Blood sector systems to boost cybersecurity

Share

The National Blood Authority (NBA) implements important ICT security improvements to safeguard the integrity of its Blood Sector Systems, including BloodPortal, BloodNet, BloodSTAR, ABDR, and MyABDR. Australia’s blood supply management systems require strict security protocols to safeguard sensitive health information from cyber threats. Enhancing security strengthens the Australian public sector’s cybersecurity framework. 

The NBA strengthens the digital frameworks that support the country’s blood supply chain, safeguarding against data breaches and improving the robustness of vital health services. The NBA enhances its ICT security protocols to safeguard public health data and align with Australia’s national cybersecurity strategy, especially as cybersecurity threats advance.

MFA strengthens security

The National Blood Authority (NBA) implemented Multi-Factor Authentication (MFA) as a crucial security improvement for all its Blood Sector Systems, including BloodPortal, BloodNet, BloodSTAR, ABDR, and MyABDR. MFA requires users to provide two or more verification methods before they can access their accounts, enhancing security significantly. This additional security measure significantly reduces the risk of unauthorized access, safeguarding sensitive health information within these systems.

MFA combines an element that the user knows, such as a password, with another element that the user has, such as a verification code sent to a mobile device or email. The NBA emphasises that “MFA is one of the best ways to protect against someone breaking into your account, keeping the sensitive health information stored in our systems secure.”

This initiative aligns with the principles established by the Australian Cyber Security Centre, emphasising the vital role of MFA in safeguarding essential digital infrastructure. The NBA implements MFA to ensure adherence to national cybersecurity standards and enhance the robustness of Australia’s public sector digital infrastructure. By implementing sophisticated security measures that safeguard public health information and ensure the reliability of vital health services, the NBA demonstrates its commitment.

Enhancing password security

The NBA updates its password management protocols to enhance security measures. The recent updates extend the required password reset timeframe from 90 days to 12 months, provided users log in consistently. This adjustment strikes a balance between user ease and security, reducing the need for frequent password updates while maintaining strict security protocols. Ensure your passwords contain at least 14 characters and include both uppercase and lowercase letters. 

This approach enhances security and reduces the risk of password-related breaches. The NBA introduced new measures to prevent account lockouts from incorrect login attempts, implementing a short lockout period after several failed tries. This approach safeguards against brute-force attacks and ensures genuine users recover access with minimal interruption.

AHPRA verification enhanced

Another notable improvement is the enhanced matching capabilities of the Australian Health Practitioner Regulation Agency (AHPRA) within BloodSTAR, the system for managing blood and blood products. The NBA enhances the verification process by cross-checking the full names of health practitioners against their AHPRA registration. This ensures that only approved professionals enter the system, minimising the likelihood of unauthorised access to confidential health information. 

BloodSTAR automatically suspends roles for any practitioner whose AHPRA registration changes, enhancing the safeguards in place. The system will restrict access until the practitioner confirms their registration is current and valid. This improvement upholds the integrity of the blood management system by ensuring that only qualified and currently registered practitioners make vital decisions concerning blood products.

Revised user guidelines

The National Blood Authority (NBA) introduced significant revisions to the Terms and Conditions of Use for all Blood Sector Systems, effective 15 September 2024. The proposed changes reflect the latest advancements in ICT security and illustrate how users contribute to preserving the integrity and security of these systems.

An important update indicates the need for users to actively safeguard their access credentials. The NBA enforces strict rules that prohibit users from sharing their login information and require them to actively protect their accounts. The updated terms state that “Users are required to take all necessary precautions to prevent unauthorised access to their accounts, including the use of complex passwords and regular updates.”

The updates include measures that oversee and evaluate user engagement within the systems. The NBA oversees access and usage trends to identify and thwart any unauthorised or questionable actions. These measures play a key part in the overarching initiative to strengthen cybersecurity within Australia’s public health infrastructure. The NBA actively safeguards sensitive health information and maintains the seamless functionality of its systems.

Strengthening cybersecurity measures

The National Blood Authority (NBA) recently enhanced ICT security, significantly strengthening the cybersecurity framework in Australia’s public sector. The NBA strengthens digital systems that oversee and safeguard essential health data, enhancing the resilience and security of Australia’s healthcare infrastructure.

The reduction of risks associated with data breaches and cyberattacks has a significant impact on organizations. Implementing multi-factor authentication (MFA) and enforcing stringent user access controls safeguard sensitive health information from unauthorised access. The NBA’s 2024-25 Corporate Plan highlights that “Protecting the integrity of our blood sector systems is not just about safeguarding data; it is about ensuring the uninterrupted supply of vital healthcare services across the country.”

These actions directly impact the overall stability of Australia’s public health sector. These security measures strengthen the NBA’s digital infrastructure and reduce potential weaknesses that cybercriminals could exploit. This proactive approach aligns with national cybersecurity priorities, as the Australian Government’s cybersecurity strategies emphasise the need to safeguard critical infrastructure from emerging threats.

The NBA actively updates and refines its security protocols, significantly contributing to the Australian Government’s cybersecurity goals. The NBA adopts leading practices and implements strong security protocols, establishing a benchmark for other public sector organisations and enhancing the cybersecurity framework throughout the country.