The Health Information Security Framework is designed to support health and disability sector organisations and practitioners holding personally identifiable health information to improve and manage the security of that information.
The updated Health Information Security Framework references and is consistent with AS/NZS ISO/IEC 27001:2013; the New Zealand Information Security Manual; the New Zealand Government Risk Assessment Process: Information Security, and the New Zealand Government Protective Security Requirements.
Secure digital communications within the NZ health & disability sector: Implementation guidance
Communication between health agencies is an essential part of healthcare delivery. Ensuring that communications, whether analogue or digital, are secure is a fundamental requirement of a modern health system. E-mail and fax are two of the most common communication tools used in the health sector. The security of information communicated using these tools currently does not always comply with the HISF; this needs to be addressed.
The Ministry of Health and ACC have collaborated to provide this guidance to support health agencies address the security of e-mail and fax communications: