Wesfarmers Health - Data and cyber security
Cyber security and data governance are critical to Wesfarmers Health’s operations and reputation.
Community expectations regarding the collection, use and protection of personal information continues to evolve, especially where the data contains sensitive information and relates to the health and wellbeing of individuals. Wesfarmers Health recognises the importance of establishing and maintaining the trust of those whose data it holds, maintaining community confidence and adhering to legal and regulatory standards.
Focus areas this financial year
This financial year, Wesfarmers Health prioritised the alignment of its data, digital and cyber strategies with the broader Wesfarmers Group.
A data governance team that reports to the General Manager Digital and Data was formed to enhance data governance and privacy procedures. The initial focus for this team is to:
- update current policies and procedures, including formalising procedures for data sharing
- refresh training on privacy and data literacy
- establish a framework to support the business’s digital and data growth agenda.
Wesfarmers Health has invested in implementing additional security strategies following the rise in cyber related attacks. These investments are focused on:
- increasing cyber security capability
- improving active monitoring systems to identify and manage cyber events
- strengthening encryption protocols to maintain confidentiality and protection of customer data.
No material data breach or cyber-related impacts or disclosures were noted in the 2023 financial year.
Wesfarmers Health is working with external partners to support its security strategies, including:
- data hosting services to run retail platforms at scale and securely
- developing consumer applications to protect customer data
- investing in developing licenced software as a service (SaaS) platforms to provide key financial management services to increase the ease of transacting safely and securely online.
Wesfarmers Health will continue to engage and collaborate with these partners, to improve cyber security capability and strengthen controls to mitigate the risk of cyber attacks. Wesfarmers Health acknowledges team members have a role to play in reducing cyber security risks and intends to offer team members ways to improve their digital literacy and awareness through mandatory training.