Supply Chain Systems
Definition:
A supply chain system in healthcare involves managing the flow of medical supplies, pharmaceuticals, equipment, and other products from production to delivery in healthcare facilities. Key aspects in Australian healthcare include sourcing and procurement, inventory management, distribution and logistics.
Standards and specifications
General requirements
Cyber security
The software must demonstrate adherence to the ‘Essential 8’ cyber security principles.
Core requirements
Standards for identification
The software must:
- Content will be updated following consultation feedback
Australian Core Data for Interoperability (AUCDI)
The system should support the use of AUCDI Release 2.
Note: Development is continuing to enhance AUCDI to include further elements to support clinical data and will continue to be published over time.
Standards for data sharing
The software should:
- support the authoring and consumption of clinical documents in Fast Healthcare Interoperability Resources (FHIR®) formats.
Standards for terminology, code sets and classifications
If the system is managing prostheses, the system must:
- support the use of the Private Health Insurance (prostheses) rules and the current versions of the prosthesis list including the drafted Prescribed List Guide
If the system is managing medications, the system must:
- support Australian Medicines Terminology (AMT)
The system should:
- support person and provider identification in healthcare National Best Practice Data Set
If the system is managing medical devices or medicines, the system should:
- support the inclusion and identification of items listed on the Australian Register of Therapeutic Goods (ARTG)
National Safety and Quality Health Service (NSQHS) Standards
Implementation of NSQHS is mandated in all hospitals, day procedure services and public dental services across Australia.
Other Standards
International
The system must support:
- ISO/IEC 17360:2023 standard: Automatic identification and data capture techniques - Supply chain applications of RFID - Product tagging, product packaging, transport units, returnable transport units and returnable packaging items
- ISO/IEC 27036-3:2023 standard for Cybersecurity - supplier relationships - Part 3: Guidelines for hardware, software, and services supply chain security.
National
- comply with the relevant legislation for medicines, poisons and therapeutic goods
- comply with the handling and destruction of drugs standard.
The system should support:
Connections to National Systems
HI Service
If the system is managing medical devices or medicines, the system should:
- support linkage to the Pharmaceutical Benefits Scheme (PBS) online-claiming system.
Conformance
The software must:
- have production access to the Health Identifiers Service.
State and territory requirements
The following state and territory requirements must be upheld based on location.
| State | Theme | Link |
|---|---|---|
| ACT | Privacy | Health Records (Privacy and Access) Act 1997 (ACT) |
| Territory Records Act 2002 (ACT) | ||
| Information Privacy Act 2014 | Acts | ||
| NSW | Privacy | NSW Privacy Laws |
| Requirements for consent | ||
| NT | Privacy | Refer to federal legislation for privacy |
| QLD | Privacy | Privacy legislation in Queensland |
| Informed Consent | ||
| SA | Privacy | Refer to federal legislation for privacy |
| TAS | Privacy | Refer to federal legislation for privacy |
| Privacy and Data Protection Act 2014 | ||
| WA | Privacy | Refer to federal legislation for privacy |
| Consent to treatment policy |
Consultation survey now open
The Procurement Guidelines Consultation Survey is now open until 31 August 2025 and we invite you to have your say. Your feedback is essential to ensuring the accuracy and completeness of existing content, identifying opportunities to enhance usability, improving user experience and suggesting additional content to maximise the value of the Guidelines.