From vision to vigilance: building a secure digital future for health care

Digital health adoption offers clear benefits, yet Australians continue to scrutinise how their information is handled. An information security professional charts the core components of a path forward.

Ongoing large-scale data breaches and incidents make it clear that health care continues to be one of the most exposed sectors, responsible for 18% of notifiable incidents in Australia. Each incident erodes public trust because the public expects their most intimate and sensitive information to be safeguarded without exception. When that trust is broken, confidence in digital healthcare services drops, disclosure becomes less honest and the willingness to adopt innovative technologies declines. Without trust, neither innovation nor quality patient care can progress.

Digital health adoption, from the national electronic health record system to telehealth, offers clear benefits, yet Australians continue to scrutinise how their information is handled. Their willingness to share data depends on strong and visible safeguards, clear consent processes and confidence that governance keeps pace with the technology. Strengthening these foundations is essential as the sector shifts towards predictive and preventative models of care that depend on timely, accurate and responsibly managed data.

ChatGPT-style health applications highlight a double-edged sword of AI in health care. They can support clinical decision-making and improve efficiency, but in the absence of strong governance, clinicians and patients have every reason to be sceptical of their safety and reliability.

Secure-by-design principles and strong consent frameworks must be mandatory if we expect AI to enhance care without eroding trust. For technology leaders, embedding security into every platform and workflow from the outset is non-negotiable. This means early collaboration between clinicians, risk teams and technologists, alongside clear guardrails for emerging technologies. Done well, security becomes an enabler, reducing remediation costs while driving safer, more efficient care.

Interoperability is equally vital. Open standards and APIs allow data to move seamlessly across systems while maintaining compliance. Achieving secure interoperability is not just technical, it requires collaboration across providers, technology partners and regulators to ensure that shared data remains protected end-to-end. Only then can we build connected ecosystems that clinicians can rely on, and patients can trust.

The path forward for secure and safe care has three core components:

1. Embed security and privacy into every digital innovation.
2. Adopt risk-based governance that prioritises patient safety.
3. Develop consent frameworks that empower patients.

Progress will be measured not by platforms deployed, but by patient experience: fewer retold stories, timely access to care, and confidence that their data, and health, are treated with integrity.

*Will Sharpe is Chief Information Security Officer at Telstra Health.

Top image credit: iStock.com/Just_Super