By operation of the Public Governance, Performance and Accountability (Establishing the Australian Digital Health Agency) Rule 2016, on 1 July 2016, all the assets and liabilities of NEHTA will vest in the Australian Digital Health Agency. In this website, on and from 1 July 2016, all references to "National E-Health Transition Authority" or "NEHTA" will be deemed to be references to the Australian Digital Health Agency. PCEHR means the My Health Record, formerly the "Personally Controlled Electronic Health Record", within the meaning of the My Health Records Act 2012 (Cth), formerly called the Personally Controlled Electronic Health Records Act 2012 (Cth).
National eHealth Security and Access Framework v3.1
The National eHealth Security and Access Framework has been developed as a control mechanism to ‘increase certainty that health information is created and accessed in a secure and trustworthy manner’. It aims to ensure:
- Access to consumer health information is consistently controlled and monitored as it transitions through independent organisations, business processes and systems in the Australian Health Sector.
- The provenance of all electronic health information is traceable from its creation at a verifiable trusted source through its transition and possible augmentation on route to its destination.
NESAF supports organisations engaged in national eHealth to adopt a consistent approach and application of health information security standards, and provides better practice guidance in relation to eHealth specific security and access practices. Some of the key benefits of a National eHealth Security and Access Framework for use in the Australian environment include:
- Promotion of a consistent, risk-based approach to eHealth security and access.
- Consistent interpretation of relevant standards for application in the Australian eHealth environment.
- Provision of a holistic view of security and access requirements within an organisation, that includes controls that are implemented at a business, healthcare, information technology and eHealth specific level, with a greater focus and detailed guidance provided in relation to eHealth specific controls.
- Contemporary better practice guidance on specific eHealth security and access practices
- A document suite that provides different views on the framework for different audiences - business, clinical, technical and consumer.
It is expected that broad application of NESAF within healthcare organisations will contribute to engendering trust within the national eHealth system, thus increasing adoption and uptake of these systems and maximising the expected benefits from these investments.