RACGP Healthed data breach exposes personal details
pAdvertisingpp Michelle
Wisbey pp
Michelle Wisbey
pp
The RACGP says the incident highlights the importance of cybersecurity while the educator confirmed it has taken steps and notified those impacted
pp
The personal details of a large number of GPs have been published online in a data breach leaving doctors feeling significantly concerned
Australian healthcare educator Healthed confirmed that late on Sunday 14 July the company became aware of a vulnerability within the Healthed website
It traced this to work undertaken by a thirdparty contractor
This vulnerability led to the names email addresses postal addresses and mobile phone numbers of participants who attended Healtheds facetoface educational seminars becoming publicly available a spokesperson told newsGP
Healthed acted swiftly to resolve the issue within two hours of it being discovered and immediately advised its delegates and staff of the incident via email
Healthed deeply regrets the unauthorised sharing of personal contact details caused through this incident
The company confirmed that no other personal information was compromised
RACGP President Dr Nicole Higgins told newsGP the breach is a reminder of the importance of cybersecurity and education
People need to remember that we also all use Facebook Tik Tok Instagram every day and that our information and data is being collected by external agencies she said
Its really challenging when your data is being shared which is why the RACGP has multiple layers in place for early detection
There are practical things that GPs can do when they attend education events or anything in their role as GPs and that is to use the practice address and the practice phone number as their contact details rather than putting personal information down
The breach is the latest in a long list of recent incidents which have impacted GPs practices and patients
In May MediSecure was affected after the personal and health information of individuals was made public and last year one Brisbane practice suffered after its email was hacked
Dr David Adam RACGP Expert Committee Practice Technology and Management member described this latest breach as really not good enough
People are pretty upset about this and you can certainly understand why he told newsGP
GPs have their own practice systems and if we make a mistake we have to take that on the chin we have to take responsibility for our patients data and we should expect these groups to take responsibility for their data
I just dont see anyone taking it seriously unless theres a significant fine or consequences for making this kind of mistake
A Healthed spokesperson confirmed the company has since taken action to prevent a similar breach occurring in the future
The integrity and security of data held by Healthed is a key priority for the company which has taken steps to ensure its website is now fully secure to prevent a similar incident from occurring again they said
But Dr Adam said for GPs especially having their personal details available online is concerning
Im sure that some of our more vulnerable members feel significantly concerned about this he said
There are some doctors who have risk from patients or former partners or that kind of thing and they do take their privacy extremely seriously as they should
Unfortunately the standard cybersecurity advice everyone gets given is about using strong passwords and multifactor authentication but none of that helps this sort of situation because its completely out of our hands
The RACGP has created several resources for GPs and practices to help bolster their cybersecurity and information on what to do if their practice is breached
Log in below to join the conversation
pp
cybersecurity data breach
ppAdvertisingppAdvertisingpp
Login to comment
pp
Dr Daniel Thomas Byrne
17072024 73310 AM
pp
When will the RACGP bring in two factor authorisation to access your website
pp
Dr J
17072024 101225 AM
pp
Just getting too hard Thank goodness I am at end not beginning of my career
pp
Dr Benjamin James Weatherhead
18072024 20800 PM
pp
Thankfully I went to the effort of getting my details removed from their database a few years ago after attending an event once and being hounded by calls texts emails faxes and letters from them It took countless replies on my part to get them to finally listen and acquiesce my request Never again
ppTerms and conditions Privacy statement RACGP recruitGP AJGPpp 2018 The Royal Australian College of General Practitioners RACGP ABN 34 000 223 807p
Wisbey pp
Michelle Wisbey
pp
The RACGP says the incident highlights the importance of cybersecurity while the educator confirmed it has taken steps and notified those impacted
pp
The personal details of a large number of GPs have been published online in a data breach leaving doctors feeling significantly concerned
Australian healthcare educator Healthed confirmed that late on Sunday 14 July the company became aware of a vulnerability within the Healthed website
It traced this to work undertaken by a thirdparty contractor
This vulnerability led to the names email addresses postal addresses and mobile phone numbers of participants who attended Healtheds facetoface educational seminars becoming publicly available a spokesperson told newsGP
Healthed acted swiftly to resolve the issue within two hours of it being discovered and immediately advised its delegates and staff of the incident via email
Healthed deeply regrets the unauthorised sharing of personal contact details caused through this incident
The company confirmed that no other personal information was compromised
RACGP President Dr Nicole Higgins told newsGP the breach is a reminder of the importance of cybersecurity and education
People need to remember that we also all use Facebook Tik Tok Instagram every day and that our information and data is being collected by external agencies she said
Its really challenging when your data is being shared which is why the RACGP has multiple layers in place for early detection
There are practical things that GPs can do when they attend education events or anything in their role as GPs and that is to use the practice address and the practice phone number as their contact details rather than putting personal information down
The breach is the latest in a long list of recent incidents which have impacted GPs practices and patients
In May MediSecure was affected after the personal and health information of individuals was made public and last year one Brisbane practice suffered after its email was hacked
Dr David Adam RACGP Expert Committee Practice Technology and Management member described this latest breach as really not good enough
People are pretty upset about this and you can certainly understand why he told newsGP
GPs have their own practice systems and if we make a mistake we have to take that on the chin we have to take responsibility for our patients data and we should expect these groups to take responsibility for their data
I just dont see anyone taking it seriously unless theres a significant fine or consequences for making this kind of mistake
A Healthed spokesperson confirmed the company has since taken action to prevent a similar breach occurring in the future
The integrity and security of data held by Healthed is a key priority for the company which has taken steps to ensure its website is now fully secure to prevent a similar incident from occurring again they said
But Dr Adam said for GPs especially having their personal details available online is concerning
Im sure that some of our more vulnerable members feel significantly concerned about this he said
There are some doctors who have risk from patients or former partners or that kind of thing and they do take their privacy extremely seriously as they should
Unfortunately the standard cybersecurity advice everyone gets given is about using strong passwords and multifactor authentication but none of that helps this sort of situation because its completely out of our hands
The RACGP has created several resources for GPs and practices to help bolster their cybersecurity and information on what to do if their practice is breached
Log in below to join the conversation
pp
cybersecurity data breach
ppAdvertisingppAdvertisingpp
Login to comment
pp
Dr Daniel Thomas Byrne
17072024 73310 AM
pp
When will the RACGP bring in two factor authorisation to access your website
pp
Dr J
17072024 101225 AM
pp
Just getting too hard Thank goodness I am at end not beginning of my career
pp
Dr Benjamin James Weatherhead
18072024 20800 PM
pp
Thankfully I went to the effort of getting my details removed from their database a few years ago after attending an event once and being hounded by calls texts emails faxes and letters from them It took countless replies on my part to get them to finally listen and acquiesce my request Never again
ppTerms and conditions Privacy statement RACGP recruitGP AJGPpp 2018 The Royal Australian College of General Practitioners RACGP ABN 34 000 223 807p
