Australia’s notifiable data breach scheme: An analysis of risk management findings for healthcare

Abstract

This paper provides an overview of the first five years of data published via the Australian Governments’ Notifiable Data Breach (NDB) scheme, operated by the Office of the Australian Information Commissioner (OAIC). Applying investigative techniques including descriptive and inferential statistics, Pareto analysis, distribution analysis, and bivariate correlations it is discovered that 80% of data breach incidents are substantively caused by fives forms of human error, particularly failures in email management. A deeper investigation across each of the periods studied reveals significant correlations often involve insider-based threats, suggesting these can be an indicative predictor for other events such as phishing and ransomware attacks. The included summary of increasing privacy concerns from the public and government-led legislative amendments in Australia, further illustrates the urgency and importance of applying this knowledge to the critical infrastructure of healthcare.

RAS ID

60471

Document Type

Conference Proceeding

Date of Publication

1-1-2023

Volume

14305 LNCS

School

School of Science

Copyright

subscription content

Publisher

Springer

Comments

Dart, M., & Ahmed, M. (2023). Australia’s notifiable data breach scheme: An analysis of risk management findings for healthcare. In Health Information Science (pp. 64-78). Springer, Singapore. https://doi.org/10.1007/978-981-99-7108-4_6

Share

 
COinS
 

Link to publisher version (DOI)

10.1007/978-981-99-7108-4_6