Health sector

Lockstep’s advisory services in the health sector are focused on strategic issues of identity management, policy development, privacy engineering, and Privacy Impact Assessment, with overlaid specialisation in smartcards and health PKI.

Lockstep founder Stephen Wilson has over 29 years experience in advisory and R&D leadership roles, in Australia and the USA.

Decades of experience in the healtcare sector

Stephen has extensive experience in healthcare security, privacy, medical device R&D (in Australia and the USA), quality assurance, and clinical and regulatory affairs. His consulting clients include state & federal health departments, public sector human services organisations, and numerous healthcare IT start-up businesses.

Stephen has long been involved in developing public policy for authentication and privacy. He was an invited member of the Australian Law Reform Commission Developing Technology Advisory Sub-committee (2007-08), and a Ministerial appointment to the National Electronic Authentication Council (1998-2001). He is a foundation member of the Australia-New Zealand chapter of the International Association of Privacy Professionals (iapp-ANZ).

Stephen has authored numerous submissions to government inquiries on health & human services (including the draft National Health Privacy Code in 2003 and the Health & Welfare Access Card in 2007). He has written extensively on electronic health records, health identifiers and privacy. Stephen holds Bachelor’s degrees in Science and Electrical Engineering, and is now doing a PhD at UNSW on the evolution of digital identity.

Lockstep have also assisted with program evaluation, intellectual property strategy, public health research, and clinical trial management.


Lockstep’s health sector clients include:

  • A national peak body in community pharmacy (privacy program)
  • One of the world’s biggest private health insurers (customer identity strategy)
  • Victorian Dept of Health Web Transformation Program (Privacy Impact Assessment – PIA)
  • A state health department (cloud computing PIA)
  • National Authentication Service for Health (acting PKI manager)
  • International Council of Ophthalmology (intellectual propery strategy)
  • Medicare Australia (Gatekeeper PKI accreditation; new Relationship Certificate policy)
  • Queensland Health integrated electronic medical records system (PIA)
  • HealthSMART Victoria (successive PIAs on statewide Patient Master Index and clinical application)
  • South Australia Health (PKI strategy, acquisition plan, policy and key signing ceremony)
  • Queensland Health (new suite of privacy tools and Privacy Impact Assessment)
  • National eHealth Transition Authority NEHTA (authentication business plan, e-signature TRA, PKI advice)
  • Joint Standing Committee on Health Informatics Standards (strategic standards priority review)
  • Department of Health & Ageing (privacy advice)
  • Australian General Practice Network (privacy advice)
  • Hunter & New England Area Health Service (program review)
  • Sydney West Area Health Service (program review)
  • Ozdocsonline (security advice, project management).
Stephen Wilson health profile August 2016a