DHS adopting secure cloud requirements

The Department of Human Services (DHS) is adopting new requirements for third-party software providers as part of its adoption of the Digital Transformation Agency's Secure Cloud Strategy.

With the DHS's requirements under the Secure Cloud Strategy, applicable Australian software companies will be required to complete an accreditation and compliance process.

The mandatory policy applies to all third parties using cloud services that connect with the department to deliver services such as Medicare, PBS, DVA, NDIS, MyHealthRecord, Aged Care and Child Care.

The accreditation process includes achieving Australian Signals Directorate Certified Cloud Services List (CCSL) Certification, as well as an assurance that all data remain onshore within Australian jurisdiction.

In addition, the strategy highly encourages physical separation of server infrastructure, and policies restricting access to private citizens' data to those with a Negative Vetting 1 (NV1) security clearance from the Australian Government Security Vetting Agency (AGSVA).

The compliance deadline has recently been moved from a fixed date in April to be tied to individual product accreditation renewals.

To help healthcare software providers ensure compliance with the new requirements, Macquarie Telecom subsidiary Macquarie Cloud Services has bolstered its Launch Health Cloud product offering with upgraded functionality.

The company is also planning to hold a series of information sessions to provide advice about the new medical software accreditation requirements, starting with an event in Sydney on 21 March.

Image credit: ©iStockphoto.com/pearleye

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.