Australian Digital Health Agency to develop new cyber strategy and roadmap – Security


The Australian Digital Health Agency is laying the groundwork to develop the next phase of its cyber security program to run from 2025 onwards.



ADHA, which oversees My Health Record, electronic prescriptions and other digital health services, will build on its existing three-year security strategy with a focus on creating a sustainable security workforce, implementing DevSecOps and better “defining” its own role.

The strategy’s development will be spearheaded by Danielle Pentony, who has been CISO since May 2024 after previously acting in the role.

The department is now consulting with the healthcare sector to “incorporate insights and expertise on cyber security”.

In a statement to iTnews, an ADHA spokesperson said the roadmap will build “on the foundations of the current strategy and responding to the changing operating environment and healthcare ecosystem”.

The spokesperson added that the roadmap will be linked to the National Digital Health Strategy and the agency’s “ongoing efforts to enhance cyber security, ensure privacy, and minimise risks in the key infrastructure and services” across healthcare providers and technology partners.

ADHA has now launched a request for information for a “vendor” to help develop the roadmap and understand “gaps in [its] current” security strategy, which runs from 2022 to 2025.

The new roadmap is expected to be presented to ADHA’s board by February.

ADHA recently announced plans to outsource the creation and execution of its next corporate IT strategy, which will “rationalise” an unspecified number of business systems, as well as “maximise use of Dynamics 365”.

It is also looking to improve its healthcare identifiers service through a five-year roadmap, aiming to drive consistency across health, disability and aged care programs.



Source link