Skip to main content

HealthCare Standards Conclusion

Overview of the IT standards the New Zealand government mandates for healthcare providers.

Mandatory Service Quality Standards

The Ngā Paerewa Health and Disability Services Standard NZS 8134:2021 came into effect on 28 February 2022 and applies to both public and private healthcare providers. Providers of fertility services, primary birthing centres, hospices, overnight hospital inpatient services (public and private), age-related residential care, residential addiction, mental health, and disability services are required to meet this standard. This standard is also suitable for home and community support and abortion service providers. see Ngā Paerewa Health and Disability Services Standard

Health Information Standards Organisation (HISO) Standards

HISO standards set requirements for the safe, secure and equity-led use of health information in New Zealand. While HISO develops and publishes these standards, they are primarily guidance-based rather than legally mandated for all providers. HISO operates under Health New Zealand | Te Whatu Ora and oversees standards across multiple categories:

Key HISO Standard Categories:

  • API Standards - Technical requirements for developing health information APIs
  • Connected Health Standards - Technical background for the secure health sector network
  • Digital Infrastructure Standards - National standards for digital infrastructure design and implementation
  • Health Record Standards - Structure, content and sharing of digital health records
  • Identity Standards - Consumer and health provider identity data requirements
  • Interoperability Standards - Ensuring different health information systems can work together, including the New Zealand Patient Summary based on the International Patient Summary standard
  • Laboratory Information Standards - Ordering and reporting lab tests and notifiable diseases
  • Medicines Information Standards - Pharmaceutical orders, medication charting and reconciliation
  • Security Standards - Managing health information security

See Health Information Standards Organisation (HISO) documents

Health Information Security Framework (HISF)

HISO 10029:2022 Health Information Security Framework supports all health sector organisations to manage and improve the security of the health information they hold. While HISF is not legally mandatory for all New Zealand businesses, it is highly recommended for organizations in the health and disability sector. However, compliance may be required for organizations in the public health system or those contracting with government bodies.

The framework is segmented for different organization sizes: hospitals, micro to small organisations (25 staff or less), medium to large organisations, and suppliers. It aligns with international standards including AS/NZS ISO/IEC 27001:2013 and references the New Zealand Information Security Manual (NZISM) and Protective Security Requirements (PSR).