HSP Data Compliance Survey Questions - MS Azure documents and survey overview

Contracted Service Provider Notice

Use of Cloud Services for storage of client records (CSPN - 202014)

The HSP Compliance survey is for clients currently using cloud services for the storage of client records.

See below questions on the survey and the Aurora software provider answer:

What is the name of the specific cloud service being used? (e.g. Microsoft Azure, Office 365)?

Microsoft Azure

Is the specific cloud service being used a Platform as a Service (PaaS) or Software as a Service (SaaS)?

Saas

If PaaS What assurances do you have that the cloud platform service being used as well as the system installed on the platform is secure and configured appropriately?

N/A

If SaaS What assurances do you have that the cloud software service you are using is secure and configured appropriately?

Microsoft Azure platform is certified for the storage of sensitive information, see attached Microsoft Azure - ACSC Protected Certification Letter

Does your agreement with your cloud services provider state that the records will be hosted on an Australian server, will not be disclosed outside Australia, and will be encrypted to at least the equivalent of Official with a Dissemination Limiting Marker (DLM) of Sensitive?

All records are hosted within the Australian Microsoft Azure datacentre, see attached Microsoft Azure UDLM Certification Letter

Related Articles
HSP MS Azure Certification that Data is hosted in Australia delete - duplicate
Typically a new customer's HSP contract would indicate that their data is being hosted in Australia. If proof is required, here are the 3 documents downloaded from the Azure website on 22 April 2021.
Hearing Services Program (HSP) HSP Cloud Service Provider Checklist / IRAP Assessment - MANAGE IT Regulatory
Provider Factsheet - Management of Client Records The Department of Health (the department) is responsible for managing and administering the Australian Government Hearing Services Program (the program). As specified in the Service Provider Contract ...
Onboarding Go Live - Data Conversions & Due Diligence Testing
This article explains what to expect with a data conversion, and how to do your due diligence testing once the data is in your training environment. Overview of Data Conversion Our standard import covers the following: Patients, Doctors and their ...
HSP E-Claiming Guide - Send / Receive Claims
1.1 HSP E-Claim Export/Import Overview When a file is created to send to HSP it marks the claims as 'Pending' and locks it so it can’t be changed. When HSP returns the file, and it is imported to Manage the following happens: · The claim status is ...
HSP Activity Wizard Video [Australia only]

HSP Data Compliance Survey Questions - MS Azure documents and survey overview

HSP Data Compliance Survey Questions - MS Azure documents and survey overview

Contracted Service Provider Notice

Use of Cloud Services for storage of client records (CSPN - 202014)

The HSP Compliance survey is for clients currently using cloud services for the storage of client records.

Related Articles

HSP MS Azure Certification that Data is hosted in Australia delete - duplicate

Hearing Services Program (HSP) HSP Cloud Service Provider Checklist / IRAP Assessment - MANAGE IT Regulatory

Onboarding Go Live - Data Conversions & Due Diligence Testing

HSP E-Claiming Guide - Send / Receive Claims

HSP Activity Wizard Video [Australia only]