Think before you click – protect your healthcare consumers
Digital technology is an integral part of our daily lives and the benefits are huge for the health sector. However, we need to stay vigilant when we browse the internet, send emails and use social media. It is important that we stop and consider the risks to make sure we don’t fall victim to a security incident, such as a malicious software attack or an online scam.
While email provides a fast, convenient way to send and receive information it’s not always the best option, particularly for sensitive information. Email is also frequently used for scams, phishing and distribution of malicious software, so it is important to be on your guard when using email.
Before you click ‘send’, think:
Is this email appropriate, or would it cause damage to myself, my healthcare consumers or my employer if it fell into the wrong hands (or was made public)?
By default, email is not secure. Unless it is encrypted, email can be read during transmission, and consequently, unencrypted email should not be used to send sensitive information, such as healthcare information.
Before you click on the link in an email, think:
Is this a genuine email, or could it be a scam?
If you are unsure of whether an email is legitimate, do not click on links, open attachments or reply.
Additional information about phishing and using email safely is available on the Stay Smart Online website; and information about the latest scams is available on the ScamWatch website, including information in The little black book of scams and the publication If it sounds too good to be true ... it probably is.
Before you click ‘post’, think:
Should I be posting this information on a social media site, or would it cause embarrassment to me, my healthcare consumers or my workplace if it were known publicly?
Always take care to check images before posting – ensure there is nothing sensitive in the background of the image, such as healthcare consumers or their healthcare information (e.g. electronic records, paper files or information on a whiteboard).
It is also important to ensure that the maximum privacy settings are used on all social media platforms (but remember – this does not provide a guarantee, it just helps to reduce the risk of your information being accessed or compromised).
Remember: Once you post something online, you have lost control of who accesses it and what they do with it. More information about socialising online safely is available on the Stay Smart Online website.
Before you click ‘connect’, think:
Is this WiFi network secure?
Remember: If you don’t need to enter a password to connect to the WiFi, your connection isn’t secure. With the right tools, anyone connected to the network can see the unencrypted information you send, and can also capture session cookies which can potentially allow the attacker to login as you, even if they don’t know your username and password.
To improve security, you can install a reputable virtual private network (VPN) solution on your device to create an encrypted ‘tunnel’ that allows data traffic to pass securely over public WiFi networks. Otherwise, it is best to limit use of public WiFi for general internet browsing and avoid entering sensitive information.
Additional information about using WiFi safely is available on the Stay Smart Online website.
Use our resources to share this message
The Australian Digital Health Agency has developed a range of social media tiles and posts that you can share across your social channels to help promote the message to ‘Think before you click’.
- Think before you click ‘send’ - Download image (JPG, 86.3KB)
- Think before you click links in emails - Download image (JPG, 125KB)
- Think before you click ‘post’ - Download image (JPG, 126KB)
- Think before you click ‘connect’ - Download image (JPG, 94.4KB)
- Suggested social media posts - Download posts: PDF (461KB) and Word version (282KB)
A printer-friendly version of this information is also available below:
Other useful sources of information include:
- Information Security Guide for Small Healthcare Businesses – guidance for non-technical health professionals on the topics of privacy, passwords, software updates, back-ups and staff security awareness.
- Stay Smart Online (staysmartonline.gov.au) – a wide range of resources for individuals and small businesses, including a free alert service, which provides information about the latest online threats and how they can be managed.
- Scamwatch (scamwatch.gov.au) – information for individuals and small businesses about how to recognise, avoid and report scams, including Scamwatch Radar a free alerts service about the latest online scams.