In early August, the Federal Government released its 2020 Australian Cyber Security Strategy. This not only focused attention on the need for greater security around personal information, but redefined what industries were classified as critical to the national interest.
In previous years, this was reserved for sectors such as utilities and telecommunications providers. However, in the wake of the COVID-19 pandemic, Australia has been forced to reconsider what industries are truly integral to society. Healthcare data has emerged as a vitally important commodity and is now seen as key to our national security.
This is no surprise given the multiple warnings from the Australian Cyber Security Centre (ACSC) on cyber attacks targeting healthcare and aged care. With the increasing digitisation of the healthcare system and the amount of sensitive personal information held by these organisations, “a significant ransomware attack against a hospital or aged care facility would have a major impact”.
Cyber criminals and nation states are realising that healthcare organisations are sources of valuable data that pose a very real threat to the safe functioning of societies and governments. To address this risk, Australia must better embed cyber security at the heart of public and private health information systems.