Securing member information

Security of information technology systems to protect member information

Cyber-attacks have become more sophisticated and happen more often. Keeping member information secure within systems like Provider Web continues to be a focus for Southern Cross Health Society.

If your practice or facility uses Provider Web, it’s important you are aware of your obligations (as stated in Appendix 8 of your Affiliated Provider agreement) to ensure your systems are secure. This includes ensuring your access to Provider Web doesn’t compromise members’ personal and health information while you use Provider Web.

Keep your information technology (IT) security system current

We are constantly reviewing and developing our responses as the threat to IT security systems and information changes. We want to highlight how important it is that you do the same.

Some of the fundamentals to maintain your IT system security include:

• ensuring password controls are enforced and passwords are updated regularly
• ensuring that supported, modern browsers are used to access Provider Web
• using an up-to-date operating system such as Windows 10
• considering phishing attacks as a key risk to manage.

Helpful information

To learn more, please visit the following websites.

• The Southern Cross Trust Centre. You’ll find information about our safeguarding measures.
• The Medical Council of New Zealand (MCNZ) supply guidelines for the use of electronic communication.
• The Privacy Commission website has useful information about IT privacy.
• Health Informatics New Zealand (HINZ) is a not-for-profit organisation that supports the field of digital health.
• New Zealand Health IT (NZHIT) is a body that helps the New Zealand digital health sector.
• The Computer Emergency Response Team New Zealand (CERTNZ) has the top 11 cyber security threats to consider.