Checklist & Resources

Essential checklist and links for natural therapists on data privacy and security in Australia.

Checklist

Resources

Understanding your Obligations

Secure Data Handling & Storage

Cloud Storage

https://www.digitalhealth.gov.au/sites/default/files/2020-11/Cloud_services-Considerations_for_healthcare_organisations.pdf

https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/health-service-providers/guide-to-health-privacy

Role Based Access Control

https://blueprint.asd.gov.au/design/shared-services/microsoft-365/rbac

https://www.cyber.gov.au/protect-yourself/securing-your-devices/how-secure-your-device/secure-your-user-account

Data Retention

https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/self-assessment-checklist-privacy-obligations-under-the-data-retention-scheme

Password & Access Control

Strong Passwords

https://www.cyber.gov.au/learn-basics/explore-basics/passphrases?ref=search

Multi-Factor Authentication (MFA)

https://www.cyber.gov.au/learn-basics/explore-basics/mfa

Update Passwords

https://www.oaic.gov.au/engage-with-us/consultations/personal-information/guide-to-securing-personal-information-update

https://www.oaic.gov.au/privacy/australian-privacy-principles/australian-privacy-principles-guidelines/chapter-11-app-11-security-of-personal-information

Cybersecurity & Network Protection

Updating & Patching

https://www.cyber.gov.au/learn-basics/explore-basics/update-your-devices

Cybersecurity Incident Response Plan

https://www.cyber.gov.au/resources-business-and-government/governance-and-user-education/incident-response/cybersecurity-incident-response-planning-practitioner-guidance?ref=search

Back up & Recovery

https://www.cyber.gov.au/learn-basics/explore-basics/set-and-perform-regular-backups

Data Breach Response

Data Breach Response Plan

https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/preventing-preparing-for-and-responding-to-data-breaches/data-breach-preparation-and-response/part-2-preparing-a-data-breach-response-plan

https://www.oaic.gov.au/privacy/notifiable-data-breaches

Signs of a Data Breach

https://www.cyber.gov.au/report-and-recover/have-you-been-hacked

Security Audits

https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/small-business-cyber-security

https://www.institutedata.com/us/blog/how-to-conduct-a-cyber-security-audit/

Secure Client Communication & Marketing

APP-Compliant System

https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/privacy-impact-assessments/guide-to-undertaking-privacy-impact-assessments

PII + HI not in Emails

https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/small-business-cyber-security/securing-customer-personal-data

Opt-in & Unsubscribe

https://www.legislation.gov.au/C2004A01214/latest/text

Training & Awareness

Free Training

https://www.cyber.gov.au/resources-business-and-government/exercise-in-a-box

Phishing Emails

https://www.cyber.gov.au/learn-basics/explore-basics/recognise-and-report-scams?ss=true

Procedures for Data handling

https://www.oaic.gov.au/privacy/privacy-legislation/the-privacy-act/health-and-and-medical-research

Risk Management

Cyber Insurance

https://insurancecouncil.com.au/campaigns/defend-critical-infrastructure/cyber-risk/

Risk Assessment

https://www.cyber.gov.au/resources-business-and-government/essential-cybersecurity/essential-eight/essential-eight-assessment-process-guide?ref=search

Staying up to date

https://www.cyber.gov.au/about-us/view-all-content/publications

Unsure? Overwhelmed?

Reach out for assistance with data privacy and security resources. We have many options to suit all needs and budgets.

Our mission is to support all Natural Therapists with their data privacy & security.