Information and Communications Technology

Generating PDFGenerating PDF

Policy framework statement

The Information and Communications Technology (ICT) Policy Framework specifies the ICT governance and policy requirements that all Health Service Providers (HSPs) must comply with in order to ensure effective and consistent ICT governance, decision-making and use of ICT systems across the WA health system.

Purpose

The Director General (DG) of the Department of Health is the System Manager responsible for the overall management, strategic direction and stewardship of the WA health system. The DG will use policy frameworks to ensure a consistent approach to a range of matters undertaken by HSPs. Policy frameworks must be complied with and implemented as a part of ongoing operations.

The purpose of this policy framework is to ensure:

  • the ICT Governance Structure [intranet] and requirements for ICT decision-making are understood across the WA health system
  • individuals accessing the WA health system's ICT comply with the mandatory requirements relating to the secure and efficient use of systems.

In conjunction with the WA Health ICT Strategy 2015-2018 and ICT Governance Structure [intranet], this ICT Policy Framework has been developed to embed systemwide ICT policies and practices that promote continuous improvement in the use of technology to deliver quality patient care, reflect business needs and align to wider government ICT strategic directions.

Applicability

This policy framework is binding on each HSP to which it applies or relates. Specifically, HSPs must ensure that in contracting with contracted health entities, the entity and any of their personnel accessing the WA health system comply with all relevant ICT mandatory requirements listed in this policy framework.

Principles

The key principles that underpin this policy framework are:

Accountability
Electronic communications, which are part of the business records of WA health system, are treated as such and managed in accordance with recordkeeping policies and legislation.

Consistency
ICT policy and management directions support the objectives of the:

  • WA Health ICT Strategy 2015-2018
  • Whole-of-Government ICT Strategy and policies, issued by the Office of the Government Chief Information Officer (OGCIO).

Customer focus
Investments in ICT are used to improve safety and quality, improve patient outcomes, create a better patient journey or experience, build knowledge to inform research and changes to clinical practice, or improve efficiencies and financial sustainability.

Governance
Effective governance and decision-making on ICT is undertaken in accordance with the ICT Governance Structure. This includes regular, ongoing and responsive clinical and consumer engagement. ICT projects and funding for ICT are well managed in order to deliver better care and better value.

Responsible use
The WA health system ICT resources are used responsibly, including behaviour that:

  • is in accordance with public sector ethics, accepted community standards and relevant law, and
  • does not disrupt the efficient delivery of the WA health system’s services.

Security and privacy
WA health system ICT resources are controlled and protected to safeguard privacy and confidentiality, preserve data integrity and ensure the ongoing availability of information. Security controls and guidelines are applied to the storage, access, processing or transmitting of data on a range of devices and infrastructure, whether it is WA health system owned, privately owned or purchased as a service. Access to and disclosure of information is managed and performed in accordance with the WA health system’s Information Management Policy Framework. ICT security considerations are incorporated into ICT investments, including monitoring and audit capability, where applicable.

Legislative context

The Health Services Act 2016 refers to policy frameworks in ss. 26-27 and s. 34(2)(c). Other relevant parts in the Act that relate specifically to this policy framework include s .36(3)(e-f).

The legislation below, may also apply:

  • Corruption, Crime and Misconduct Act 2003
  • Privacy Act 1988 (Cwlth), Schedule 1 Australian Privacy Principles
  • State Records Act 2000

Mandatory requirements

Under this policy framework HSPs must comply with all mandatory requirements* including:

*Any mandatory requirement document that references the Hospitals and Health Act 1927 must be interpreted as a requirement under the Health Services Act 2016.

Supporting information

Whole-of-Government ICT Policies are also issued by the Office of the Government Chief Information Officer (OGCIO). These are mandatory for all agencies, and the System Manager will develop systemwide mandatory requirements to align with these as required.

Other policy frameworks relevant to the delivery of ICT include:

  • Communications Policy Framework
  • Financial Management Policy Framework
  • Information Management Policy Framework
  • Procurement Policy Framework
  • Public Health Policy Framework
  • Risk, Compliance and Audit Policy Framework

Policy framework custodian

A/Assistant Director General
Strategy and Governance


Enquiries relating to this policy framework may be directed to:
PolicyFrameworkSupport@health.wa.gov.au

Review

This policy framework will be reviewed as required to ensure relevance and recency. At a minimum this policy framework will be reviewed within two years after first issue and at least every three years thereafter.

 

Version Effective from Effective to Amendment(s)
1 1 July 2016 13 September 2017 Original version
2 13 September 2017 15 November 2017 New MP 0066/17, superseded OD 0468/13, OD 0469/13, OD 0470/13, OD 0336/11, and OD 0337/11. New MP 0067/17, superseded OD 0389/12, OD 0506/14, and OD 0508/14.
3 15 November 2017 12 April 2018 Major Amendment to MP 0067/17.
4 12 April 2018 18 October 2018 Major Amendment to MP 0001/16
5 18 October 2018 Current New MP 0094/18, superseded OD 0463/13.

Approval

This policy framework has been approved and issued by the Director General of the Department of Health as the System Manager.

Approval byDr D J Russell-Weisz, Director General, Department of Health
Approval date01 July 2016
Date published18 October 2018
File numberF-AA-40149

Compliance

This policy framework is binding on those to whom it applies or relates. Implementation at a local level will be subject to audit.

Glossary of terms

Term Meaning
Applicability Under Section 26 of the Health Services Act 2016, policy frameworks may apply to:
  • All Health Service Providers
  • A type of public health service facility
  • A type of public health service
  • A type of staff member of a health service provider.
ICT Governance Structure The ICT Governance Structure outlines the decision making framework for WA Health’s ICT investment. It clarifies the expected roles, responsibilities and accountability of all parties involved in the planning and delivery of ICT programs and projects. The fundamental principle is decision making at the appropriate management level.
Health Service Provider Means a Health Service Provider established by an order made under section 32(1)(b) of the Health Services Act 2016.
Information and Communications Technology Information and Communications Technology (ICT) refers to software and hardware used to support information sharing and communication and includes system infrastructure and architecture, clinical and corporate applications, and telecommunications equipment.
WA health system Pursuant to section 19(1) of the Health Services Act 2016, means the Department of Health, Health Service Providers and to the extent that Contracted Health Entities provide health services to the State, the Contracted Health Entities.