Skip to content

Keeping Aged Care Cyber-Safe

Cybersecurity in the care sector

The increased reliance on technology goes hand in hand with a greater need for cybersecurity across all industries, with solid cybersecurity measures within the health and aged care sectors critical to ensuring the ongoing protection of sensitive, personal, and medical-related data.

Data and technology have been common themes throughout the Royal Commission into Aged Care Quality and Safety. The term technology or technologies is mentioned 26 times in the 107 pages Final Report, including recommendations for broader adoption of digital care systems.

Following significant cybersecurity attacks and breaches in the past years, in addition to the Royal Commission recommendations, the importance of cybersecurity within the aged care and health care sectors is front and centre in terms of planning for the future within the industry.

Providers must make sound operating decisions going forward to ensure continued compliance and protection of their data.

Cyber Security in Aged Care

Cyber Security in Aged Care

Given the large number of Australians who access both health and aged care providers annually, it is clear that providers hold unrivalled amounts of sensitive, personal, and medical information that is essential in terms of patient care, and critical in terms of organisational operations.

There is no doubt that this data is precious, and therefore at significant risk of attack by hackers who could easily on-sell the information for a tidy profit, should they be able to access it. Given this data’s importance and critical nature, one would assume that cybersecurity would be at the forefront of providers processes. However, sadly, this is not and has not been necessarily the case.

Dr George Margelis, the Independent Chair of the Aged Care Industry Information Technology Council (ACIITC), has indicated that he believes there has been a failure within the aged and healthcare sectors to prioritise cybersecurity, despite the strong push for the sector to adopt and implement technology.

ACIITC CIO Forum committee chair Gavin Tomlins says cyber-attacks are not uncommon for Australia’s aged care providers.


“Cybersecurity is very lacking in the whole industry at this present point in time,” Mr Tomlins said.


Recent incidents

Aged Care Australia

Supporting the Aged Care Industry Information Technology Council (ACIITC) statements is the recent cybersecurity attacks within the aged and health care sectors.

In August 2020, Aged Care provider Regis Aged Care was the subject of a ransomware attack, and shortly after, fellow aged care provider Anglicare also suffered a similar incident. Both incidents prompted the Department of Health and the Australian Cyber Security Centre (ACSC) to issue an urgent warning to providers to reduce their risk of any potential or future attacks and make care providers aware that cybercriminals target the industry.

Further incidents related to cybersecurity breaches have occurred in April 2021, including a well-documented attack on UnitingCare Queensland. On this occasion, multiple Queensland hospitals and aged care providers were completely crippled by a cybersecurity attack, which resulted in substantial disruptions to internal systems and saw these healthcare providers working without IT systems for a considerable period.

These attacks impacted all operational systems, such as patient organisation and booking systems, internal staff emails, and saw the organisations revert to old school, paper-based operations.

The cybersecurity attacks, particularly the 2021 attacks, highlighted how crippling attacks of this nature could affect the providers themselves and impact the overall public perception of the industry in terms of the security of personal records and information.

The public requires a level of trust from providers and needs reassurance that their personal and medical information is always safe and secure. Breaches such as those mentioned above certainly create a sense of insecurity for patience, consumers and relatives, and reduce their trust in providers and their processes.

Royal Commission

Technology in the care industry

Through the Royal Commission into Aged Care Quality and Safety’s Final Report, the Royal Commissioners included a strong focus on data and information.

The Final Report highlighted the various challenges and identified the limitations that the current aged care infrastructure and architecture has. The Report also identified the inefficient and inaccurate record-keeping for clinical and administrative information management and discussed issues with integration to My Health Records.

The Report Identified that current systems are not reliable for collecting and managing information across government, aged care services, hospitals, and other health care providers, with several recommendations, particularly recommendation 108, outlining ways the sector can improve into the future, particularly in terms of integration of records and management.

How ionMy addresses the cybersecurity issues with our best-in-class cyber-security protocols

Happy aged care residents

With the health and care industries facing unprecedented challenges and external pressures related to data and cybersecurity, ionMy offers a robust Governance, Risk and Compliance software that can generate cost savings and greater levels of protection and efficiency for aged care providers.

At ionMy, we understand that risks to cybersecurity in the care and health industries are real, and we take it very seriously.
With the use of the ionMy platform, clients can have peace of mind that their data is protected with best-in-class cybersecurity protocols when using ionMy’s hosting solution.

Given the increasing reliance on technology in recent years and the planned future use of technology, as indicated by the Royal Commission into Aged Care Quality and Safety’s recommendations, cybersecurity is a critical issue for providers. By affiliating with companies such as ionMy, and using our best-in-class hosting solutions, providers can confidently protect their data by using platforms that ensure compliance and efficiency in the workplace.

Contact the team at ionMy to see how we can support your organisation with confidence, safety and security going forward, all essential components in the cybersecurity space. Email: | W:

Leave a Reply

Your email address will not be published. Required fields are marked *