Privacy and information security

Effective information security practices and policies are essential to ensure the privacy of health and business information. Additionally, the use of healthcare identifiers instead of names is useful to protect privacy along with establishing clear policies for the use of information in health research.

Please read more on topics in this section via the links below.

Privacy and information security

Your practice must protect personal information it holds from:

  • misuse, interference and loss
  • unauthorised access, modification or disclosure.

Cross-border disclosures (ie disclosing information to an overseas recipient or using cloud computing companies) must first undergo a thorough risk assessment to ensure no privacy breaches will occur.

As previously discussed, it is essential for your practice to:

  • conduct in-depth risk assessments
  • ensure safe electronic transfer of information
  • safely communicate via electronic mediums with patients
  • securely de-identify and destroy patient data
  • have an effective and updated security policy.

Practices should refer to the RACGP Information security in general practice resource for guidance and further information on information and cyber security. You can also access policy recommendations and case studies here

Healthcare identifiers

Read more on ‘Healthcare identifiers’ here

Health research

Read more on ‘Health research’ here

Other Toolkits

The Royal Australian College of General Practitioners acknowledges Aboriginal and Torres Strait Islander peoples as the Traditional Custodians of the land and sea in which we live and work, we recognise their continuing connection to land, sea and culture and pay our respects to Elders past, present and future.