System security

MALT is a system that stores data related to surgical procedures and as such contains sensitive data relating to clinical cases and surgical performance. This was recognised by the College since inception with both the approach and supporting IT systems ensuring safety of the data.

Importantly, before entering data, the system requires confirmation that the information being entered has the appropriate permission/consent obtained, depending on the hospital/institution where the clinical interaction occurred.

The ownership and responsibility for data entered into MALT is with the Fellow/Trainee/International Medical Graduate or doctor undertaking Post Graduate Year experience who enters the information. It is not overseen or owned by RACS.

Approved reports can be generated to provide logbook summary data for the purpose of reports to training boards. Training boards can make the submission of these reports by the Trainee compulsory. Further reports can be generated by MALT and its associated reporting tools.

The system was built on the latest Microsoft .NET platform. It uses a 2048-bit key to encrypt the network traffic that goes out to the Internet from the MALT system. This is an extremely high encryption key in use by Australian and United States government agencies to encrypt highly sensitive data. The method of encryption is not advertised through messages or signs on the MALT homepage.

The web server that the MALT system is hosted on is configured in a perimeter network which deliberately separates it by firewall technology from other internal RACS systems. RACS undertakes regular security tests to ensure its systems are safe from hacking.

The daily back-up is held on dedicated software located in Australia.