Let’s get your team trained and using Microsoft Copilot and moving your business forward. Click here to book +61 3 4803 4915Client PortalRemote Support
Belton IT Nexus
NZ AU
Contact us
01 Run

We become your IT department and own the day-to-day.

Managed IT Your whole environment, owned Managed Devices Endpoints, patched & tracked Microsoft 365 The workplace, managed Cloud & Azure Networks, Wi-Fi, voice
02 Protect

Security operations you can verify, and show.

24-Hour CyberSOC Security ops that don't clock off Compliance Reviews Aligned to Essential 8 & ISO Backup & Recovery Provably restorable Identity & Email MFA enforced, threats stopped
03 Improve

Honest strategy and predictable budgets.

IT Advisory & vCIO Honest, predictable plans AI & Copilot Where it genuinely helps Compliance & Governance Audit-ready evidence Projects & Consulting Build what you can't buy
Belton · Run / Protect / ImproveView all services ›
Professional Services

Firms that run on trust, time and confidential data.

Accounting Ledgers & client data Legal Privilege & matter files Business Advisory Plans & reporting Mortgage & Finance Loan files & AML/CFT Insurance Claims & client records Insurance Brokers Cover & premiums
Built & Made

Site, studio and floor, where uptime is the product.

Construction Sites & project files Architecture Drawings & large models Quantity Surveyors Cost data & big files Manufacturing Floor & ERP uptime Healthcare Patient data & privacy
Trade & Technology

Fast-moving operations that can't carry downtime.

Logistics Fleet, orders & tracking Retail & Wholesale POS & storefronts Technology Cloud-native teams Distribution Inventory & systems
Belton · Sector-specialised IT & securityAll industries ›
Guides & Frameworks

Plain-English playbooks for the controls that matter.

Essential Eight ASD's eight, explained DIY Cybersecurity Lock down the basics Cyber Standards Guide ISO, SMB1001 & more M365 Selection Guide Pick the right licences
Tools & Assessments

Self-serve checks that map where you stand.

Security Assessment Score your posture Network Assessment Find the weak spots M365 Security Checklist Find the gaps Cyber Insurance Readiness Be claim-ready
Reading & Learning

Get more from the tools you already pay for.

SME Tech Outlook 2026 Where NZ tech heads next Copilot Learning Hands-on with Copilot FAQ Straight answers CEO's Blog Plain-English views
Belton · Knowledge, not gatekeepingResource library ›
The Firm

A senior team with the skills and scale for any project.

About Belton Who we are, plainly How We Work Our delivery process Who We Work With The fit we look for Leadership Jason & Amy Agnew + team
Proof & Partners

The evidence behind the claims, and ways to build with us.

Case Studies Real outcomes, named Accreditations The proof behind the practice Industries Sector-specialised White-label / Partners Our bench, your brand
Connect

Real people, fast, no ticket-queue runaround.

Contact Us Talk to a human, today Book a Session A 90-minute discovery Find Us Newmarket, Auckland Remote Support Get help now
Belton IT Nexus · Est. 2004 · Newmarket, AucklandAbout us ›
Home/ Resources/ Medical Practice Cyber Readiness

Australian medical practice cyber readiness.

A practical readiness checklist for GP and specialist practices, covering the Health Information Privacy Code, indici, Medtech, Healthlink, ransomware exposure, and breach notification to the OPC.

12Control areas
PDFPrintable
FreeNo cost
The checklist
§01

What it covers.

12 areas

For practice managers, clinical leads, and partners at New Zealand GP and specialist practices. It is built around the controls clinical IT environments actually need: the ones that protect patient information, keep the clinical system available during a ransomware incident, and produce defensible evidence for an Office of the Privacy Commissioner inquiry. Each area is grounded in a specific NZ rule, a specific clinical workflow, or a specific failure mode.

  • Health Information Privacy Code 2020 (HIPC) The thirteen Health Information Privacy Rules applied to anyone collecting, holding, or disclosing health information.
  • Privacy Act 2020 in a clinical setting Mandatory breach notification and the serious-harm threshold as they apply to patient records.
  • indici, Medtech, Profile, MyPractice security Securing the small, well-known set of NZ clinical systems and the access around them.
  • Healthlink and secure messaging Protecting referrals, lab results, and clinical correspondence as they move between systems.
  • Patient portal MFA Multi-factor authentication on the portal that exposes patient data to the outside world.
  • Clinical-grade uptime and continuity of care Keeping the clinical system available so care does not stop when IT does.
  • Ransomware exposure for NZ practices The realistic attack scenarios, and why network segmentation matters more than the entry point.
  • Ministry of Health and Te Whatu Ora guidance Aligning your controls with the sector guidance practices are expected to follow.
  • Breach notification to the OPC A defensible process for assessing and notifying a health information breach.
  • Staff training and clinical workflows Training that fits the way clinical staff actually work, not generic security slides.
  • BYOD policy for clinical staff Personal devices touching patient data, and the controls that contain the risk.
  • Backup testing and after-hours support continuity Tested restores and a support path that holds up outside business hours.

Printable PDF covering twelve control areas across HIPC, clinical software, and continuity of care.

You will receive the download immediately. We may send occasional emails about NZ clinical IT and privacy. Unsubscribe any time. Prefer a direct link? Download the PDF →

Want the controls
implemented, not just listed?

We work with Australian GP and specialist practices on clinical IT, HIPC alignment, and continuity of care.

Book a session Talk to a human
NEW ZEALAND OWNED & OPERATED EST. 2004
Sovereign by design

New Zealand owned and operated.

Sovereign data centres across New Zealand and Australia, with your data kept onshore wherever it's required. Our team understands New Zealand, and our leaders have built, scaled and secured businesses right across the New Zealand landscape.

Sovereign data centres · New Zealand & Australia
  • Auckland
  • Christchurch
  • Sydney
  • Melbourne
  • Brisbane
  • Perth
International data-centre operations
  • Singapore
  • Germany
  • Netherlands
  • USA

Servers available in minutes, not days.

Explore data centres & hosting →
Accredited partners
Microsoft Solutions Partner Fortinet Partner Lenovo Partner HP Partner Apple Business Manager