NESAF - Business Blueprint v3.1

This document describes the purpose, structure and benefits of the NESAF as well as providing detailed implementation advice for healthcare business owners, managers or practice team leads responsible for information security within healthcare organisations. The document will be further developed and refined as feedback is received through consultation.

SHA256 Checksum: 
1.88 MB
Release history
Product component

The NESAF v4 Business Blueprint provides a good understanding of the NESAF methodology and appropriate tools to conduct a risk assessment to secure information. It is intended primarily for practice managers, system owners and healthcare information managers.

By operation of the Public Governance, Performance and Accountability (Establishing the Australian Digital Health Agency) Rule 2016, on 1 July 2016, all the assets and liabilities of NEHTA will vest in the Australian Digital Health Agency. In this website, on and from 1 July 2016, all references to "National E-Health Transition Authority" or "NEHTA" will be deemed to be references to the Australian Digital Health Agency. PCEHR means the My Health Record, formerly the "Personally Controlled Electronic Health Record", within the meaning of the My Health Records Act 2012 (Cth), formerly called the Personally Controlled Electronic Health Records Act 2012 (Cth).

Back to Top