Cyber Security Tips You Shouldn’t Ignore
03 Oct 2025
October is Cyber Security Awareness Month, with this year’s theme, “Building our cyber safe culture,” highlighting that everyone in a general practice has a role to play in keeping systems and patient data secure.
Research from NordPass has revealed that many commonly used passwords, such as “charlie” and “1qaz2wsx3edc,” are extremely easy for hackers to guess—sometimes in less than a second. Using simple or repeated passwords puts both personal and practice data at risk.
Healthcare practices are particularly attractive targets for cyber criminals because of the sensitive data they hold. The health service sector recently reported the highest number of data breaches across all industries, according to the Office of the Australian Information Commissioner.
To strengthen cyber security in your practice, consider the following tips:
1. Watch for phishing attempts
Phishing attacks use fake emails, websites, or messages that appear to come from trusted sources. Always check the sender’s email address or website URL carefully and look out for typos or unusual requests.
2. Consult a cyber security specialist
Engage an IT or cyber security professional to review your practice’s systems. They can guide you on data backup strategies and help you recover information if a cyber attack occurs.
3. Update your passwords
Old or simple passwords are risky. Use strong passphrases consisting of four or more random words combined with numbers and symbols. Avoid personal information and never reuse passwords across multiple accounts.
4. Enable multi-factor authentication (MFA)
MFA adds an extra layer of security by requiring two forms of verification to access systems or devices, making it much harder for unauthorised users to gain entry.
The RACGP has released a new resource, Cyber Security in General Practice, developed with the Australian Digital Health Agency. It provides guidance on preventing, preparing for, and recovering from cyber security incidents. The resource is useful for practice owners, managers, tenant GPs, and all staff members.
This Cyber Security Awareness Month, it’s time to strengthen your practice’s cyber culture and move away from weak passwords like “123456” or “Qwerty123.”
Source: RACGP, NordPass, Office of the Australian Information Commissioner
