HISA has established a Cybersecurity Community of Practice to inform and engage all stakeholders about cybersecurity in healthcare and influence the application of sound practices. The expanded use of networked technology, internet-enabled devices, applications and electronic datasets, used for a range of clinical, financial and administrative functions, have significantly minimised the number of manual steps and time-consuming processes in healthcare workflows.
Yet, such connectivity and automated processes have increased the vulnerability of healthcare providers to cybersecurity breaches. While cybersecurity may be perceived as primarily a technical matter it is much broader than this and encompasses both technology and human processes.
As we continue to move toward integrated digitally-enabled organisations, the disruption caused by cybersecurity incidents can have far-reaching effects, and may include lack of access to critical clinical information and services, risks to patient safety, costly replacement of equipment and data, loss of community confidence in our healthcare system and reputational damage to the providers and organisations that suffer a breach.
Are you involved in cybersecurity? Do you have any suggestions, ideas or would like to get involved in this community of practice?
David Bunker (Chair)
Queensland Genomics Health Alliance
David Bunker is the Executive Director of the Queensland Genomics Health Alliance. He has a commitment to health and social outcomes, and values-based business transformation. His commitments include significant voluntary contribution to NFP Boards, Graduate Business Schools, as well as Professional Societies and Academic Colleges. His current focus with the Queensland Genomics Health Alliance is to fast track genomics research and its translation into common healthcare practice, while building a sound, evidence-based decision making framework for strategic capability and capacity building programs within the health system.
Board, College and Society Membership:
- Director – Epilepsy Queensland
- Fellow and Membership Committee Chair – Australasian College of Health Informatics
- Steering Committee Member – Cybersecurity CoP, Health Informatics Society of Australia
- Advisor – Executive MBA Program, QUT Graduate School of Management
- Reviewer – International Journal of Medical Informatics
AABB Consulting – Healthcare
Tony has 27 years of ICT experience in healthcare, key roles and engagements include; Victorian Heart Hospital enterprise ICT design and strategy, Victorian Comprehensive Cancer Centre – Parkville Precinct models of care (ICT director and enterprise design), Hervey Bay St Stephen’s Uniting Care enterprise digital hospital design and manager of the Digital Design Authority Victoria. This experience has lead to a deep understanding of overall needs of the healthcare ecosystem relating to the delivery of healthcare benefits through IM&ICT. He is highly experienced in successful design and delivery of digital hospital solutions, healthcare ICT strategy, governance and program management. Specialised in the design and delivery of enterprise Electronic Medical Record solutions, electronic Medications Management, eReferrals and implementing Australian Digital Health Agency national initiatives. Tony is able to draw on his experience in senior management roles for private organisations, government and health entities to describe and target practical, effective and efficient solutions that relate to the maturity and capability of individual organisations across a complex landscape. Cyber security is one of many key challenges that is generally not well funded or understood and needs a focus in this journey.
Dr Damian Claydon-Platt
Chief Clinical Information Officer
Dr Claydon-Platt is CCIO at Epworth Healthcare, a large not-for-profit healthcare group in Victoria. Damian is a medical doctor with 18 years’ clinical experience working predominantly in the Intensive Care Environment. He is currently involved in the strategic alignment of IT priorities to clinical and organisational requirements, influencing of corporate vision to embrace the benefits of information technologies, stakeholder engagement across the group, and implementation of clinical-facing information systems. He maintains a clinical perspective by continuing to work in intensive care, and is keenly aware of the need to minimize the impact of digital solutions on clinical workflows. As the CCIO, he is constantly trying to balance the increasing demand for simple access to clinical information anywhere, anytime, on any device, with the IT department’s need to take an enterprise view on cybersecurity to ensure this sensitive information is secure.
Dr Peter Croll
Dr Peter R. CROLL BSc (hons) PhD (Sheffield), CHIA, FACS CP (Cyber Security).
Peter is a research leader in Health Informatics and an expert consultant for industry and government. With a prior background in safety critical control systems, he now applies his extensive knowledge in risk minimisation to the cyber-safety of health applications. He has broad experience as a director of research centres, head of school/department, faculty dean and as a university professor in ICT. He established the GoBroadband initiative to secure Coffs Harbour as an early roll-out site for the NBN for which he obtained the Vice Chancellor’s individual award for ‘Excellence in Community Engagement’. He holds two current professional certifications: CHIA for health informatics and CP (Cyber Security). He is the immediate past chair for the International Medical Informatics Association’s working group on ‘Security of Health Information Systems’. Peter is a Fellow and a QLD branch executive for the Australian Computer Society. He is the convener and editor of the ‘Australian guidelines for the protection of Health Information’ produced by the Health Informatics Society of Australia, with whom he is highly active having been a previous Board Director, National Vice-chair and the QLD chair.
When I started my education journey in IT with Health Specialisation at University of Melbourne, I had one passion and goal in mind: improving healthcare through better use of technology and information. However, I soon realised to ensure information technologies can enhance healthcare, an enthusiasm for health informatics should be cultivated and maintained among people as well as governing and advisory bodies. Realising this, I started to promote health informatics ideas and advances among community through different social platforms whenever I got the chance to bring up the subject. Having had the privilege of helping at HISA Telehealth Conference this year, and being part of a team committed to advance e-health in Australia, I was more inspired to promote health transformation through information technologies. I strongly believe cooperating with HISA, whose mission and objectives I share, would give me a chance to facilitate realisation of the promise of health informatics in Australia.
Northeast Health Wangaratta (NHW)
Jorge Silveira is the Director of Information Management and CIO for Northeast Health Wangaratta (NHW), a comprehensive specialist referral public health service in regional Victoria. He is the chair of the Hume Cybersecurity Working Group and an active member of the VHCIO Cybersecurity Working Group with the Department of Health and Human Services (DHHS). He has developed a number of cybersecurity resources used across the health sector in Victoria, including the creation of the code yellow cybersecurity major incident response flow chart. As a qualified auditor, he has conducted a number of ICT governance, operations and security reviews for various health services.
Jorge has also introduced the first Secure Erase media sanitisation device in Australia that was able to apply logical techniques that render data recovery infeasible even when using state of the art laboratory data recovery forensic techniques. This led to the update of the Australian Federal Government Information Security Manual (ISM), which incorporated this method into the list of controls for media sanitisation and to receive a CeBIT Emerging Technology Innovation Award.
Prof Trish Williams
Trish is co-director of the Flinders Digital Health Research Centre, a newly formed multidisciplinary entity to further digital health systems and technologies research. Her role is to foster digital health university-industry-government collaborations to contribute to ‘Digital Health Enabling Health Smart Living’. As a passionate contributor to, and advocate for, health informatics standards, Trish is a previous Chair of HL7 Australia, international co-chair HL7 Security and nominated expert on ISO health informatics standards. Trish is co-editor of HISA’s Privacy Guideline and E-Safety Professional Practice Guidelines, Board Member of HISA, primary author of the RACGP Computer and Information Security Standards, NPS MedicineWise Data Governance Committee member, amongst other industry and health advisory boards. She has over 100 health and medical information security and safety publications.
Trish’s research and capability span health cyber-security, privacy, mobile health, Health Internet of Things (HIoT), medical device security, data quality, governance, health software safety, and health informatics standards. Trish’s internationally recognised expertise in medical information security (as well as her liking for full-bodied red wine!🍾), and these together with her passion for practical outcomes and experience in healthcare computing are integrated to lead research and innovation in digital health.
Webinar – Shifting Perspectives: Security as a key pillar in delivering the next generation of virtualised care
Available to HISA members only. To view the recording, you may need to provide your contact information.
Innovating Health Roundtable
Whilst we embrace digital programs and solutions to innovate and support health system change, we must be aware of the ever increasing and inherent risks to health operations and the protection of health related data. This roundtable explored the question: how do we balance innovation against risk?
We welcomed an international guest – Theresa Meadows, Senior Vice President and CIO at Cook Children’s Health Care System in Dallas Texas, and Co-Chair of US Department of Health and Human Services Healthcare Industry Cybersecurity Taskforce. Theresa provided perspectives on the question of significance and the current state of cybersecurity in healthcare.
Additionally, Professor Trish Williams, Chair and Professor of Digital Health Systems at Flinders University, aided Theresa and led the discussion focused on innovation and the digital change agenda within healthcare, which is the theme of this series. Finally, we were also fortunate to have Simon Eid, Country Manager ANZ for Splunk, who provided specific insights and industry trends in cybersecurity, analytics and the protection of data across industries including healthcare.
The roundtable discussion sought to provide an international update on cybersecurity in healthcare, in particular what the Taskforce in the US is aiming to accomplish, and to pose the question of how do we innovate and reform whilst dealing with increasing and more sophisticated cyber threats? The discussion focused on a number of key themes on governance, risk appetite, protecting and sharing information, organisational preparedness, using security as part of innovation, and thinking differently about data in healthcare.
HISA welcomes a new expert contributor to the Cybersecurity Community of Practice leadership group – Jorge Silveira, Director of Information Management and CIO for Northeast Health Wangaratta (NHW), a comprehensive specialist referral public health service in regional...read more
HISA’s Victoria branch went onsite at Epworth Healthcare this week to talk about cybersecurity in a range of organisational healthcare settings. HISA cybersecurity community of practice also took the opportunity to present the results of its recent survey. Speakers...read more
Across Australian healthcare, data breaches and cyber-attacks seem to be more frequently reported by hospitals and healthcare organisations. HISA responded to the groundswell of interest in cybersecurity by launching a dedicated Community of Practice this year. Now...read more
It’s good timing for HISA to announce a newly formed special interest group which will identify – and tackle – the latest cybersecurity challenges in healthcare. Cybersecurity was in the news as well as widely discussed by delegates at HISA’s Health Data Analytics...read more