By operation of the Public Governance, Performance and Accountability (Establishing the Australian Digital Health Agency) Rule 2016, on 1 July 2016, all the assets and liabilities of NEHTA will vest in the Australian Digital Health Agency. In this website, on and from 1 July 2016, all references to "National E-Health Transition Authority" or "NEHTA" will be deemed to be references to the Australian Digital Health Agency. PCEHR means the My Health Record, formerly the "Personally Controlled Electronic Health Record", within the meaning of the My Health Records Act 2012 (Cth), formerly called the Personally Controlled Electronic Health Records Act 2012 (Cth).
National eHealth Security and Access Framework v4.0
The National eHealth Security and Access Framework (NESAF) provides standards, tools, and guides for the Australian healthcare sector to build and implement secure systems that protect patient data and eHealth-related assets, while providing the provenance required for ensuring patient safety and privacy. (For more details and to download fact sheets, see eHealth Security and Authentication.) NESAF v4.0 is derived directly from previous releases and includes refinements and minor inclusions to improve the value of the current product set. This release consolidates stakeholder feedback from independent reviews by reputable security firms as well as updates based on lessons learned during the application of the framework from the March 2012 release. The NESAF has also been updated to reflect changes to:
- Processes relating to online registration for the My Health Record system;
- The use of NASH certificates; and
- Australian privacy legislation.
The clinical, consumer and business fact sheets published in the NESAF v3.1 bundle are still available from eHealth Security and Authentication. No changes have been made to these fact sheets since their last release. Future release: Three industry guides have been developed for NESAF v4 to address security for healthcare organisations looking at implementing:
- Bring your own device (BYOD)
- Cloud computing
- Secure mobile applications
These guides are currently undergoing industry consultation and will be published in a future minor release.