Australian Government - Department of Health and Aged Care - Office of Hearing Services

Search Hearing Services Online

If you are having any problems downloading attached content or viewing links on this page please email hearing@health.gov.au.

Please note: PDF documents can be opened using free Adobe Reader software.

202014

Key Messages

Message One

The ASD no longer certifies cloud services providers. Providers using previously certified cloud services can continue using these services until further notice.

Message Two

If changing or moving your cloud service please contact the program before proceeding.

Message Three

Information is being sought on current cloud usage by providers.

For further information visit our website www.hearingservices.gov.au email hearing@health.gov.au Phone 1800 500 726

202014

Contracted Service Provider Notice

Use of Cloud Services for storage of client records
(CSPN - 202014)

The protection of client health and personal information is very important. Hearing Services Program (the program) client records are protected by the Privacy Act 1988, the Hearing Services Program (Voucher) Instrument 2019 and the Service Provider Contract.

The Management of Client Records factsheet and Frequently Asked Questions outlines program requirements about client records including use of cloud services. Providers were required to only use cloud services providers which had been certified by the Australian Signals Directorate (ASD).

As of 27 July 2020, the ASD ceased the Certified Cloud Services List and new arrangements are being established.

Until new arrangements are in place, those using previously ASD certified cloud services can continue to do so. If you are using a cloud service that was not previously certified by the ASD or you are not sure, please email us immediately via hearing@health.gov.au with the details.

The Management of Client Records factsheet and FAQs have now been updated to support providers in managing their cloud services being used for program client information.

Cloud Services survey

To assist in its development of requirements for cloud services, the Department of Health is asking providers for information about the cloud services they are using. This information will help the department develop requirements that will be appropriate for all providers.

If you are currently using cloud services for the storage of client records, please complete the Citizen Space survey on cloud services.

Please contact your cloud services provider and confirm the appropriate responses to each question before starting the survey. Please ensure the responses are specific to the arrangements in place for your business.

The questions on the survey are:

What is the name of the cloud service provider you are using (e.g. Microsoft, Amazon)?
What is the name of the specific cloud service being used (e.g. Microsoft Azure, Office 365)?
Is the specific cloud service being used a Platform as a Service (PaaS) or Software as a Service (SaaS)?
- If PaaS
  What assurances do you have that the cloud platform service being used as well as the system installed on the platform is secure and configured appropriately?
- If SaaS
  What assurances do you have that the cloud software service you are using is secure and configured appropriately?
Does your agreement with your cloud services provider state that the records will be hosted on an Australian server, will not be disclosed outside Australia, and will be encrypted to at least the equivalent of Official with a Dissemination Limiting Marker (DLM) of Sensitive?
Approximately how many client records are stored within your cloud services or systems?

For further information visit the program website www.hearingservices.gov.au or email hearing@health.gov.au

07 October 2020

Download this CSPN 2020-15 Hearing Services Program Review Consultation Paper