HISO 10029:2022 Health Information Security Framework (HISF)
The HISF is designed to support health sector organisations and practitioners to manage the security of personally identifiable health information.
Pātiki and Waharua Kōpito patterns
About this item
- Issue date:
- 23 December 2022
- Status:
- Current
- Corporate Authors:
- Health Information Standards Organisation (HISO), Te Whatu Ora - Health New Zealand
- Type:
- Guide
- Topic:
- Health IT
- Copyright status:
© Crown Copyright, Attribution 4.0 International (CC BY 4.0)
- ISBN:
- 978-1-99-106707-4 (online)
The Health Information Security Framework supports all health sector organisations to manage and improve the security of the health information they hold.
HISO 10029:2022 Health Information Security Framework is our complete refresh of the standard for the new operating environment under the health reform. This new edition will be published in multiple parts, each addressing the security requirements for the different segments identified, i.e., hospitals, micro to small organisations, medium to large organisations and suppliers. This first part of the framework was published following a HISO public comment process, and it defines the overall security framework in terms of obligations, segmentation, requirements and guidance.
We now have the following documents available for reference:
- HISO 10029:2022 Health Information Security Framework (HISF)
- HISO 10029.2:2023 Health Information Security Framework Guidance for Micro to Small Organisations
Guidance and templates for other segments will be released from 2023 onwards.
For segments that are yet to be released, we advise users to refer to HISO 10029:2015 Health Information Security Framework for any requirements or controls that are not outlined in the new edition. We encourage users to check this page periodically for updated guidance as this is made available.
Contact us at standards@health.govt.nz for questions or further information.