The Agency recognises that certain conformance requirements outlined in the Security Requirements for My Health Record Connecting Systems Conformance Profile draft v1.1 (Security Profile) establish shared responsibility for implementation between software developers and healthcare provider organisations (HPO). In most cases, software developers are expected to provide the necessary software functionality, while healthcare provider organisations may play a role in ensuring that the functionality is enabled, configured, and used appropriately.
The description of responsibility for each role should serve as guidance for implementers and is based on the Security Requirements for My Health Record Connecting Systems Conformance Profile draft v1.1.