Updates to My Health Record Connecting Systems – Security Conformance Profile
The Agency published the My Health Record Connecting Systems Security Conformance Profile v1.0 on the Agency’s Developer Portal in September 2024. Learn more.
Conformance activities aim to reduce risks and define how third-party software should operate when connected to national digital health systems for transactions.
Digital health products and systems should be designed, developed and operated in a manner that is consumer-centred, safe, secure and interoperable, to enable quality, easier access to information, and trust in healthcare services.
The Australian Digital Health Agency (ADHA) Conformance and Assurance Section undertakes conformance activities in line with its the Conformance Framework. This framework guides the Agency’s approach to engaging with software developers to develop solutions that are integrated with national digital health systems. and develop solutions that interact in alignment to Agency conformance requirements.
Conformance activities conducted by the Agency are designed to mitigate risks and specify the way third-party software must behave when it has a connection to enable transactions with national digital health systems.
Conformance services
The Agency’s Conformance Framework includes:
- Development of conformance profiles and conformance test specifications
- Design, development and maintenance of conformance artefacts including test data and test tools
- Support in understanding specific conformance requirements and the conformance journey
- Delivery of conformance assessments
- Conformance monitoring, reporting and continual improvement
Related content
Conformance Services End of Year Availability
The Agency would like to advise all developers on the availability of its conformance services, including conformance assessments and support, throughout the end of year holiday period and office closures.
My Health Record Connecting Systems Security Conformance Profile Implementation Timeline
The survey on the proposed implementation timeline for the My Health Record Connecting Systems Security Conformance Profile v1.0 is under review.
Online Technical Support (OTS) and Software Vendor Test (SVT) environment notifications
Online Technical Support (OTS) and Software Vendor Test (SVT) environment notifications
Developer guides
Electronic Prescribing - Mobile Applications - Conformance Process
A mobile application or web-based application can be used by a subject of care or carer to manage prescriptions and to present an electronic prescription token to a pharmacy.
Electronic Prescribing - Mobile Intermediary System - Conformance Process
A mobile intermediary system is a software product that a mobile application uses to connect to, and interact with, the National Prescription Delivery Service (NPDS) and/or Active Script List Registry (ASLR).
HI Service - Test and Go Live
All products developed, or updated, to connect with the HI Service are required to undergo testing before production access is granted.
HIPS - Conformance
Overview of the HIPS conformance journey
My Health Record Connecting Systems - Security Conformance Profile - FAQs
The Security Requirements for My Health Record Connecting Systems Conformance Profile contains software requirements that harden clinical information systems from cyber security attacks, uplift information security and protect patient information and your software product.
My Health Record Notice of Connection (NoC) and Conformance Compliance and Declaration (CCD) testing
To integrate software products with the My Health Record system, two types of testing are required.