HSP Data Compliance Survey Questions - MS Azure documents and survey overview

HSP Data Compliance Survey Questions - MS Azure documents and survey overview

Contracted Service Provider Notice

Use of Cloud Services for storage of client records  (CSPN - 202014)

The HSP Compliance survey is for clients currently using cloud services for the storage of client records.

See below questions on the survey and the Aurora software provider answer:

What is the name of the specific cloud service being used? (e.g. Microsoft Azure, Office 365)?

Microsoft Azure

Is the specific cloud service being used a Platform as a Service (PaaS) or Software as a Service (SaaS)?

Saas
If PaaS What assurances do you have that the cloud platform service being used as well as the system installed on the platform is secure and configured appropriately?

N/A

If SaaS What assurances do you have that the cloud software service you are using is secure and configured appropriately? 

Microsoft Azure platform is certified for the storage of sensitive information, see attached Microsoft Azure - ACSC Protected Certification Letter

Does your agreement with your cloud services provider state that the records will be hosted on an Australian server, will not be disclosed outside Australia, and will be encrypted to at least the equivalent of Official with a Dissemination Limiting Marker (DLM) of Sensitive?  
All records are hosted within the Australian Microsoft Azure datacentre, see attached  Microsoft Azure UDLM Certification Letter



    • Related Articles

    • HSP MS Azure Certification that Data is hosted in Australia delete - duplicate

      Typically a new customer's HSP contract would indicate that their data is being hosted in Australia. If proof is required, here are the 3 documents downloaded from the Azure website on 22 April 2021. 
    • Hearing Services Program (HSP) HSP Cloud Service Provider Checklist / IRAP Assessment - MANAGE IT Regulatory

      Provider Factsheet - Management of Client Records The Department of Health (the department) is responsible for managing and administering the Australian Government Hearing Services Program (the program). As specified in the Service Provider Contract ...
    • HSP E-Claiming Guide - Send / Receive Claims

      1.1 HSP E-Claim Export/Import Overview When a file is created to send to HSP it marks the claims as 'Pending' and locks it so it can’t be changed. When HSP returns the file, and it is imported to Manage the following happens: · The claim status is ...
    • HSP - 3FAHL Overview

      3FAHLS readings will auto-fill in an HSP claim or quote claim if the audiogram has been entered into Aurora or if you have previously created an HSP Claim with certain HSP items and had 3FAHL values included eg a 600 or 800. If the 3FAHL information ...
    • Deleting or Archiving old HSP Claims

      Archiving HSP Claims is a tool for housekeeping your data. It speeds up searches for Claims by allowing users to archive selected HSP Claims so they no longer appear in selection windows. Archiving means that these HSP Claims will no longer be ...