Australia’s notifiable data breach scheme: An analysis of risk management findings for healthcare

Authors/Creators

Martin Dart, Edith Cowan UniversityFollow
Mohiuddin Ahmed, Edith Cowan UniversityFollow

Abstract

This paper provides an overview of the first five years of data published via the Australian Governments’ Notifiable Data Breach (NDB) scheme, operated by the Office of the Australian Information Commissioner (OAIC). Applying investigative techniques including descriptive and inferential statistics, Pareto analysis, distribution analysis, and bivariate correlations it is discovered that 80% of data breach incidents are substantively caused by fives forms of human error, particularly failures in email management. A deeper investigation across each of the periods studied reveals significant correlations often involve insider-based threats, suggesting these can be an indicative predictor for other events such as phishing and ransomware attacks. The included summary of increasing privacy concerns from the public and government-led legislative amendments in Australia, further illustrates the urgency and importance of applying this knowledge to the critical infrastructure of healthcare.

RAS ID

60471

Document Type

Conference Proceeding

Date of Publication

1-1-2023

Volume

14305 LNCS

School

School of Science

Copyright

subscription content

Publisher

Springer

Related Publications

Dart, M. J. (2024). Cyber security risk management in large Australian healthcare systems - a mixed methods study. Edith Cowan University. Retrieved from https://ro.ecu.edu.au/theses/2756

Comments

Dart, M., & Ahmed, M. (2023). Australia’s notifiable data breach scheme: An analysis of risk management findings for healthcare. In Health Information Science (pp. 64-78). Springer, Singapore. https://doi.org/10.1007/978-981-99-7108-4_6