Information Security Guide for small healthcare businesses

Your healthcare business or practice has access to valuable digital information entrusted to you by healthcare consumers, suppliers and employees. The information and systems your business uses to access and store this information are critical to its ability to operate.

If criminals compromise your computer systems or steal important business information, your business may suffer significant financial loss, possible legal liability, reputational damage and your customers’ personal information may be misused for fraudulent purposes. Some cyber attacks may cause you to lose access to critical business systems or Internet bandwidth making it difficult to run your business.

The Information Security Guide for small healthcare businesses has been developed by the Australian Digital Health Agency (the Agency) and the Australian Government's Stay Smart Online service. The Agency promotes the use of safe and secure digital health services and systems to improve health outcomes. The Stay Smart Online service provides advice to help people and small businesses protect their personal and financial information when using computers and other internet connected devices.

Download: Information Security Guide for small healthcare businesses (co-branded with Stay Smart Online) Online Version (PDF, 876kB)

First published October 2017; second edition published December 2018.

For additional information security guidance see:

  • Toolkit for selecting secure IT products and services
  • Papers for Senior Managers and IT Professionals on preventing a ransomware attack
  • Briefings on patch management for Senior Managers and IT Professionals to reduce known security vulnerabilities
  • Advice for everyone to think before you click and avoid phishing scams
  • Guide to creating a positive security culture by encouraging security behaviours.