Specialty Systems

 

Standards and specifications

General requirements

Cyber security

The software must demonstrate ability to effectively achieve mitigation strategies in line with ‘Essential 8’.

Privacy

The software must demonstrate adherence to relevant federal, state or territory privacy legislation for example, the Privacy Act 1988 (Federal) or Health Records and Information Privacy Act 2002 (NSW).

The applicable federal legislation is the Privacy Act 1988.

Details of the relevant state and territory legislations are contained under the State and territory requirements section below.

Core requirements

Standards for identification

The system must:  

• support the use of Healthcare Identifiers in accordance with the Healthcare Identifiers Act 2010
• support data capture and storage of unique device identification of medical devices as defined within AS ISO/IEC 15459.4:2023 Information technology — Automatic identification and data capture techniques — Unique identification, Part 4: Individual products and product packages
• support adherence to Patient Identification best practices as outlined by the Australia Commission on Safety and Quality in Health Care
• be able to discover and validate Individual Healthcare Identifiers (IHI) via the Healthcare Identifier (HI) Service Business-2-Business web services
• utilise Individual Healthcare Identifiers (IHIs) to integrate and link records into the local patient record
• support adherence to Patient Identification best practices as outlined by the Australia Commission on Safety and Quality in Health Care.

Where the system stores a local directory for Healthcare Providers it must allow for the storing of:

• Healthcare Provider Identifier-Organisation (HPI-O) numbers
• Healthcare Provider Identifier-Individual (HPI-I) numbers.

Australian Core Data for Interoperability (AUCDI)

The system should support the use of AUCDI Release 1.

Note: The focus of the AUCDI Release 1 is the representation of the clinical content necessary for each of the data groups identified within the Release 1 scope.

Development is continuing to enhance AUCDI.

Standards for data sharing

The system should:  

• support the authoring and consumption of clinical documents in Fast Healthcare Interoperability Resources (FHIR®) formats
• be capable of using HL7 FHIR-compliant API when sending clinical information
• be capable of using HL7 FHIR-compliant API when receiving clinical information.

If the system stores, transmits, retrieves, prints, processes or displays medical imaging, it must:

• support the DICOM standard.

Standards for terminology, code sets and classifications

Where appropriate the system must:

• support Systematised Nomenclature of Medicine-Clinical Terms AU (SNOMED CT-AU)
• support the use of Australian Medicines Terminology (AMT) for the storage of patients’ current medicines.
• support Logical Observation Identifiers Names and Codes (LOINC®)
• support Data Set Specifications including but not limited to National Minimum Data Sets (NMDS), as defined within Australian Institute of Health and Welfare Metadata Online Registry (Meteor)
• support the Australian Refined Diagnosis Related Groups (AR-DRG) classification
• be capable of using METEOR for recording clinical information with data specifications
• be capable of using Nutrition Care Process Terminology (NCPT)
• be capable of using Rapid Response System (RRS) terminology
• support the inclusion of medicines listed on the Australian Register of Therapeutic Goods (ARTG)
• support Pharmaceutical Benefits Scheme (PBS) updates to determine eligibility
• support Standardised Pathology Informatics in Australia (SPIA)
• support the use of the Private Health Insurance (prostheses) rules and the current versions of the prosthesis list including the drafted Prescribed List Guide.

The system should:

• support person and provider identification in healthcare National Best Practice Data Set
• support the National Clinical Terminology Service (NCTS)
• support the capture of information to support Australian PBS regulatory requirements
• support the use of content from the National Health Services Directory.

National Safety and Quality Health Service (NSQHS) Standards

Implementation of NSQHS is mandated in all hospitals, day procedure services and public dental services across Australia.

The system must:

• support adherence to best practices related to Informed Consent  
• support adherence to all relevant National Safety and Quality Health Service Standards in accordance with the intended scope of the system being procured. These may include, but not limited to the following standards:  
  • Partnering with Consumers Standard
  • Communicating for Safety Standard
  • Comprehensive Care Standard
  • Blood Management Standard
  • Medication Safety Standard
  • Clinical Governance Standard.
• support adherence to all relevant Clinical Care Standards.

Other Standards

International

Where appropriate, the system should:

• support compliance to ISO/IEC 15459-2:2015, Information technology – Automatic identification and data capture techniques - Unique identification, Part 2: Registration procedures
• support compliance to ISO 10781:2023 Health informatics — HL7 Electronic Health Record-System Functional Model, Release 2.1 (EHR FM)
• support compliance to ISO 13606-1:2019 Health informatics — Electronic health record communication — Part 1: Reference model
• support compliance to ISO 17523:2016 Health informatics — Requirements for electronic prescriptions
• support compliance to ISO 1828:2012 Health informatics — Categorial structure for terminological systems of surgical procedures.

National

The system should comply with:

• the relevant legislation for medicines, poisons and therapeutic goods  
• the handling and destruction of drugs standard.

If the system dispenses medication, it should:

• be registered and set up to receive and process electronic prescriptions in alignment with relevant federal and state regulations.

The system must comply with:

• AS2828.2: Digitised health records where digitisation of paper records is required
• AS ISO 18308:2022 Health informatics — Requirements for an electronic health record architecture
• ATS ISO 14265-2013 Health informatics – Classification of purposes for processing personal health information
• AS ISO 27269:2022 Health informatics – International patient summary.

Connections to National Systems

Healthcare Identifiers Service (HI Service)

If the software is expected to deal with healthcare identifiers (e.g. in a hospital environment) then it should either:

• be able to discover and validate Individual Healthcare Identifiers (IHI) via the Healthcare Identifier (HI) Service, or

Where the enterprise utilises an enterprise-wide system for discover and validation of Individual Healthcare Identifiers (IHI) the software should:

• be able to manage and interface with this middleware in order to enable discovery and validation of Individual Healthcare Identifiers (IHI).

My Health Record

The software must:  

• be able to respect patient instruction not to upload at a patient and document level when contributing clinical information to the My Health Record system
• be able to access record information from the My Health Record as required
• be able to upload an Event Summary to the My Health Record system, if required
• support patient instruction not to upload
• be able to upload a pathology report to the My Health Record system.

Where it is a source system for capture, it must also be able to upload:  

• a Discharge summary to the My Health Record system
• Diagnostic Imaging reports to the My Health Record
• Discharge Dispense Medication to the My Health Record.

API Gateway or Government Provider Management System (GPMS)

For aged care services, the software should:

• be capable of sharing relevant data and reports to the GPMS.

Medicare Online Claiming

The software should:

• connect to Medicare claiming channels using direct software integration
  • Medicare Online claiming (Medicare Online)
  • ECLIPSE integrated with practice management software (PMS)
  • Medicare Easyclaim.

National Authentication Service for Health (NASH)

If the system is connecting to My Health Record, the software must:

•     have a valid NASH certificate.

Conformance

HI service

The software should:

• have production access to the Health Identifiers Service.

Healthcare Information Provider Services (HIPS)

If the system connects to the Healthcare Information Provider Service (HIPS) middleware product, the system must:

• conform with the HIPS conformance profile V1.

My Health Record

The software should:

• conform with the My Health Record Conformance Assessment Scheme.

eReferral

The software should:

• have the ability to send and receive ADHA conformant eReferrals.

Discharge Summaries

The software should:

• have the ability to send and receive an ADHA conformance Discharge Summary.

Provider Connect

The software should:

• conform with the Provider Connect Australia service.

Electronic Prescribing

The software should:

• have the ability to send and receive ADHA conformant Electronic Prescriptions.

State and territory requirements

The following state and territory requirements must be upheld based on location.