Australia’s notifiable data breach scheme: An analysis of risk management findings for healthcare

Authors

Martin Dart, Edith Cowan UniversityFollow
Mohiuddin Ahmed, Edith Cowan UniversityFollow

Document Type

Conference Proceeding

Publication Title

Health Information Science

Volume

14305 LNCS

First Page

65

Last Page

78

Publisher

Springer

School

School of Science

RAS ID

60471

Comments

Dart, M., & Ahmed, M. (2023). Australia’s notifiable data breach scheme: An analysis of risk management findings for healthcare. In Health Information Science (pp. 64-78). Springer, Singapore. https://doi.org/10.1007/978-981-99-7108-4_6

Abstract

This paper provides an overview of the first five years of data published via the Australian Governments’ Notifiable Data Breach (NDB) scheme, operated by the Office of the Australian Information Commissioner (OAIC). Applying investigative techniques including descriptive and inferential statistics, Pareto analysis, distribution analysis, and bivariate correlations it is discovered that 80% of data breach incidents are substantively caused by fives forms of human error, particularly failures in email management. A deeper investigation across each of the periods studied reveals significant correlations often involve insider-based threats, suggesting these can be an indicative predictor for other events such as phishing and ransomware attacks. The included summary of increasing privacy concerns from the public and government-led legislative amendments in Australia, further illustrates the urgency and importance of applying this knowledge to the critical infrastructure of healthcare.

DOI

10.1007/978-981-99-7108-4_6

Related Publications

Dart, M. J. (2024). Cyber security risk management in large Australian healthcare systems - a mixed methods study. Edith Cowan University. Retrieved from https://ro.ecu.edu.au/theses/2756

Access Rights

subscription content