Australia’s notifiable data breach scheme: An analysis of risk management findings for healthcare
Abstract
This paper provides an overview of the first five years of data published via the Australian Governments’ Notifiable Data Breach (NDB) scheme, operated by the Office of the Australian Information Commissioner (OAIC). Applying investigative techniques including descriptive and inferential statistics, Pareto analysis, distribution analysis, and bivariate correlations it is discovered that 80% of data breach incidents are substantively caused by fives forms of human error, particularly failures in email management. A deeper investigation across each of the periods studied reveals significant correlations often involve insider-based threats, suggesting these can be an indicative predictor for other events such as phishing and ransomware attacks. The included summary of increasing privacy concerns from the public and government-led legislative amendments in Australia, further illustrates the urgency and importance of applying this knowledge to the critical infrastructure of healthcare.
RAS ID
60471
Document Type
Conference Proceeding
Date of Publication
1-1-2023
Volume
14305 LNCS
School
School of Science
Copyright
subscription content
Publisher
Springer
Comments
Dart, M., & Ahmed, M. (2023). Australia’s notifiable data breach scheme: An analysis of risk management findings for healthcare. In Health Information Science (pp. 64-78). Springer, Singapore. https://doi.org/10.1007/978-981-99-7108-4_6