HISO 10029.4:2025 Health Information Security Framework Guidance for Suppliers
This document for suppliers provides details on the requirements and relevant guidance supporting the HISF core framework.
Pātiki and Waharua Kōpito patterns
About this item
- Issue date:
- 6 May 2025
- Status:
- Current
- Corporate Authors:
- Health Information Standards Organisation (HISO), Health New Zealand | Te Whatu Ora
- Type:
- Guidance, Guide
- Topic:
- Health information technology
- Location:
- National
- Copyright status:
© Crown Copyright, Attribution 4.0 International (CC BY 4.0)
The HISO 10029.4:2025 Health Information Security Framework Guidance for Suppliers provides details on the requirements and relevant guidance for suppliers supporting the core framework document.
This segment from the core framework document i.e., HISO 10029:2022 Health Information Security Framework is for suppliers who are defined as a service provider of on-premises or cloud services. e.g., internet service provider, outsourced service provider, software as a service (SaaS) provider to the health sector.
Summary of updates
This data sheet outlines the new and/or updated requirements included in the 2025 release of the HISO 10029.4 HISF Guidance for Suppliers. It states the changes made to the 2023 version and assists readers in comparing it to the new 2025 version. This is intended to support understanding of the changes in a timely manner.
Data sheet - Update to HISF Guidance for Suppliers [DOCX, 186 KB]
Additional resources for suppliers
- Additional cyber security resources for suppliers are available on the Cyber Hub page
Cyber Hub - Cyber Security Resources