Home
Committees
HISAC
Standards
Infrastructure
National Collections
Office
Role and Function
Staff
Action Zones
Overview
Implementation
Networking
NHI
HPI
ePharmacy
eLabs
eDischarges
Long Term Conditions
eReferrals
Outpatients
Primary Care
National Systems
Anchoring Framework
News
Media Releases
Newsletters
Links
Image Library
Presentations
Health Network
How do I join?
Information Pack
Applications
FAQs
Standards
Approved
In Development
Public Comment
Projects
Consumer Forum
GP2GP
eLabs
Contact
Search:
Print this
Email this
Print this
Email this
Frequently Asked Questions
The Health Network
Q: What is the Health Network?
The Health Network established in 2005 provides New Zealand with an essential platform for the secure collection, access and exchange of electronic health information between healthcare providers. The current Health Network is an evolution of the 1999 Health Intranet. The Connected Health Programme, part of the Ministry of Health’s National Systems Development Programme, will further enhance current Health Network capabilities. For more information regarding Connected Health
click here
.
Q: Who constitutes the Health Network?
The Health Network is a closed community comprised of accredited VPN (Virtual Private Network) providers, security solution providers, information service providers, users, administration and governance.
Q: Who is responsible for the governance of the Health Network?
The Infrastructure Sub-Committee (ISC) of Health Information Strategy Action Committee (HISAC) is the appointed governance body for the Health Network: appointed members are selected for their broad healthcare sector understanding, regarding such things as consumer and care provider concerns related to health information confidentiality and privacy. Governance responsibilities include ensuring that appropriate standards, policies and procedures are in place: this includes establishing policies to mitigate risk of any security breach to the network and ensuring ongoing validation of policies against issues arising with network security, which are reportable to the VPN (Virtual Private Network) provider.
Q: How many users/members are there in the Health Network?
In June 2008, the Health Network membership total is over one thousand, including 600 General Practitioners and 21 District Health Boards. Membership also includes primary healthcare organizations, laboratories, pharmacies, midwives and private hospitals.
Q: Who has access to the Health Network?
Presently, only healthcare providers who are registered Health Network members have access to the Health Network. If you are a healthcare provider, you can register by
applying to HISAC
.
The Health Network Interconnection Agreement
Q: What is the Interconnection Agreement?
The Health Information Strategy Action Committee (HISAC) initiated the Interconnection Agreement with the support of the Ministry of Health. The Interconnection Agreement is an industry-defined solution for a neutral interconnection point to connect secure VPN (Virtual Private Network). HISAC worked with Telecom/Gen-i, TelstraClear and Healthlink, the three accredited VPN providers in New Zealand, to develop the Interconnection Agreement. Virtual Private Network providers must sign the Interconnection Agreement in accordance with the Health Network Code of Practice: Telecom/Gen-I and TelstraClear are current signatories.
Q: What is the neutral interconnection point?
The neutral interconnection point is an information routing appliance that enables a Health Network connected party to send and receive information from another Health Network connected party via a single connection point. Through the Request for Proposal (RFP) process, the three VPN (Virtual Private Network) providers selected Datacom to run the neutral interconnection point: all VPN (Virtual Private Network) providers continue to be involved in the implementation plan with Datacom.
Q: What are the benefits of the Health Network interconnection for health professionals, now and in the future?
A major benefit for health professionals using an accredited health network is that they have access to available health IT systems and applications without needing to know which network administers the systems. The implementation of a neutral interconnection point reduces barriers to the entry of new suppliers and is a necessary step for the transition to Connected Health. Health providers using the neutral interconnection point to access the Health Network are positioned to migrate to
Connected Health
.
Existing Ministry applications such as the National Health Index lookup and Pharmac Special Authorities will progressively become available only via the neutral interconnection point. In future, other new Ministry of Health applications will be exclusively delivered via the neutral interconnection point. These future applications include those that will deliver services such as:
online pharmacy claiming
eReferrals and discharges
electronic prescribing
Health Practitioner Index lookup
General practice patient notes transfer (on patient request)
B4 School checks
Secure email for confidential communication
laboratory test orders and results transfer
Q: What does the neutral interconnection point mean to the VPN (Virtual Private Network) providers?
The implementation of a neutral interconnection point creates a level playing field and reduces barriers to the entry of new suppliers who can provide accredited cost effective security connections to Health Network members. The neutral interconnection point is also a necessary transition step to Connected Health.
Health Network Security
Q: What is in place to ensure Health Network security?
The Health Network is a closed community made up of interlinked, encrypted Virtual Private Networks (VPN). All data is required to be fully encrypted at all times during transmission. All available Health Network hardware products are certified as secure by international standards. After discussing your requirements and your desired level of service, an accredited VPN (Virtual Private Network) provider will install the firewall security device in your practice and configure it to provide a secure connection to the internet and to the rest of the Health Network. VPN (Virtual Private Network) providers have different approaches to configuring and managing their product, such as how much control they undertake in your local environment.
Users of the Health Network must be registered and comply with certification and security requirements for their local environments. Each member is subject to conformance checks against criteria set forth in the Health Network Code of Practice. Members are also responsible for reporting security incidents to their VPN (Virtual Private Network) provider.
Q: What are the requirements for a VPN (Virtual Private Network) to be a member of the Health Network?
In 2002, Standards New Zealand developed the Health Network Code of Practice as the accreditation standard for all Health Network members, including telecommunication providers. To acquire accreditation, a VPN (Virtual Private Network) provider must be assessed annually against the Code of Practice in order to acquire an annual Certificate of Compliance.
Q: What are the requirements for a user, such as GP (General Practitioner) to be a member of the Health Network?
To join the Health Network, a potential user must register with HISAC, connect using an accredited VPN (Virtual Private Network) provider, and meet the security standards outlined in the Health Network Code of Practice. Meeting the security standards involves ensuring policies and procedures are in place to protect patient data stored, exchanged or transmitted by the GP practice. The standards are designed to meet international standards for environmental security. HISAC has a generic
small practice security policy document (Word, 154 KB)
that can be used as a template by the GP in their practice environment.
Q: What is the Health Network Code of Practice?
The Health Network Code of Practice is based on New Zealand health and privacy legislation, industry principles for the protection of personal health information and the International Standards Organization (ISO) information technology standards. Health Network members need to demonstrate that they have policies and procedures in place to address third party access, personnel security, physical and environmental security, systems development and maintenance and technical compliance as well as risk management for any security breach.
Last Updated 2 July 2008
