Cyber security resources for Primary Healthcare providers
Ensure that your organisation is HISF compliant, secure, and prepared for a cyber incident.
Pātiki and Waharua Kōpito patterns
On this page
About these tools and templates
These tools and templates have been developed in collaboration with a panel of experts from Primary Healthcare Organisations, General Practice NZ, Allied Boards, general practitioners, and the Pharmacy Guild of NZ to help you protect your organisation, systems, people and health data.
This guidance has been tailored for micro to small organisations (defined by HISF as 25 staff or less) to help you meet the requirements and implement controls.
Information security clauses
A comprehensive list of information clauses that may be used in contracts for suppliers of information, data systems, and related services.
Information security policy
A starting point for creating a Information Security Policy to meet your organisation's needs, based on the Health Information Security Framework.
Evaluating an IT supplier
Questions and sample answers to use when evaluating an Information Technology (IT) supplier to understand how well the supplier is supporting you.
Download: Risk assessment guidance and template - XLSX, 33 KB
This template provides guidance on how to conduct cyber security risk assessments, and starting points for risks to consider in your organisation.
Download: Asset inventory workbook - XLSX, 41 KB
We recommend you track your hardware and software assets. Complete a full inventory to begin with and update as you change your systems over time.
Pātiki and Waharua Kōpito patterns
Cyber incident advice for primary healthcare
You will find additional guidance on how to prepare and respond to cyber incidents on the Cyber incidents page.