspx?g=be126908-c800-4ca4-a247-0737bb351bfb

With all this in just a few days my only feeling is to suggest we all “be careful out there”! It is clear we need to be both “alert and alarmed" as it is clear risks are rising at many levels!

David.