Cyber security

Cyber security

Your healthcare business or practice has access to valuable digital information entrusted to you by healthcare consumers, suppliers and employees.

Unfortunately, Cyber threats are on the rise in the healthcare sector. The critical nature of healthcare services, combined with the shift to virtual care and relatively low levels of cyber controls in the sector, makes health organisations a prime target for cybercriminals.

Murray PHN, in partnership with the Australian Digital Health Agency (ADHA) promotes the use of safe and secure digital health services and systems to improve health outcomes.

Cyber security threats can impede a healthcare organisation’s ability to provide necessary patient care. These threats come from various internal and external sources, such as:

A hacker impersonates a trustworthy email source to entice users to click on a link. Through this means, hackers can obtain personal information, such as credit card numbers and passwords.



Software created to cause damage to a computer, a network, or another connected system. Malicious software can come in the form of a virus, a Trojan horse, spyware, and adware.



A type of malware that uses encryption to block access systems or threaten to publish user data unless a ransom is paid.


Stolen medical records can be used to conduct fraudulent activities, such as impersonating an individual in an attempt to receive reimbursement for healthcare services.



Individuals who have access to key systems willingly or mistakenly put them at risk. Insider threats in healthcare can come from employees, former employees, or contractors/vendors.



From security camera sensors to handheld medical devices, billions of devices are connected to each other thanks to the IoT or internet of things. Hackers can take advantage of weak points in these connections to access systems with personal patient data.



Only a third of Australian Healthcare organisations embed cyber security awareness and training into their organisational policies and procedures - Cyber Security Across the Australian Healthcare Sector 2018.

Practical steps to protect against cyber attacks

  1. Build security awareness with the Digital Health Security Awareness eLearning course
  2. Keep your software up-to-date
  3. Use strong passwords and implement multi-factor authentication
  4. Back up your data regularly
  5. Do not respond to unsolicited phishing emails, texts and calls
  6. If you fall victim to ransomware, avoid paying the ransom

Training and resources

The Australian Digital Health Agency provides extensive support and resources to protect against cyber-attacks, including information on passwords, data backup, phishing, ransomware and the provision of e-learning courses.

Local Public Health Units: The future of notifiable communicable diseases (November 2023)

Cyber security for your practice PowerPoint presentation and webinar recording (28 February 2023):

Disclaimer: The Australian Digital Health Agency are the creators of this presentation and information based on Industry Best Practice. As the information is of a general nature only, it is up to any person using or relying on the information to ensure an assessment of their individual situation is undertaken by an authorised party.

The Australian Cyber Security Hotline provides 24/7 support. Call 1300 CYBER1 (1300 292 371).

How we can help

Our Digital Health Team can provide resources and referral information to assist practices to understand cyber security. Email for support.

Or click below to return back to the digital health home page:


Page last updated 19 March 2024