HISA has established a Cybersecurity Community of Practice to inform and engage all stakeholders about cybersecurity in healthcare and influence the application of sound practices. The expanded use of networked technology, internet-enabled devices, applications and electronic datasets, used for a range of clinical, financial and administrative functions, have significantly minimised the number of manual steps and time-consuming processes in healthcare workflows.

Yet, such connectivity and automated processes have increased the vulnerability of healthcare providers to cybersecurity breaches. While cybersecurity may be perceived as primarily a technical matter it is much broader than this and encompasses both technology and human processes.

As we continue to move toward integrated digitally-enabled organisations, the disruption caused by cybersecurity incidents can have far-reaching effects, and may include lack of access to critical clinical information and services, risks to patient safety, costly replacement of equipment and data, loss of community confidence in our healthcare system and reputational damage to the providers and organisations that suffer a breach.

Cybersecurity membership

Are you involved in cybersecurity? Do you have any suggestions, ideas or would like to get involved in this community of practice?


David Bunker (Chair)

Executive Director
Queensland Genomics Health Alliance

David Bunker is the Executive Director of the Queensland Genomics Health Alliance. He has a commitment to health and social outcomes, and values-based business transformation. His commitments include significant voluntary contribution to NFP Boards, Graduate Business Schools, as well as Professional Societies and Academic Colleges. His current focus with the Queensland Genomics Health Alliance is to fast track genomics research and its translation into common healthcare practice, while building a sound, evidence-based decision making framework for strategic capability and capacity building programs within the health system.

Board, College and Society Membership:

Dr Peter Croll


Dr Peter R. CROLL BSc (hons) PhD (Sheffield), CHIA, FACS CP (Cyber Security).

Peter is a research leader in Health Informatics and an expert consultant for industry and government. With a prior background in safety critical control systems, he now applies his extensive knowledge in risk minimisation to the cyber-safety of health applications. He has broad experience as a director of research centres, head of school/department, faculty dean and as a university professor in ICT. He established the GoBroadband initiative to secure Coffs Harbour as an early roll-out site for the NBN for which he obtained the Vice Chancellor’s individual award for ‘Excellence in Community Engagement’. He holds two current professional certifications: CHIA for health informatics and CP (Cyber Security). He is the immediate past chair for the International Medical Informatics Association’s working group on ‘Security of Health Information Systems’. Peter is a Fellow and a QLD branch executive for the Australian Computer Society. He is the convener and editor of the ‘Australian guidelines for the protection of Health Information’ produced by the Health Informatics Society of Australia, with whom he is highly active having been a previous Board Director, National Vice-chair and the QLD chair.

Michael Johansen

Digital Health Lead

Michael is the Digital Health Lead for the Northern Territory Primary Health Network (NTPHN) whose role it is to champion the use of data and technology to help people live healthier, happier and more productive lives. He has spent more than 20 years in healthcare with a start to his career as a Medical Scientist, then specialising in immunohematology and further advancing his career to undertake a Bachelor of IT – software engineering. He is skilled in a wide range of industry endorsed IT methodologies. He who enjoys driving technology processes, delivering infrastructure and adding value to the business whilst providing inspirational ideas and pro-active solutions to achieve technology growth and business vision. His interest in cybersecurity stems from a recognition that as our world becomes increasingly connected, our information is more easily exposed to theft or malicious disruption.

Jorge Silveira

Director of Information Management / CIO<

Jorge Silveira is the Director of Information Management and CIO for Northeast Health Wangaratta (NHW), a comprehensive specialist referral public health service in regional Victoria. He is the chair of the Hume Cybersecurity Working Group and an active member of the VHCIO Cybersecurity Working Group with the Department of Health and Human Services (DHHS). He has developed a number of cybersecurity resources used across the health sector in Victoria, including the creation of the code yellow cybersecurity major incident response flow chart. As a qualified auditor, he has conducted a number of ICT governance, operations and security reviews for various health services.

Jorge has also introduced the first Secure Erase media sanitisation device in Australia that was able to apply logical techniques that render data recovery infeasible even when using state of the art laboratory data recovery forensic techniques. This led to the update of the Australian Federal Government Information Security Manual (ISM), which incorporated this method into the list of controls for media sanitisation and to receive a CeBIT Emerging Technology Innovation Award.

Prof Trish Williams

Professor of Digital Health Systems, Flinders University
Chair, Cisco

Trish is co-director of the Flinders Digital Health Research Centre, a newly formed multidisciplinary entity to further digital health systems and technologies research. Her role is to foster digital health university-industry-government collaborations to contribute to ‘Digital Health Enabling Health Smart Living’. As a passionate contributor to, and advocate for, health informatics standards, Trish is a previous Chair of HL7 Australia, international co-chair HL7 Security and nominated expert on ISO health informatics standards. Trish is co-editor of HISA’s Privacy Guideline and E-Safety Professional Practice Guidelines, Board Member of HISA, primary author of the RACGP Computer and Information Security Standards, NPS MedicineWise Data Governance Committee member, amongst other industry and health advisory boards. She has over 100 health and medical information security and safety publications.

Trish’s research and capability span health cyber-security, privacy, mobile health, Health Internet of Things (HIoT), medical device security, data quality, governance, health software safety, and health informatics standards. Trish’s internationally recognised expertise in medical information security (as well as her liking for full-bodied red wine!🍾), and these together with her passion for practical outcomes and experience in healthcare computing are integrated to lead research and innovation in digital health.

Upcoming events

There are no upcoming events at this time.

Previous webinars

Available to HISA members only. To view the recording, you may need to provide your contact information.

2018 Cybersecurity in Australian Healthcare Survey results

HISA’s 2018 Cybersecurity in Australian Healthcare survey reached 48% of health services in regional/rural areas and 52% in metropolitan areas.

We received responses from executives (23%), administrative staff (22%), IT staff (18%), clinicians (12%) and the remainder a mix of researchers, consultants, vendor specialists and board members.

Respondents felt a strong sense of organisational responsibility for the security of information assets and information systems with the following measures in place: formal plans (73%), staffing (75%) and dedicated security budget (42%).

Read more

Innovating health roundtable

Whilst we embrace digital programs and solutions to innovate and support health system change, we must be aware of the ever increasing and inherent risks to health operations and the protection of health related data. This roundtable explored the question: how do we balance innovation against risk?

We welcomed an international guest – Theresa Meadows, Senior Vice President and CIO at Cook Children’s Health Care System in Dallas Texas, and Co-Chair of US Department of Health and Human Services Healthcare Industry Cybersecurity Taskforce. Theresa provided perspectives on the question of significance and the current state of cybersecurity in healthcare.

Additionally, Professor Trish Williams, Chair and Professor of Digital Health Systems at Flinders University, aided Theresa and led the discussion focused on innovation and the digital change agenda within healthcare, which is the theme of this series. Finally, we were also fortunate to have Simon Eid, Country Manager ANZ for Splunk, who provided specific insights and industry trends in cybersecurity, analytics and the protection of data across industries including healthcare.

The roundtable discussion sought to provide an international update on cybersecurity in healthcare, in particular what the Taskforce in the US is aiming to accomplish, and to pose the question of how do we innovate and reform whilst dealing with increasing and more sophisticated cyber threats? The discussion focused on a number of key themes on governance, risk appetite, protecting and sharing information, organisational preparedness, using security as part of innovation, and thinking differently about data in healthcare.

Find Out More

Key take-away points, interviews and a report.


2018 Cybersecurity in Australian Healthcare Survey results

HISA’s 2018 Cybersecurity in Australian Healthcare survey reached 48% of health services in regional/rural areas and 52% in metropolitan areas. We received responses from executives (23%), administrative staff (22%), IT staff (18%), clinicians (12%) and the remainder a mix of researchers, consultants, vendor specialists and board members. Respondents felt a strong sense of organisational responsibility [...]

read more

Cybersecurity new survey closes 15 October

Through consultation across the health sector, HISA gathers current information on the most wide-ranging topics and the communities of practice are just one way we can harness the specific interests of members. Cybersecurity is high on the list and recently we released the findings from our 2017 survey. The second survey is now open for your [...]

read more

HISA’s cybersecurity community of practice survey report

The results of HISA’s 2017 cybersecurity survey have been discussed over some months at branch meetings and webinars and now the published version has been made available online. There were 157 responses to the survey from a cross-section of organisations. It was conducted across four broad domains to assess awareness and maturity across the healthcare [...]

read more