To help New Zealand healthcare organisations review the Health Information Security Framework Standard (HISF) requirements we are using a template to filter the compliance level or responsibility. This can reduce the time to review the original HISF documentation and measure alignment with a simple checklist before undergoing a full compliance exercise.
Any health organisation must have a health information security policy to assure patients their information is being treated and protected appropriately. HISF supports organisations preparation and maintenance of such a policy. HISF provides advice about procedures and technical standards that need to be incorporated in a policy and sets out minimum requirements and desired goals at various levels of organisation operational complexity and risk.
Note our template is a generic guide and should be adapted to your organisation by consulting with internal stakeholders and external auditors like Medical IT Advisors.