$599 + GST Get My Health Check

In about an hour, see exactly where you're exposed, turn your gaps into a prioritised action plan you can track, and get a professional report you can show your insurer, regulator, or banner group — no IT knowledge needed.

When ransomware locks a pharmacy, the dispensary stops.

The scenario is terrifyingly common: a pharmacy opens on Monday morning to find the dispensing software locked. Scripts can't be filled. PBS claims can't be lodged. The Schedule 8 register is inaccessible. Patients who need their medications today are turned away. The ransom demand: pay $50,000 in Bitcoin or lose everything. Some pharmacies pay and still lose their data. Others spend weeks rebuilding—if they can recover at all. Unlike most businesses, your outage is a patient-safety problem, not just a revenue one.

Your patient and medication records are incredibly valuable to criminals. Dispensing histories contain everything needed for identity theft, insurance fraud, and prescription fraud: Medicare numbers, dates of birth, addresses, and complete medication profiles. Unlike a credit card that can be cancelled, this information is permanent. A stolen health record is worth 10-50 times more than a credit card number.

The Pharmacy Board, AHPRA, and the Privacy Act have real consequences.

Protecting patient confidentiality isn't just an ethical duty — it's a registration requirement. The Pharmacy Board of Australia and AHPRA can impose conditions on, suspend, or cancel the registration of pharmacists whose practices suffer preventable data breaches. The Privacy Act adds penalties up to $50 million for failing to protect health information, which counts as "sensitive information" needing higher protection. State drugs-and-poisons laws impose their own record-keeping duties. "Our software vendor handles IT" is not a defence.

PBS Online and Medicare claiming are high-value targets.

Your PRODA and PBS Online credentials provide access to claiming, prescription data, and My Health Record. Compromised credentials mean fraudulent PBS claims lodged in your name, bulk claiming irregularities, and Department of Health investigations that take months to resolve. Multi-factor authentication isn't optional anymore—and when did you last review who in the pharmacy has access?

Controlled-substance fraud starts with compromised pharmacy systems.

Criminals target pharmacies specifically to access Schedule 8 records and dispensing systems—particularly for opioids and other drugs of dependence. If your dispensing software or real-time prescription monitoring access is compromised, you could find records altered or fraudulent supplies attributed to your pharmacy. Health regulators and police will come knocking, and proving what happened takes months.

This health check is built specifically for pharmacies.

Plain-English questions covering dispensing software protection (Fred, Minfos, LOTS, Aquarius, etc.), PBS Online / PRODA and My Health Record access, Schedule 8 register and real-time prescription monitoring security, electronic prescription handling, point-of-sale and payment systems, patient records, and staff awareness. No technical jargon—designed so any pharmacy owner or manager can complete it and understand the results.

What you get:

64
Plain-English Questions
Specific to pharmacies—no technical knowledge required
Clear Security Score
See exactly where you're protected and where you're exposed
Prioritised Actions
Gaps ranked by risk, then turned into a phased action plan you track to completion
Professional Reports
Comprehensive Word report with scores, recommendations, and improvement plan

What your results look like

Finish in about an hour and you get a clear overall score, a breakdown across every security domain, and every gap turned into a prioritised action plan you can track and export. (Example output.)

Cyber Security Health Check results screen showing an overall score and maturity across Essential, Recommended and Advanced practice levels
Your overall score, plus maturity across Essential, Recommended and Advanced practices.
Domain Maturity Analysis showing a score-by-domain bar chart and a gap risk distribution pie chart
A breakdown across every security domain, with your gaps grouped by risk level.
What You're Doing Well section highlighting the security areas where the business is already strong, with a score and an Excellent rating
It's not just problems — it highlights what you're already doing well, too.
Identified Gaps table listing each gap with time, cost, urgency, risk and priority, plus a plain-English recommendation
Every gap ranked by priority, each with a plain-English recommendation.
Action Register table listing chosen actions with owner, due date and status, plus a Download register Excel button
Turn gaps into a tracked action register — owner, due date, status, export to Excel.

What You Receive

Every assessment generates a comprehensive report. Download a sample below.

Summary Report

Plain-English findings with scores, prioritised improvement plan, risk associations, and resources

Download Sample

Complete it in about 60 minutes. No technical knowledge required. Your data never leaves your device.

Who is this for?

Pharmacy owners, proprietor pharmacists, and pharmacist managers responsible for the business. Independent pharmacies and banner-group stores alike. Any community pharmacy that runs dispensing software, claims through PBS Online, and handles patient records—and wants to understand its cyber security posture without needing IT expertise.

AI-Powered

Your Assessment Includes a Personal AI Security Advisor

Two AI assistants are built into the tool — one to help you during the assessment, one to help you make sense of your results. Like having a security professional on call.

During the assessment

Not sure what a question is asking? Just ask.

Every question in the assessment has an AI helper built in. Tap it and ask anything — "What does this question actually mean?", "Can you give me an example?", "Why does this matter for my pharmacy?" — and you'll get a plain-English explanation instantly.

  • Explains technical concepts in everyday language
  • Gives real-world examples relevant to your industry
  • Never suggests how to answer — just helps you understand
  • No technical background required to complete the assessment
AI question helper explaining a cyber security question in plain English during the assessment
Assessment question interface showing radio button answer choices and plain English guidance
After you finish

Available the moment you see your results.

Once your results are in, an AI security advisor can answer any question about what they mean — in plain English, like talking to a security professional. It can even draft a phased action plan from your specific gaps — what to fix first, next, and over time.

  • "Explain my highest risk gap in simple terms"
  • "Walk me through how to fix action #3"
  • "Which gaps are easiest to fix myself?"
  • Ask anything — your advisor knows your specific results
AI Personal Security Advisor chat interface showing results-based guidance after completing the health check

Get the Pharmacy Cyber Health Check

Get My Health Check
$599 + GST
Instant download · 30-day money-back guarantee · Runs entirely on your device

Common Questions

Why are pharmacies targeted by cyber criminals?
Pharmacies sit on a uniquely valuable mix of data and access — patient medication histories, My Health Record connections, PBS Online and Medicare claiming credentials, and Schedule 8 controlled-drug registers. Patient health data commands the highest prices on dark web markets, and compromised dispensing systems can be used to generate fraudulent prescriptions for controlled substances. Ransomware is especially damaging: when the dispensary software is locked, a pharmacy cannot dispense a single script.
What cyber security obligations do pharmacies have?
Pharmacists are registered health practitioners, so the Pharmacy Board of Australia and AHPRA Code of Conduct require reasonable precautions to protect patient information. The Privacy Act 1988 and Australian Privacy Principles impose obligations on all businesses handling health information, which is "sensitive information" requiring higher protection. State drugs-and-poisons regulations require secure record-keeping for Schedule 8 medicines, the My Health Records Act requires security controls for connected providers, and PBS Online participation requires protecting your PRODA and claiming credentials.
What does the Pharmacy Health Check cover?
The health check covers dispensing software security (Fred, Minfos, LOTS, Aquarius and similar), My Health Record and PBS Online / PRODA credential protection, Schedule 8 controlled-drug register and real-time prescription monitoring access, electronic prescription handling, patient and medication data protection, point-of-sale and payment security, staff access management, device and network security, backup and recovery procedures, and incident response planning for community pharmacy.
What do I receive after completing the health check?
You receive a professional Word report with an overall security score and recommendations prioritised by risk. The report is tailored to pharmacy risks — not generic small business advice — and is suitable for sharing with your pharmacist manager, professional indemnity insurer, banner group, or IT provider.

View all frequently asked questions →

Further Reading

Resource

AHPRA Cyber Security Requirements for Health Practitioners

What AHPRA's Code of Conduct and the Privacy Act require from pharmacies and other health practitioners — and what 'reasonable steps' looks like in practice.

Read the guide