Cyber security resources for suppliers
Assess your cyber security capability to meet Health New Zealand expectations.
Pātiki and Waharua Kōpito patterns
On this page
About these tools and templates
These resources are designed to help suppliers meet expectations for maintaining the confidentiality, availability and integrity of the information and systems provided to Health New Zealand.
Suppliers as defined by the Health Information Security Framework (HISF) core framework include service providers of on-premises or cloud services. e.g., software resellers, medical device resellers or implementors, internet service providers, outsourced service providers or software as a service (SaaS) providers to the health sector.
These resources align with the HISF Guidance for Suppliers (HISO 10029.4:2025).
HISO 10029:4:2025 Health Information Security Framework - Guidance for Suppliers
Helper Document – HISF Guidance for suppliers
Practical guidance and relevant resources to help meet HISF.
Helper Document – HISF Guidance for suppliers [DOCX, 1.3 MB]
Frequently Asked Questions (FAQs) HISF for suppliers
Common questions related to the use of the HISF that are often asked by suppliers.
Security Frameworks
You will find additional guidance on the Health Information Security Framework on the Security Frameworks page.