When it comes to medical and health data, there are lots of things to consider - security, regulatory compliance, and technology stacks among them!
But have you ever considered the all important factors of data sovereignty? Or perhaps you’re not even sure what that really means?
Read on to find out more about how this important topic is at play in the world of digital health.
What is Data Sovereignty?
Data sovereignty is, at its core, quite simple.
It’s the approach of keeping data within the country in which it was created and to whom that data belongs to.
So in our country, it means keeping Australia's data right here in Australia and in the hands of Australian people, our governments and our industry.
This might sound obvious but have you ever stopped to consider how and where data is typically stored?
It’s sometimes surprising for people to realise that lots of the data collected on their favourite apps and platforms (Gmail, Facebook, Twitter) is actually stored in data centres all over the world.
Data sovereignty requires that data be kept in data centres that are physically located in Australia (also known as data residency), and only accessible by Australian people and companies.
Why does Data Sovereignty matter?
Data sovereignty matters because of the questions it raises.
These can include questions around:
- compliance with privacy obligations
- data protection and security
- notification of data breaches; and
- privacy and data security.
Many Australian businesses have legal obligations under Australian privacy laws which require that they implement appropriate safeguards to protect personal information.
Of course, when it comes to sensitive personal data, these obligations become even more onerous.
Data sovereignty in healthcare - what are the implications?
According to the Australian Cyber Security Centre, healthcare is the most targeted sector by cyber criminal, by a significant margin.
In healthcare, the location of data becomes all the more important because of how it impacts the ability to control and protect that data.
As a result, all businesses need robust and comprehensive information security strategies and a strong handle on data sovereignty as a concept - and a practice - in order to ensure their data is protected and located in the safest place possible.
So how can we improve data protection through data sovereignty?
Protecting your data in the right way
Australian healthcare providers are legally required to meet Australian privacy laws and this can be majorly complicated if data is stored in a different country with different - or worse fewer - legal protections.
This is why it’s strongly recommended that you store your data in country, where the legal protections are strongest and most aligned with the country in which you’re operating.
The bonus here is that it better enables Australian authorities to provide assistance, if the worst were to happen and you were to fall prey to a cyber attack.
Need help understanding your data security and safety? Get in touch to see how we can help