How are you handling client info?
The way you handle, use and manage the personal information of your clients is important. If you provide disability or aged care services, it’s vital to maintain the privacy of sensitive information.
There are a lot of factors and internal processes to consider, but in the modern era where many records are kept electronically, data security has to be a major consideration for organisations both large and small.
Whether you run multiple aged care facilities or you’re a sole trader that offers support coordination to NDIS participants, you need to understand the technology infrastructure and platform requirements for keeping data secure.
Cybercrime is widespread and the criminals involved are well-organised—in fact, 6.09 million Australians were affected last year. Every business is a potential target of hackers and cyber attacks, it’s not just large corporations that need to take precautions.
“Security is always excessive until it’s not enough” — Robbie Sinclair, head of security, Country Energy, New South Wales, Australia.
Are you doing enough to keep data secure?
Australia’s Privacy Act places obligations on organisations that collect personal information. There are 13 Australian Privacy Principles that you can use as a guide to ensure you’re doing the right thing.
As you’d expect, security of personal information is one of these principles—stating that if you hold personal information you must take reasonable steps to protect it: from misuse, interference and loss; and from unauthorised access, modification and disclosure.
Other important principles include ensuring information is accurate, it’s managed in a transparent way, it’s not disclosed to third parties for a different purpose or without permission, and it can be accessed and updated by the person whose information you hold.
Is your cloud-based system compliant?
It makes sense to use the latest technologies to store client information, manage teams and coordinate care for your aged care or NDIS clients. In terms of convenience and accessibility of data within your organisation, a cloud-based system is excellent.
Information stored in the cloud can be shared and updated by multiple people from any location and at any time, so it provides a lot of flexibility. When you use ‘software as a service’ (SaaS) your data is in the cloud, but the underlying infrastructure and security is determined by the provider.
Some organisations or small businesses may be tempted to use free SaaS services like Google Docs, Gmail, Microsoft Office 365 or Asana to manage client information, without fully considering the consequences.
Here’s two important factors to consider:
- If your provider’s data centres are not based in Australia, you’re probably not compliant with the Privacy Act.
- Your business can be held accountable if your client’s data or privacy is breached via issues with your provider’s security.
Using cloud computing services that are hosted offshore means that data flows to jurisdictions that are not governed by Australia’s Privacy Act. Data can be processed across multiple entities and geographies, which can make access and reforms more difficult should issues arise.
Locally-hosted cloud services are the safest bet and you should ensure the provider or system you use to store client information has this base covered.
Comm.care is a secure & reliable choice for care management
Comm.care is a cloud-based, highly secure platform that ensures client data is well-managed and available to your team where and when you need it.
- We use a locally-hosted AWS (Amazon Web Services) data centre with state-of-the-art infrastructure. Your data stays in Australia.
- We use the same development framework system as PayPal and Netflix.
- Additionally, multiple firewalls and network security measures are utilised to secure your data.
Your client’s data is secure from unauthorised internal and external access. Firewalls and password protection prevent external access, while internally, permission controls limit what can be seen by different users.
We advocate for transparency, therefore if any changes are made, the appropriate people are notified, and client consent is required to give a new organisation or person access to their profile.
While our platform is designed to enable collaboration across organisations (where multiple providers support one client), we comply with Australian Privacy laws and only provide access to records with your client’s consent.
“The companies that do the best job on managing a user’s privacy will be the companies that ultimately are the most successful.” – Fred Wilson, venture capitalist.
Setting up your data management systems to ensure you can meet these obligations and keep data secure without breaking the bank, giving your team headaches, or having a qualified IT expert on hand, is achievable. However, you might need to rethink some of your current practices, and upgrade to more reliable record-keeping and client management software.
Talk to us about adopting a more clever and secure care management solution today.