HISO 10029.3:2023 Health Information Security Framework Guidance for Medium to Large Organisations
This document is designed to support medium to large organisations holding patient personally identifiable health information.
Pātiki and Waharua Kōpito patterns
About this item
- Issue date:
- 28 July 2023
- Status:
- Current
- Corporate Authors:
- Health Information Standards Organisation (HISO), Health New Zealand | Te Whatu Ora,
- Type:
- Guide,
- Topic:
- Health information technology,
- Copyright status:
© Crown Copyright, Attribution 4.0 International (CC BY 4.0)
- ISBN:
- 978-1-99-106732-6 (online)
The HISO 10029.3:2023 Health Information Security Framework Guidance for Medium to Large Organisation provides details on the requirements and relevant guidance supporting the core framework document.
This segment from the core framework document i.e., HISO 10029:2022 Health Information Security Framework is defined as health organisations that fall into two or more of the following categories:
- organisations that may have presence at one or more geographic locations and supported by technology setup
- staffing of greater than 25 personnel
- manages a population of greater than 10,000
- may have some employees in-house managing IT that may be further supported by external IT and security suppliers
- may be involved with health data collection from other regional healthcare providers and have data warehouses or similar setup
- may be involved in providing IT support to other healthcare providers
- may be involved with integrating or developing software systems or web applications in-house.
Related documents
The following documents are also available for reference:
- HISO 10029:2022 Health Information Security Framework (HISF)
- HISO 10029.1:2023 Health Information Security Framework Guidance for Hospitals
- HISO 10029.2:2023 Health Information Security Framework Guidance for Micro to Small Organisations
- HISO 10029.4:2023 Health Information Security Framework Guidance for Suppliers