As digital health continues to evolve and become embedded in everyday practice, we’re sharing a short series on cyber health to support OTs to build confidence and stay safe. Building on our previous edition on developing good cyber habits, this session focuses on practical steps you can take to strengthen your practice’s cyber security.

Session 2: Strengthening your practice: practical cyber security steps

A few practical steps can make a big difference to your practice’s cyber security. Luckily, most are low-cost and easy to implement.

Start with your accounts

Compromised passwords remain one of the most common entry points for cyber incidents. Strengthen your first line of defence by using strong passphrases, avoiding password reuse, and enabling multi-factor authentication (MFA) wherever possible. One weak password can quickly create a domino effect across your systems.

Keep your systems up to date

Turn on automatic updates and replace software that no longer receives security patches. Stay informed via the Australian Cyber Security Centre, including their guidance on enabling MFA.

Back up your data (and test it)

Backups are essential for continuity of care. Ensure your data is securely stored and encrypted – and importantly, that it can be restored when needed, not just saved.

Find practical guidance here.

Review how your practice operates

Good cyber security isn't just about technology – it's about people and processes too:

• Avoid shared logins
• Remove access when staff leave
• Train staff to spot phishing and scams

Learn from real-world incidents

Recent data breaches highlight how small gaps, such as not enabling MFA, can lead to significant impacts. The Office of the Australian Information Commissioner outlines how compromised credentials continue to play to a major role in healthcare breaches.

Have a plan in place

If something does go wrong, being prepared makes all the difference. A simple cyber incident response plan ensures your team knows what to do and can act quickly.

Why this matters for OTs

Small practices are increasingly being targeted, and even minor disruptions can directly impact service delivery. Taking a proactive approach helps protect client information and maintain continuity of care. In our final edition, we’ll explore how these principles apply when using digital health systems like My Health Record.