About this item

Issue date:
28 July 2023
Corporate Authors:
Health Information Standards Organisation (HISO), Health New Zealand | Te Whatu Ora
Health IT
978-1-99-106732-6 (online)

The HISO 10029.3:2023 Health Information Security Framework Guidance for Medium to Large Organisation provides details on the requirements and relevant guidance supporting the core framework document.

This segment from the core framework document i.e., HISO 10029:2022 Health Information Security Framework is defined as health organisations that fall into two or more of the following categories:

  • organisations that may have presence at one or more geographic locations and supported by technology setup
  • staffing of greater than 25 personnel
  • manages a population of greater than 10,000
  • may have some employees in-house managing IT that may be further supported by external IT and security suppliers
  • may be involved with health data collection from other regional healthcare providers and have data warehouses or similar setup
  • may be involved in providing IT support to other healthcare providers
  • may be involved with integrating or developing software systems or web applications in-house.