Healthcare provider data breaches - framework for crisis communication and support of patients and healthcare workers in mental healthcare.

Increasing numbers of healthcare data breaches highlight the need for structured organisational responses to protect patients, trainees and psychiatrists against identity theft and blackmail. Evidence-based guidance that is informed by the COVID-19 pandemic response includes: timely and reliable information tailored to users' safety, encouragement to take protective action, and access to practical and psychological support. For healthcare organisations which have suffered a data breach, insurance essentially improves access to funded cyber security responses, risk communication and public relations. Patients, trainees and psychiatrists need specific advice on protective measures. Healthcare data security legislative reform is urgently needed.

Psychiatric electronic health records in the era of data breaches - What are the ramifications for patients, psychiatrists and healthcare systems?

OBJECTIVE: To update psychiatrists and trainees on the realised risks of electronic health record data breaches. METHODS: This is a selective narrative review and commentary regarding electronic health record data breaches. RESULTS: Recent events such as the Medibank and Australian Clinical Labs data breaches demonstrate the realised risks for electronic health records. If stolen identity data is publicly released, patients and doctors may be subject to blackmail, fraud, identity theft and targeted scams. Medical diagnoses of psychiatric illness and substance use disorder may be released in blackmail attempts. CONCLUSIONS: Psychiatrists, trainees and their patients need to understand the inevitability of electronic health record data breaches. This understanding should inform a minimised collection of personal information in the health record to avoid exposure of confidential information and identity theft. Governmental regulation of electronic health record privacy and security is needed.