About this item
- Issue date:
- 6 May 2025
- Status:
- Current
- Corporate Authors:
- Health Information Standards Organisation (HISO), Health New Zealand | Te Whatu Ora
- Type:
- Guidance, Guide
- Topic:
- Health information technology
- Location:
- National
- Copyright status:
© Crown Copyright, Attribution 4.0 International (CC BY 4.0)
On this page
The HISO 10029.4:2025 Health Information Security Framework Guidance for Suppliers provides details on the requirements and relevant guidance for suppliers supporting the core framework document.
This segment from the core framework document i.e., HISO 10029:2022 Health Information Security Framework is for suppliers who are defined as a service provider of on-premises or cloud services. e.g., internet service provider, outsourced service provider, software as a service (SaaS) provider to the health sector.
Helper Document – HISF Guidance for suppliers
These resources are designed to help suppliers meet expectations for maintaining the confidentiality, availability and integrity of the information and systems provided to Health New Zealand.
Suppliers as defined by the Health Information Security Framework (HISF) core framework include service providers of on-premises or cloud services. e.g., software resellers, medical device resellers or implementors, internet service providers, outsourced service providers or software as a service (SaaS) providers to the health sector.
Practical guidance and relevant resources to help meet HISF.
Summary of updates
This data sheet outlines the new and/or updated requirements included in the 2025 release of the HISO 10029.4 HISF Guidance for Suppliers. It states the changes made to the 2023 version and assists readers in comparing it to the new 2025 version. This is intended to support understanding of the changes in a timely manner.
Data sheet - Update to HISF Guidance for Suppliers [DOCX, 186 KB]