Security Behaviours

Security awareness and promotion of strong security behaviours complement technical controls. When human and technical controls are implemented at the same time it provides multiple layers of security helping prevent a variety of external attacks and minimises those that are attributed to internal sources.

It takes time to change behaviour and to build awareness of information security. Investing in workforce security awareness and education can help identify threats attempting to compromise data or avoid inadvertently disclosing sensitive information.

A key element of addressing and mitigating a healthcare organisation’s risks is having employees follow information security policies, use strong security practices, stay up to date with emerging security threats and recognise the risks that apply directly to their role.

Just as having regular health check-ups can make you more aware of what you need to do to stay healthy, keeping abreast of emerging security risks means you are better placed to prevent or manage an incident.

Download: Security Behaviours – developing a positive security culture within healthcare organisations (PDF, 530KB)

For additional information security guidance see: