Data Security

BCOR is hosted at Monash University and managed by Helix. The Monash Registry Database security is maintained using encryption of data, a managed and audited protocol for access, training and accreditation of personnel, and role-based access and authentication of data.

Monash Registry Databases are housed and managed in an ISO 27001 certified environment. The ISO 27001 certification incorporates the Privacy Act (1988) and Health Records Act (2001) within its Applicability Statement. External hosts would be expected to have similar Acts incorporated into their Applicability Statement.

Access to information collected by BCOR is subject to strict protocols and procedures to ensure that privacy, confidentiality and ethical principles are maintained at all times. The provision of data is subject to an agreed ethics protocol approved by relevant organisations such as hospitals and cancer registries.