Privacy and you.

Privacy Awareness Week came and went (28th April – 4th May), as it does every year, but this time the implications for Australian businesses are more pressing.  Major changes to the Privacy Act of 1988 were instituted in the guise of the Privacy Amendment (Enhancing Privacy Protection) Act 2012 and come into effect in March 2014.

These changes, along with the enhanced powers afforded to the Privacy Commissioner, bring an urgency for all medical practices to consider how they manage private information of their patients.

13 new principles apply to private sector entities and Commonwealth agencies and replace the existing principles.  These new principles are structured to closely correlate to the lifecycle of information: from its collection/creation, “through to its use and disclosure, quality and security, access and correction”.

One considerable challenge is how to deliver critical clinical information to mobile Anaesthetists such that patient privacy is not sacrificed.

If your practice is sending around unencrypted emails containing patient information, beware that standard emails have no expection of privacy  or security.  Email is sent using “plain text” and connects through many computers (routers and mail servers) on its way to you.  Most mail servers maintain backups of their emails.

So all of these computers and backup devices are out of your control, yet have unencrypted patient data sitting on them.

With the new powers invested in the Privacy Commissioner, a business can now be required to pay a civil penalty order of up to $1,700,000 for serious data/privacy breaches.  Ouch.

VaperTrail is designed with security and privacy in mind.  Critical patient information is available via secure, encrypted browser access utilising state-of-the-art technologies.  No need to RDP into the office: all the critical information is available to mobile Anaesthetists via VaperWeb, the secure component of VaperTrail.  See how we’ve put data security at the centre of what we do…