Pono gives your practice a single place to manage cybersecurity compliance: the HISF audit, your risk register, vendor reviews, incidents and reports. Know exactly where you stand, and what to do next.
Dashboard
Tui Street Medical Centre
+12% since last quarter
Readiness by domain
Priority actions
The Health Information Security Framework applies to every general practice in New Zealand. Most practices are managing it with a folder of Word documents and a spreadsheet nobody trusts. Pono replaces all of that.
What is inside
Every HISF control laid out in plain language, grouped by domain. Tick them off, attach evidence and watch your readiness score climb.
A ready-made risk register built for general practice. Score likelihood and impact, assign owners and get reminded when reviews fall due.
Track every vendor that touches patient data, from your PMS to the lab portal. Annual reviews are scheduled and flagged for you.
Log security incidents in minutes with a guided workflow, including the Privacy Act 2020 notifiable breach assessment.
Policies, procedures and templates in one place, version controlled and ready to show an auditor or your PHO.
Export a compliance summary as a PDF whenever your PHO, Health NZ or an insurer asks where things stand.
How it works
We set up your practice and your login. There is nothing to install and no IT project to run.
The audit kit walks you through each HISF control step by step. Most practices see their readiness score within the first session.
Pono keeps score, chases reviews and surfaces what needs attention next, so compliance stops being a yearly scramble.
Get more info
Leave your details and we will get in touch to walk you through Pono and answer your questions. No pressure, no lock-in.