SSBA Newsletter Issue 21 - August 2013 (PDF 250 KB)
New NHS Legislation
In late 2012 and early 2013, changes were made to the National Health Security Act 2007 (NHS Act), the National Health Security Regulations 2008 (NHS Regulations) and the SSBA Standards.
The amendments to the NHS Act and NHS Regulations came into effect on 31 March 2013. The revised SSBA Standards came into effect on 20 June 2013.
A full explanation of the changes can be found in the new Fact Sheet 17 - Changes to the National Health Security Legislation.
Copies of the new legislation
Copies of the amended NHS Act and NHS Regulations can be found at ComLaw.
A copy of the new SSBA Standards and fact sheet can be found on the SSBA website.
The SSBA Regulatory Scheme has implemented changes to the Online Data Collection System (DCS) to allow for automatic password resets.
A new password can be requested through the DCS log on screen and the new password information will be sent to the email address of the Responsible Officer or Contact Officer. Reset passwords are a single use only and users will be prompted to create a new password for the facility.
New passwords at a minimum must:
- be 7 or more characters long
- have one uppercase and one lowercase character
- have one numeric character
- not contain any special characters
- be different to the current password and different from the last 8 passwords
If the email of the person who receives the password notifications changes, please let DoHA know as soon as possible by contacting us at SSBA
Change of the Purpose for Handling
All changes to the purpose for handling an SSBA, as listed on the National Register of SSBAs, must be reported to DoHA. This is especially important where the purpose has been listed as ‘Research’.
All purposes listed as research are assessed prior to inclusion on the National Register to ensure that the research is responsible and legitimate under of the SSBA Regulatory Scheme.
If changes are made to the purpose for handling, including any changes to the research being conducted that may mean that the research no longer matches the description given to DoHA for assessment, a reassessment of the research to ensure it continues to meet the requirements of the scheme will be required.
Changes can be reported to DoHA via the Change of Purpose for Handling an SSBA form.
Authorised and Approved Persons Lists
Under the SSBA Standards, the Responsible Officer of a registered facility must develop and maintain lists of authorised and approved persons.
These lists must include details of:
- the period of a persons authorisation or approval
- the review date of the authorisation or approval
- what the person is authorised or approved to do
Further details about the requirements for these lists can be found under clause 3.2 of the Standards.
Clause 3.2 of the SSBA Standards outlines the requirements for Responsible Officers.
Non-Registered Facility Inspections
Non-Registered Facility inspections focus on Parts 9 and 9A of the SSBA Standards, facility documentation and other SSBA Regulatory Scheme processes, such as reporting.
A Non-Registered Facility Inspection will involve a half-day physical inspection of the facility and a post inspection follow up.
- liaison with the Contact Officer
- a physical inspection of the facility, including a review of paper-based records and discussions with relevant staff
- a letter provided to the facility outlining the outcome of the inspection including any Corrective Action Requests
- if required, a follow-up inspection that reviews paper-based evidence supplied by the facility
The entity may be required to provide further information following an inspection. Following provision of the findings to the relevant DoHA delegate, a letter of response will be sent to the facility outlining the outcome/s of the inspection and any Corrective Action Requests.
Unannounced Spot Checks
At least 24 hours notice will be provided to the facility to ensure security arrangements associated with inspectors being on site are met.
How the day will go
Below is an outline of how the inspection may go on the day the Inspectors visit the facility:
- explanation of the inspection process
- discussion of any problems experienced with the scheme
- discussion of the SSBA Standards (Parts 9 and 9A)
- sampling of records
- inspection of facility (some inspections may not involve this)
- review of findings (this discussion is undertaken by the inspectors alone)
- presentation of preliminary findings of inspection
- exit meeting
Annual and Biannual reports no longer required.
An amendment to the NHS Regulations removes the requirement for entities to report annually or biannually to
DoHA. Changes to entity and facility details must now be reported within two business days of the event occurring.
A new form, Changes to Entity and Facility Details, will soon be available on the website and via the DCS to inform DoHA of any administrative changes. Until this form is available, entities can continue to change administrative details by filling in the relevant fields on the Regular Report (Annual and Bi-annual) form and submitting within two business day of the change in details.
Reminder - Submitting Reports
Under the SSBA Regulatory Scheme, it is mandatory that all reportable event reports are submitted to DoHA either via the Data Collection System or as a hard copy sent by registered post. Reports that are emailed or faxed to the SSBA Regulatory Scheme can not be accepted.
Phone: 02 6289 7477