HISA has established a Cybersecurity Community of Practice to inform and engage all stakeholders about cybersecurity in healthcare and influence the application of sound practices. The expanded use of networked technology, internet-enabled devices, applications and electronic datasets, used for a range of clinical, financial and administrative functions, have significantly minimised the number of manual steps and time-consuming processes in healthcare workflows.

Yet, such connectivity and automated processes have increased the vulnerability of healthcare providers to cybersecurity breaches. While cybersecurity may be perceived as primarily a technical matter it is much broader than this and encompasses both technology and human processes.

As we continue to move toward integrated digitally-enabled organisations, the disruption caused by cybersecurity incidents can have far-reaching effects, and may include lack of access to critical clinical information and services, risks to patient safety, costly replacement of equipment and data, loss of community confidence in our healthcare system and reputational damage to the providers and organisations that suffer a breach.

Cybersecurity membership

Are you involved in cybersecurity? Do you have any suggestions, ideas or would like to get involved in this community of practice?

Leadership

David Bunker, CHIA, QLD

David Bunker, CHIA, QLD

Chair

Bio

Executive Director,
Queensland Genomics Health Alliance

David Bunker is the Executive Director of the Queensland Genomics Health Alliance. He has a commitment to health and social outcomes, and values-based business transformation. His commitments include significant voluntary contribution to NFP Boards, Graduate Business Schools, as well as Professional Societies and Academic Colleges. His current focus with the Queensland Genomics Health Alliance is to fast track genomics research and its translation into common healthcare practice, while building a sound, evidence-based decision making framework for strategic capability and capacity building programs within the health system.

Board, College and Society Membership:

Tom Crampton, VIC

Tom Crampton, VIC

 

Bio

Managing Director & CEO,
Trusted Impact

Tom Crampton is the Managing Director and CEO of TrustedImpact, a specialised, boutique consulting firm focused exclusively in cyber security.

TrustedImpact was founded in 2006, and has over a decade of focused cyber security experience gained from the insight from thousands of successful projects conducted for hundreds of clients across both Government and Commercial organisations. The firm provides clients with practical insight into the technical, people, process and strategic cyber security challenges they face from their diverse and unique business perspectives.

This experience has given Tom a wealth of factual insight into the important industry trends and practical challenges facing businesses in today’s fast moving cyber security environment.

Overall, Tom has 35 years of international management consulting, technology and P&L business leadership experience working successfully both in and with blue chip organisations across Asia, North America, Europe, and Australia. Tom earned a Master’s degree in Business (MBA) with academic distinction from the McCombs School of Business at the University of Texas, and a Bachelor of Arts (BA) in Business from The Colorado College.

Dr Peter Croll, QLD

Dr Peter Croll, QLD

 

Bio

Consultant,
Peter Croll

Dr Peter R. CROLL BSc (hons) PhD (Sheffield), CHIA, FACS CP (Cyber Security).

Peter is a research leader in Health Informatics and an expert consultant for industry and government. With a prior background in safety critical control systems, he now applies his extensive knowledge in risk minimisation to the cyber-safety of health applications. He has broad experience as a director of research centres, head of school/department, faculty dean and as a university professor in ICT. He established the GoBroadband initiative to secure Coffs Harbour as an early roll-out site for the NBN for which he obtained the Vice Chancellor’s individual award for ‘Excellence in Community Engagement’. He holds two current professional certifications: CHIA for health informatics and CP (Cyber Security). He is the immediate past chair for the International Medical Informatics Association’s working group on ‘Security of Health Information Systems’. Peter is a Fellow and a QLD branch executive for the Australian Computer Society. He is the convener and editor of the ‘Australian guidelines for the protection of Health Information’ produced by the Health Informatics Society of Australia, with whom he is highly active having been a previous Board Director, National Vice-chair and the QLD chair.

Jason Hendry, VIC

Jason Hendry, VIC

 

Bio

Chief Technologist,
Portable

Jason is the Chief Technologist at Portable, a digital design company based in Collingwood. His role involves all areas of the software development lifecycle: from the user-centred design of new software to usability and continuous improvement of existing software. Jason oversees development practices within the company, which focus on high quality and secure code, as well as ongoing support and operations. Portable is a propose driven organisation that seeks out areas of social need and policy failure, currently focused on death and ageing, access to justice and mental health. Jason works closely with leadership and IT teams of clients to ensure personal private and health information is properly secured in everything his team develops.

Michael Johansen, NT

Michael Johansen, NT

Bio

Digital Health Lead,
Northern Territory PHN

Michael is the Digital Health Lead for the Northern Territory Primary Health Network (NTPHN) whose role it is to champion the use of data and technology to help people live healthier, happier and more productive lives. He has spent more than 20 years in healthcare with a start to his career as a Medical Scientist, then specialising in immunohematology and further advancing his career to undertake a Bachelor of IT – software engineering. He is skilled in a wide range of industry endorsed IT methodologies. He who enjoys driving technology processes, delivering infrastructure and adding value to the business whilst providing inspirational ideas and pro-active solutions to achieve technology growth and business vision. His interest in cybersecurity stems from a recognition that as our world becomes increasingly connected, our information is more easily exposed to theft or malicious disruption.

Jorge Silveira, CHIA, VIC

Jorge Silveira, CHIA, VIC

Bio

Director of Information Management / CIO,
Northeast Health Wangaratta

Jorge Silveira is the Director of Information Management and CIO for Northeast Health Wangaratta (NHW), a comprehensive specialist referral public health service in regional Victoria. He is the chair of the Hume Cybersecurity Working Group and an active member of the VHCIO Cybersecurity Working Group with the Department of Health and Human Services (DHHS). He has developed a number of cybersecurity resources used across the health sector in Victoria, including the creation of the code yellow cybersecurity major incident response flow chart. As a qualified auditor, he has conducted a number of ICT governance, operations and security reviews for various health services.

Jorge has also introduced the first Secure Erase media sanitisation device in Australia that was able to apply logical techniques that render data recovery infeasible even when using state of the art laboratory data recovery forensic techniques. This led to the update of the Australian Federal Government Information Security Manual (ISM), which incorporated this method into the list of controls for media sanitisation and to receive a CeBIT Emerging Technology Innovation Award.

Prof Trish Williams, CHIA, SA

Prof Trish Williams, CHIA, SA

Bio

Professor of Digital Health Systems,
Flinders University

Trish is co-director of the Flinders Digital Health Research Centre, a newly formed multidisciplinary entity to further digital health systems and technologies research. Her role is to foster digital health university-industry-government collaborations to contribute to ‘Digital Health Enabling Health Smart Living’. As a passionate contributor to, and advocate for, health informatics standards, Trish is a previous Chair of HL7 Australia, international co-chair HL7 Security and nominated expert on ISO health informatics standards. Trish is co-editor of HISA’s Privacy Guideline and E-Safety Professional Practice Guidelines, Board Member of HISA, primary author of the RACGP Computer and Information Security Standards, NPS MedicineWise Data Governance Committee member, amongst other industry and health advisory boards. She has over 100 health and medical information security and safety publications.

Trish’s research and capability span health cyber-security, privacy, mobile health, Health Internet of Things (HIoT), medical device security, data quality, governance, health software safety, and health informatics standards. Trish’s internationally recognised expertise in medical information security (as well as her liking for full-bodied red wine!🍾), and these together with her passion for practical outcomes and experience in healthcare computing are integrated to lead research and innovation in digital health.

Upcoming events

There are no upcoming events at this time.

Previous webinars

Available to HISA members only. To view the recording, you may need to provide your contact information.

2018 Cybersecurity in Australian Healthcare Survey results

HISA’s 2018 Cybersecurity in Australian Healthcare survey reached 48% of health services in regional/rural areas and 52% in metropolitan areas.

We received responses from executives (23%), administrative staff (22%), IT staff (18%), clinicians (12%) and the remainder a mix of researchers, consultants, vendor specialists and board members.

Respondents felt a strong sense of organisational responsibility for the security of information assets and information systems with the following measures in place: formal plans (73%), staffing (75%) and dedicated security budget (42%).

Read more

Innovating health roundtable

Whilst we embrace digital programs and solutions to innovate and support health system change, we must be aware of the ever increasing and inherent risks to health operations and the protection of health related data. This roundtable explored the question: how do we balance innovation against risk?

We welcomed an international guest – Theresa Meadows, Senior Vice President and CIO at Cook Children’s Health Care System in Dallas Texas, and Co-Chair of US Department of Health and Human Services Healthcare Industry Cybersecurity Taskforce. Theresa provided perspectives on the question of significance and the current state of cybersecurity in healthcare.

Additionally, Professor Trish Williams, Chair and Professor of Digital Health Systems at Flinders University, aided Theresa and led the discussion focused on innovation and the digital change agenda within healthcare, which is the theme of this series. Finally, we were also fortunate to have Simon Eid, Country Manager ANZ for Splunk, who provided specific insights and industry trends in cybersecurity, analytics and the protection of data across industries including healthcare.

The roundtable discussion sought to provide an international update on cybersecurity in healthcare, in particular what the Taskforce in the US is aiming to accomplish, and to pose the question of how do we innovate and reform whilst dealing with increasing and more sophisticated cyber threats? The discussion focused on a number of key themes on governance, risk appetite, protecting and sharing information, organisational preparedness, using security as part of innovation, and thinking differently about data in healthcare.

Find Out More

Key take-away points, interviews and a report.

News

[ BLOG ] : Healthcare Executives and Employees Are Hacker Targets – 5 steps to Protect Them

[ BLOG ] : Healthcare Executives and Employees Are Hacker Targets – 5 steps to Protect Them

Tom Crampton Cybersecurity Community of Practice Steering Committee Member Cyber criminal activity continues to spread rapidly across Australian businesses of all sizes and in all industries. Healthcare is no exception, and frontline employees and ‘C-suite’ executives are increasingly the prime targets. While businesses may feel overwhelmed by the growing risk of cyber attacks and criminal [...]

read more
2018 Cybersecurity in Australian Healthcare Survey results

2018 Cybersecurity in Australian Healthcare Survey results

HISA’s 2018 Cybersecurity in Australian Healthcare survey reached 48% of health services in regional/rural areas and 52% in metropolitan areas. We received responses from executives (23%), administrative staff (22%), IT staff (18%), clinicians (12%) and the remainder a mix of researchers, consultants, vendor specialists and board members. Respondents felt a strong sense of organisational responsibility [...]

read more
Cybersecurity new survey closes 15 October

Cybersecurity new survey closes 15 October

Through consultation across the health sector, HISA gathers current information on the most wide-ranging topics and the communities of practice are just one way we can harness the specific interests of members. Cybersecurity is high on the list and recently we released the findings from our 2017 survey. The second survey is now open for your [...]

read more