About this item

Issue date:
23 December 2022
Corporate Authors:
Health Information Standards Organisation (HISO), Te Whatu Ora - Health New Zealand
Health IT
978-1-99-106707-4 (online)

The Health Information Security Framework supports all health sector organisations to manage and improve the security of the health information they hold.

HISO 10029:2022 Health Information Security Framework is our complete refresh of the standard for the new operating environment under the health reform. This new edition will be published in multiple parts, each addressing the security requirements for the different segments identified, i.e., hospitals, micro to small organisations, medium to large organisations and suppliers. This first part of the framework was published following a HISO public comment process, and it defines the overall security framework in terms of obligations, segmentation, requirements and guidance.

We now have the following documents available for reference:

Guidance and templates for other segments will be released from 2023 onwards.

For segments that are yet to be released, we advise users to refer to HISO 10029:2015 Health Information Security Framework for any requirements or controls that are not outlined in the new edition. We encourage users to check this page periodically for updated guidance as this is made available.

Contact us at standards@health.govt.nz for questions or further information.