New security requirements for My Health Record


By Dylan Bushell-Embling
Wednesday, 21 December, 2022
New security requirements for My Health Record

The Australian Digital Health Agency (ADHA) is introducing new security requirements for clinical information systems to connect with the My Health Record digital health record system.

The new requirements will take affect in April. Software vendors with clinical software products designed for use in GP clinics, pharmacies and allied health services will need to ensure they comply with the enhanced security requirements using a phased approach.

The conformance profile was co-developed with stakeholders including regulators, software vendors and security experts.

ADHA plans to support the industry with their transition to the new requirements by providing visibility of the conformance profile in advance of the official implementation period, and will be fielding questions and comments on the profile and proposed phased implementation schedule up until the April start date.

Included in the new profile is an evidence-based list of security requirements that harden clinical information systems from cybersecurity attacks and enhance the information security for data held on the clinical systems. The requirements align with best-practice standards recommended by the Australian Cyber Security Centre.

Each vendor with software products connected to My Health Record will be required to submit an extensive file of evidence to demonstrate conformance to each of these requirements.

ADHA Acting Chief Digital Officer Dr Holger Kaufmann said the new requirements are important considering the growing threat posed by cyber attacks and malicious threat actors.

“Protecting sensitive information is essential in the provision of healthcare services and is a fundamental capability that is required to enable connected healthcare systems and safe, seamless, secure and confidential information sharing across all healthcare providers,” he said.

“The Agency has and will continue to work with clinical information system vendors to provide support and guidance to further secure and protect their software for the benefit of patient privacy, national infrastructure, and their own businesses.”

Image credit: iStock.com/LeoWolfert

Related News

IMT sector was Australia's most targeted in 2023: report

The information, media and technology sector has been the Australian industry most targeted...

ISACA identifies gaps in AI knowledge, training and policies

85% of digital trust professionals say they will need to increase their AI skills and knowledge...

VNC accounts for nearly all remote desktop attacks

Virtual Network Computing accounted for 98% of remote desktop attacks recorded by Barracuda last...

Content from other channels on our network

$3.6 million in shared solar for ACT apartments

Low-orbit satellites help out electrical crews

Budget 2024: energy experts respond

How MTDCs can help address today's data centre power challenges

Wall of solar for German factory

Breakfast event to explore connectivity for emergency response

High-frequency operation in a dynamic metasurface antenna

Teltronic and Crosscall agree to integrate their solutions

Global 5G connections reached 1.76 billion in 2023

AceComms partners with Hitachi Energy on industrial internet

Why SEHO Selective Systems are changing the way manufacturers solder boards using through hole designs

Eco-friendly battery for low-income countries

Unravelling the mystery of slow electrons

Laser tech used to develop deformable energy storage device

Laser printing on fallen tree leaves produces sensors for medical and laboratory use

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd