Is your private medical data really safe?
https://youtu.be/3mwu9o6tRpY
Are all staff trained in cyber awareness?
Are staff trained about the Privacy Act?
If a medical practice do staff know what information can or cannot be disclosed?
Does the world know your medical history?
Are medical institutions protecting my personal information adequately?
This week the company The Answer is Yes is highlighting how vulnerable medical institutions are concerning protecting private and personal medical information of patients with some examples of breeches. Read on to see what you can do.
Recent events, as reported by trusted sources, has shown that personal medical records can easily be accessed and misused on the internet.
One report stated that there was a design floor in a software design used in virtually all hospitals in the world. The software allows attackers to exploit the software and once exploited; they could distribute their malicious code to access medical imaging information.
Another report identified criminals selling doctors information on the dark web.
“A hacker compromises the corporate network of a healthcare provider to find administrative paperwork that would support a forged doctor’s identity,” states a report detailing the researchers’ findings.[1]
“The buyer [of the data] then poses as the stolen doctor’s identity and submits claims to Medicare or other medical insurance providers for high-end surgeries.”
“Beyond doctors’ identities, other data targeted included personal medical records and hacked health insurance company, login information.” Stated a representative from a company Carbon Black.
In the case of the hospital software, the user can be tricked into executing the malicious code through social engineering[2]
My medical records are safe, aren’t they?
Simple Steps
A few Simple steps can help mitigate some of the risks mentioned above, such as having decent security software installed, and reviews online can help, which are the best products to choose from.
Train staff to be more ‘Cyber Aware’ through online training. Online training is proven to be the most cost-effective and least time-consuming approach with the most benefits, as highlighted in an Australian report released last year.
Also, you cannot rely on technical solutions entirely; you need a hybrid approach to be more effective. Of course, there is no silver bullet, but you can make a difference, it’s not just the IT departments responsibility within the organisation to stay secure and operationally resilient, it’s everyone!
(Ask your doctor if the practices staff have undergone training in cyber)
Stay tuned for more tips this week.
[1] https://www.independent.co.uk/life-style/gadgets-and-tech/news/dark-web-hackers-doctor-identities-medical-records-cyber-crime-a8943581.html
[2] Social engineering is the art of manipulating people so they give up confidential information or have them do something that would cause a negative effect.
The Future of 9 to 5 Jobs is replaced by Flexible Working Arrangements
Jenni Fraser, National HR Assist
The days of 9 – 5, Monday to Friday working hours are not suitable for all employee lifestyles and how we work is slowly changing. Business is in a transition period that may one day see flexible hours, more part time and/or job-sharing roles and remote work agreements become the norm for employees. As the range of employee needs change and become ever spanning across the different generations, employers will need to adjust how they do business. Flexible hours, shorter days and being able to work away from the traditional office might better suit those employees who are studying, caring for children or ageing parents through to those who are easing into retirement. Business may see the day when the flexibility they offer suits all generations of employees, thereby benefiting businesses with higher productivity and lower absences.
The Flexible Working Arrangements model is changing, with more responsibility on the employer to work with the employee on their requests.
From 1st December 2018, an updated Flexible Working Arrangement model will be added to all Modern Awards. Requests for flexible working arrangements are made under the National Employment Standards (NES). Whilst under the NES there is no obligation for the employer to deal with the employee prior to responding to a request; the new Award inclusion will mean that employers must consult with the employee and try to reach an agreement.
What you need to know
When an employee makes a formal request for a change to their working hours or conditions, the employer must:
- Discuss the request with the employee
- Genuinely try to reach agreement on a change in working arrangements that will reasonably accommodate the employee’s circumstances, having regard to:
o the needs of the employee arising from their circumstances
o the consequences for the employee if changes in working arrangements are not made
o any reasonable business grounds for refusing the request
Under the NES, if refusing the request, the employer must give the details as to why. The new Award term goes further to include that an employer must state:
- The business ground or other grounds relied upon by the employer for the refusal
- How the ground or grounds apply
- If the employer and employee could not agree on a change in working arrangements, whether there are any changes in working arrangements that the employer can offer the employee to better accommodate the employee’s circumstances
- If the employer can offer the employee such changes in working arrangements, details of those changes in working arrangements
If the employer and employee reach an agreement that is different from the initial request, the employer must outline the details in writing to the employee. The NES allows for 21 days in which to respond to requests for flexible working arrangements. Therefore, consultation should take place as early in the process as possible. This will allow for all details or alternative arrangements to be fully discussed and considered prior to the response deadline.
Is your business ready for the changes to Flexible Working Arrangement requests? Do you have accurate policies, procedures and training in place so that your managers know how to handle the requests correctly?
Don’t get caught out with incorrect operating procedures, under the Fair Work Act, there are fines applicable for non-compliance.
If you need help with this or any other areas of HR call now for a no obligation discussion.
Nightly Safety Rituals
Before going to sleep at night most people lock their doors and check their windows. However, there are other nightly routines that could save your family’s life.
Nightly Safety Rituals kids should do
- Before the kids go to bed, they need to clear their floor of toys and obstacles. Toys may become trip hazards should they need to evacuate in a night-time emergency.
Nightly Safety Rituals Parents should do
In 2015 a smoke alarm woke a 78-year-old woman after an overheated wheat bag was left smouldering in a rubbish bin. When the woman tried to escape, the security screen was locked, and fire stopped her from reaching her keys. Firefighters were able to force the door open and the woman was treated for smoke inhalation
- If your doors have deadlocks – LEAVE the keys in the door as you won’t have time to go looking for them if the house catches fire.
- Make sure the keys are in the security screens or you have emergency push out screens. In trying to keep unwanted people out of your home you make yourself a prisoner and no one can rescue you.
- As parents, we often check on the kids before we turn in for the night. When you check on them make sure ALL electronics such as laptops and phones are switched off and not resting on their blankets. This is important as some electronic devices overheat and the bedding could catch fire.
- Close your bedroom door before you go to sleep. A shut door keeps smoke and heat out of the room and gives you time to evacuate the house.
-
Consider putting smoke alarms in all bedrooms
The Royal Children’s Hospital put out a really great Home Safety Checklist
Buy Fire Safety for Home E-Book
Contact Us
Do Evacuation Signs & Diagrams Expire?
Building Fire & Safety Regulation 2008 and AS3745 Planning for Emergencies in Facilities states that businesses must have evacuation signs and diagrams and stipulates what must and what could be on the diagrams.
One thing to note though, is that diagrams do not expire. There are some companies who put a validity date on the diagrams and they use this as an expiry date. Diagrams DO NOT expire! However, you must on an annual basis as part of your Emergency Planning Committee Meeting verify that the layout of the building has not changed. The only time that you need to change the emergency signs and diagrams once created is when there has been a material change to the layout of the building.
Some of the companies that create emergency signs and diagrams also include things such as desks and movable equipment. As these are movable then it is likely that the layout will change due to a business’s growth and that gives some of those companies an excuse to redo the diagrams. Only walls and fixtures such as benches and pallet racking that are secured and fitted into the building need to be on the diagrams as they may impact the egress routes.
If you want professionally rendered evacuation signs and diagrams without the BS from other companies, The Answer is Yes has an online course that can walk you through on marking out your emergency signs and diagrams and if you choose we can have them professionally rendered for you.
Impact of Fire on Your Life and Business
When businesses burn down they have not just lost their physical assets, they have lost customers and their staff in many cases lose their jobs. That is quite apart from the psychological damage that has been caused by the fire. UBC Faculty of Medicine states that
“The impact (of fire) varies according to a range of complex factors including the nature of the loss, the degree of impact and disruption on their lives, the aftermath, the person’s age and their level of psychological adjustment. Most people cope well with losses, although they may experience some degree of distress such as anxiety, depression or sleep disturbance. Grieving the loss of one’s cherished possessions is a natural psychological reaction, although most people are able to move on with their lives”.
From personal experience, waking up to a house fire, I was emotionally and psychologically fine after the fire. Or so I thought. About six years later I was studying, and the lecturer showed a fire training video and it triggered an emotional freak out within me. I had a melt-down moment when I realised that I have four children under the age of five and the fear that I could not save them all in the event of another fire. Even years after the fire, every time we had a BBQ or we went camping I would have to struggle to overcome my absolute fear of fire. It didn’t help to have two boys who were fascinated by fire … one threw an aerosol into a campfire and had his eyebrows and hair singed when it exploded; another time they almost set the neighbours house on fire.
When I started my career in Occupational Health & Safety, I realised I had to overcome my almost terror of fire. Learning to teach fire training helped me to overcome and take control of the variables. Knowledge gave me power. Understanding the mechanisms of fire and what was needed to put a fire out successfully and being able to use the equipment competently assisted greatly. I am still not 100% comfortable being around fire… truthfully I think that played a huge decision in our creating online fire training courses.
