To help New Zealand healthcare organisations review the HISO 10029:2015 standard Health Information Security Framework (HISF) requirements we are using a template to filter the compliance level or responsibility. This can reduce the time to review the original HISF documentation and measure alignment with a simple checklist before undergoing a full compliance and audit exercise.
Complementary is our online quick HISF self-check. This survey is simple self-check on your organisation readiness to comply with HISF requirements, not a replacement for a full audit, just an initial awareness exercise providing an estimate of your organisation’s risk exposure and alignment to HISF.
Any health organisation must have a health information security policy to assure patients their information is being treated and protected appropriately. HISF supports organisations preparation and maintenance of such a policy. HISF provides advice about procedures and technical standards that need to be incorporated in a policy and sets out minimum requirements and desired goals at various levels of organisation operational complexity and risk.
Note our template is a generic guide and should be adapted to your organisation by consulting with internal stakeholders and external auditors like Medical IT Advisors. The quick HISF self-check is just that and provided as it is with no other claims (place-holder for a lengthy legal disclaimer)!