Project Secure Health: General practices offered free cybersecurity

Matt Woodley

13/06/2024 3:30:28 PM

US tech company Cloudflare has partnered with an Australian not-for-profit to protect clinics against ‘ever-increasing’ cyberattacks.

Cybersecurity graphic
Project Secure Health is offering general practices with 50 staff or less access to a suite of cybersecurity options.

Small-to-medium general practices can now access free cybersecurity thanks to a new initiative that aims to defend clinics against data breaches, ransomware attacks, phishing scams, and insider threats.
The partnership between San Francisco-based IT company Cloudflare and The Critical Infrastructure – Information Sharing and Analysis Centre (CI-ISAC Australia) was announced earlier this week and will provide practices with Zero Trust Security for free under its new initiative: Project Secure Health.
‘GP clinics are the first points of call to care for our health yet are often left unprotected with limited resources available to safeguard the significant amounts of patient data they hold,’ Head of Cloudflare ANZ Steve Bray said.
‘With this program, Cloudflare is ensuring that Zero Trust capabilities are accessible to smaller organisations that are most relied upon by their communities.’
Project Secure Health is offering general practices with 50 staff or less access to: 

  • Cloudflare Gateway, reducing the risk against crippling internet threats by preventing staff from accessing harmful or inappropriate content, like ransomware or phishing sites
  • Cloudflare Access, which manages user access and enforces multi-factor authentication to internal applications, thereby minimising the risk of unauthorised users gaining access
  • CI-ISAC Intelligence, tailored threat intelligence products and services, informed by observations across Australia’s critical infrastructure sectors.  
Dr David Adam, a member of the RACGP Expert Committee – Practice Technology and Management, told newsGP the announcement represents a ‘surprising but positive’ development, as cybersecurity represents a ‘real challenge’ for general practices.
‘Practice owners and managers could use this as an opportunity to review their existing arrangements and decide whether they can save money and potentially improve their preparedness by taking up this offer,’ he said.
‘Access to threat intelligence is something that most practices will rely on their IT providers for, and the services of CI-ISAC will allow our providers and our management teams to be better informed.’
CI-ISAC Australia is a not-for-profit organisation that aims to help build the collective defences of critical infrastructure to protect them from crippling cyberattacks.
Under the new initiative, CI-ISAC Australia is offering eligible GP clinics free ongoing membership, which will enable them to proactively understand and respond to healthcare-specific cyber threats.
The not-for-profit entity will also provide practices with accessible and actionable cyber threat information specific to healthcare entities in Australia. 
‘Australia’s GP clinics are the foundation of local communities’ health,’ CI-ISAC CEO David Sandell said.
‘These small and vitally important organisations fulfil our society’s primary healthcare needs [and] as such, are the point where a vast amount of sensitive patient information is collected.
‘However, despite their criticality, GP clinics are typically under-resourced and struggle to provide even basic cybersecurity resources, which is where CI-ISAC’s collective approach can empower GPs to improve their cyber resilience and protect patient data.’
Meanwhile, Cloudflare is used by more than 20% of the entire internet for its web security services, and in Q1 2024 reportedly blocked an average of 1.1 billion cyber threats per day in Australia alone.
‘Cloudflare Access is a good contender for replacing existing VPN software and gaining better usability and performance, as well as the potential for stronger security guarantees,’ Dr Adam said.
‘I certainly think our practice will be considering this as an option in the near future.’
General practices interested in participating in Project Secure Health can contact CI-ISAC at
The RACGP’s Information security in general practice also contains helpful advice for anyone considering their current situation and potential changes.
Log in below to join the conversation.

Australia CI-ISAC Cloudflare cybersecurity phishing ransomware

newsGP weekly poll Would you be willing to provide a firearms health assessment for your patient?

newsGP weekly poll Would you be willing to provide a firearms health assessment for your patient?



Login to comment