Health Informatics Service Accreditation Manual. Assessment Process. May 2013, Version 1

Transcription

1 Health Informatics Service Accreditation Manual Assessment Process May 2013, Version 1

2 Contents 1. Contacts Introduction Assessment principles Assessment outcome Planning for the assessment Assessment process The assessment After the assessment Appendix 1 HIS Accreditation Timeline Summary Appendix 2 Service Description Sheet

3 1. Contacts If you have a query on the assessment process that is not covered by this manual, please contact dnvhealthcare@dnv.com in the first instance. DNV Healthcare Highbank House Exchange Street Stockport Cheshire SK3 0ET Support team telephone: Head of Resources (for any concerns): aileen.orr@dnv.com 2

4 2. Introduction Det Norske Veritas (DNV) is an independent foundation whose purpose is to safeguard life, property and the environment. We have over 140 years of experience in developing safety standards and building safety cultures in safety critical industries. DNV Healthcare is managed by a dedicated group of professionals, each with many years of experience in their respective field, including clinical services, hospital management, health law, risk management and engineering. Our healthcare team has been successful in transferring knowledge and understanding from other areas of risk management, and combining this with new thinking and innovative approaches, to develop standards and accreditation programmes in a healthcare setting. We assist organisations to constantly improve the way that they work, and to help them assure patients and stakeholders of their commitment to improving safety and quality, while safeguarding reputation. The DNV UK healthcare unit, has a team of experienced healthcare professionals who are used to delivering accreditation schemes across NHS and across the UK. We understand the challenges of the NHS s complex organisational arrangements; the impact of these arrangements on access to information for patients and carers; and the importance of these issues as supporting effective and efficient service delivery. We develop accreditation programmes that can meet the very different and often complex needs of these individual organisations. Our staff are trained to recognise the needs of these organisations and to adjust processes accordingly, whilst at all times maintaining consistency. Assessment of an organisation s compliance against a set of standards is our area of expertise. Through accreditation, we ensure an objective third party validation and benchmarking of processes and systems, while also identifying areas to be targeted for improvement and opportunities for greater efficiency and on-going sustainability. 2.1 What are the HISA standards? The Health Informatics Services Accreditation (HISA) standards have been developed by the Department of Health (DH) Informatics Directorate (DHID) with the support of Chief Information Officers, directors of informatics services, the NHS Health Informatics Benchmarking Club (HiBC) and representatives of customer organisations. A full copy of the standards can be obtained from dnvhealthcare@dnv.com. The foundation for the HISA standards was the portfolio of standards jointly developed by DHID and the HiBC for use by services to benchmark themselves against their peers. The HISA standards are designed for assessment and accreditation of providers of informatics services within the framework of an accreditation scheme. The HISA standards are divided into 6 main sections: Service Description (not assessed) Governance & Planning Corporate & Commercial Workforce Service Delivery Assurance Each standard is allocated a weighting and has a number of statements that indicate an informatics service s compliance with that standard (see section 1.6 of the full standards). 3

5 2.2 Who are the standards for? The HISA standards are relevant to all types of informatics service. The term Health Informatics Services (HIS) covers all providers of informatics services to the NHS (including Information Management and Technology (IM&T) departments). HIS normally fall into one of the following categories: In-house Service typically provided to a single organisation Managed Service, where one organisation provides services to another Shared Service, hosted by one organisation, providing services to a number of others Outsourced Service from within the NHS or private sector 2.3 Why have the standards been developed? Following publication of the 2010 White Paper, Equity and excellence: Liberating the NHS 1, the Government published a supporting Information Strategy in In this context, informatics is central to the vision for the new NHS and the NHS is moving towards increased plurality in service provision, including that of informatics services. There is, therefore, a need for objective measures of health informatics services capabilities and performance to inform commissioning decisions and to support the continuous improvement of such services. The vision is for all providers of informatics services to the NHS to be accredited against the HISA standards, in order to support patient care and provide value for money services. 2.4 What are the benefits of accreditation against the standards? The expected benefits of HIS accreditation include the following: Support local decision making in respect of commissioning and delivering informatics services by increased availability and transparency of relevant information; Provide assurance to local commissioners that minimum standards are being met; Support continuous improvement, focussing informatics services on their key performance areas; Provide public acknowledgement of an informatics service s performance. 2.5 Who conducts the assessments? Det Norske Veritas (DNV) is an independent foundation whose purpose is to safeguard life, property and the environment. We have over 140 years of experience in developing safety standards and building safety cultures in safety critical industries. DNV Business Assurance, one of three DNV companies, is one of the leading global providers of accredited management systems certification. We offer a broad portfolio of services within management system certification and related services. DNV Healthcare, which is part of DNV Business Assurance, is managed by a dedicated group of professionals, each with many years of experience in their respective field, including clinical services, hospital management, health law, risk management and engineering. Our healthcare team has been successful in transferring knowledge and understanding from other areas of risk management, and combining this with new thinking and innovative approaches, to develop standards and accreditation programmes in a healthcare setting. We assist organisations to constantly improve the way that they work, and to help them assure patients and stakeholders of their commitment to improving safety and quality, while safeguarding reputation

6 Within the UK healthcare unit, we have a team of experienced healthcare professionals who are used to delivering accreditation schemes across NHS and across the UK. We understand the challenges of the NHS s complex organisational arrangements; the impact of these arrangements on access to information for patients and carers; and the importance of these issues as supporting effective and efficient service delivery. We develop accreditation programmes that can meet the very different and often complex needs of these individual organisations. Our staff are trained to recognise the needs of these organisations and to adjust processes accordingly, whilst at all times maintaining consistency. Assessment of an organisation s compliance against a set of standards is our area of expertise. Through accreditation, we ensure an objective third party validation and benchmarking of processes and systems, while also identifying areas to be targeted for improvement and opportunities for greater efficiency and on-going sustainability. 5

7 3. Assessment principles 3.1. Scope and services covered by the assessment The assessment will cover the HIS and all services provided by them. Some of the standards may not be applicable and these will not be assessed if they are identified and agreed with the assessment team in advance. The exact scope of the assessment will be determined by the lead assessor following a conversation with the HIS. This will determine the assessment date and the finer details of the assessment process How and where will the assessment take place? There are two parts to the assessment; an off-site review of evidence (submission of a selfassessment) and then a site visit to the HIS to complete the assessment. Please see the assessment process below in Section 5 for further details. Following submission of the self-assessment and accompanying evidence for review off-site, the lead assessor will contact the HIS and determine which sites should be visited and when. Site visits will take one or more days, depending on the size and complexity of the HIS. This will be agreed between the assessment team and the HIS in advance of the site visit. An aggregate of two-three days would normally be required for each assessment per member of the assessment team, taking into account examination of evidence prior to a visit, a site visit and report writing. The HIS is required to provide a suitable venue for the onsite visit, ensuring that the assessment team has access to the systems and evidence that will be reviewed. The venue should have appropriate and safe space for the assessment team to work in and conduct interviews. This will normally require meeting room(s) with table(s) and power outlets for laptops. 6

8 4. Assessment outcome In most cases the assessment team will inform the HIS of the proposed assessment outcome at the end of the onsite visit. In exceptional circumstances, extra time known as an improvement period may be allowed after the assessment visit to enable the HIS to provide additional evidence to demonstrate compliance. If this is the case, the assessment team will discuss the arrangements with the HIS at the time of the assessment. The assessment team do not award accreditation, but will make recommendations to the DNV Healthcare Accreditation Board based on their findings Accreditation decision The DNV Healthcare Accreditation Board will make the final decision on granting or withholding HIS Accreditation. There is a clear separation between the processes of assessment and accreditation which operate independently of each other. The Accreditation Board receives and reviews assessment report provided by the assessment team after the HIS has been through the assessment process. Assessors may be invited by the Accreditation Board to respond to any queries, but do not participate in the decision-making process regarding the award of accreditation. The final decision will be sent to the HIS and it will have an opportunity to appeal the Accreditation Board s decision or any associated findings for a period of 20 working days following receipt of the report. The Accreditation Board s decision on the HIS s appeal shall be final (please see Section 7.3 for further information on raising concerns). A minimum of two Accreditation Board members will be required to approve/withhold accreditation of a HIS. The members reviewing the report and recommendations will have the following qualifications: Knowledge of processes/functions within the healthcare setting Experience in a leadership and/or informatics role within the healthcare setting Knowledge of the HISA standards and accreditation process It is not necessary for each member to have all qualifications but all requirements listed above will be covered by the members conducting the review. The committee has clear terms of reference which will be reviewed on an annual basis. If the Accreditation Board approves accreditation, the Certificate will be issued to the HIS. If the Accreditation Board does not approve accreditation the reasons will be documented in writing and sent to the HIS. Accreditation will last for a period of 36 months from the decision date Managing impartiality DNV shall not accredit HIS organisations where DNV has provided informatics services consultancy within the last two years and will not provide consultancy services to DNV accredited organisations if these services are directed towards maintenance or development of the accredited system. Moreover, DNV shall not include members of the assessment team that have assisted the HIS in preparation for the assessment (outside of the defined support allowed for the accreditation process), or otherwise served in the capacity as a consultant or as a former or current employee of the HIS within the last four years. 7

9 4.3. Support As well as each HIS being issued with contact details for the DNV healthcare support team, an accreditation support package will be provided which will include: HIS accreditation manual (this document) Documents and support products Dedicated enquiry box E-communications on key developments Additional guidance and FAQ documents in response to informatics services learning needs In addition to the above, education workshops can be provided at an additional cost if required. 8

10 5. Planning for the assessment 5.1. Contact with the assessment team Each HIS will be issued with contact details for the DNV healthcare support team who will be able to assist with queries relating to the accreditation process. They will also be able to pass on any queries relating to interpretation of the standards to the assessment team HIS staff preparation It is assumed that responsibility for the assessment will rest with the executive director responsible for the HIS within the organisation. The executive director or delegated contact person should make sure that all staff involved are fully briefed on the purpose of the assessment, their specific role, and the role of the assessment team. Whilst responsibility for coordinating the assessment will normally rest with the executive director, we would recommend that a team is identified and assigned with responsibility for assessment preparation. Experience tells us that those organisations that perform well at accreditation assessments have assigned standard leads who are responsible for self-assessments, collating evidence and addressing any shortfalls Self-assessment and action planning The HIS should undertake a thorough and honest pre self-assessment against the standards. Throughout this process, the HIS should collate the necessary evidence in support of the selfassessment. This will enable the HIS to identify any gaps in evidence or any particular areas of noncompliance against the standards. Having identified any gaps, the HIS is then advised to develop an action plan with realistic timescales and designated responsibilities for taking those actions forward. Once the HIS is satisfied that it can achieve compliance, the completed self-assessment tool and evidence must be submitted to DNV for review as part of the assessment process; please see section 5 for further information Gather evidence The guidance for each standard provides examples of documents the HIS might use to evidence its compliance with that standard. In addition, the HIS might cite compliance with other standards or schemes (such as BSI British Standards, ISO standards, SOCITM ICT best practice, NHS Infrastructure Maturity Model (NIMM) and ITIL best practice for IT service management). The onus is on the HIS to demonstrate compliance with the standards and to highlight the relevant evidence to the assessment team. The time available for the assessment will not permit the assessment team to search for evidence. During the process of gathering evidence, the HIS should also identify staff members who may need to be interviewed during the onsite assessment. This will be agreed with the lead assessor, following review of the evidence off-site. 9

11 6. Assessment process 6.1. The steps to assessment and accreditation Step 1: The accreditation process begins when the HIS completes and submits the section 1 information (Service Description Sheet see Appendix 2) to dnvhealthcare@dnv.com. This should be completed and submitted as soon as the decision has been made to apply for accreditation. Step 2: Upon receipt of the completed Service Description Sheet and within ten working days, DNV will review the information and provide the HIS with an Accreditation Proposal using a fee structure that is based on the HIS s complexity and the services it provides. Step 3: The Applicant HIS, following agreement with the proposal, will then inform dnvhealthcare@dnv.com as soon as possible that they intend to go forward for accreditation. Within five working days of notification of the acceptance of the proposal, DNV will send the applicant organisation a contract that must be signed by the applicant organisation and returned to dnvhealthcare@dnv.com. Step 4: Once the signed contract has been returned, DNV will contact the HIS within five working days to agree a date for the submission of the self-assessment, and a date for the onsite visit. Step 5: Within five days of agreeing upon a date for the submission of the self-assessment, DNV will provide the HIS with a confirmation letter, self-assessment tool and instructions for evidence submission. Any queries with regards to the self-assessment tool or evidence submission should be directed to the dnvhealthcare@dnv.com. Step 6: The HIS need to complete a self-assessment using the self-assessment tool provided. Evidence in support of the self-assessment must also be gathered and collated as part of this process. The HIS is advised to allow sufficient time to undertake the self-assessment and take any remedial actions in advance of the final submission. Step 7: The HIS need to upload the completed self-assessment tool and relevant evidence in accordance with the instructions that DNV provide. It is important that this is available for the assessment team to review on the agreed date, therefore the HIS should ensure that this step is completed in advance of the agreed assessment date. Step 8: The assessment team will complete the off-site evidence review and plan the onsite visit according to findings. The lead assessor will contact the designated lead for the HIS and discuss any additional evidence that will be required for review, who will need to be interviewed, which areas or sites will be visited and any other general points that may have arisen as a result of the off-site review. Step 9: The assessment team will complete the onsite visit on the agreed date and give verbal feedback to the informatics service at the end of the visit. Further information on the onsite visit is outlined below. 10

12 Step 10: This step is only applicable if an improvement period has been granted. Any improvement period will be discussed and agreed at the onsite visit. The HIS must complete the remedial actions and ensure that these are submitted for review to the assessment team by the agreed date (no more than six weeks). All further evidence must be submitted electronically. The lead assessor will provide feedback to the HIS within five working days. Step 11: Within twenty working days of the onsite visit (or submission of additional evidence following an improvement period), the assessment team will draft a report in which recommendations will be made in relation to whether or not accreditation should be awarded. This will be submitted to the Accreditation Board for a decision. Step 12: Within five working days of receipt of the draft report, the Accreditation Board will make a decision as to whether accreditation will be awarded or not. Step 13: This decision will be communicated to the HIS within five working days of the decision; a formal report and accreditation certificate (if applicable) will sent to the informatics service. The report will contain an overview of strengths and weaknesses, which may be used as the basis for continuous improvement. The report will be sent to the named executive director for the HIS and copied to the designated lead (if different) The assessment team The assessment team will comprise expert assessors allocated to the HIS undergoing assessment. Each team will have a lead assessor and usually one or two additional assessors (depending on the size of the organisation). The lead assessor will: Ensure that the assessment team keeps to schedule, covers the full scope of the assessment and thoroughly explores key lines of enquiry with appropriate informatics service staff and customers; Ensure that each reviewer assesses evidence independently and reaches a consensus with colleagues; Handle any concerns raised either by the HIS or the assessment team; e.g. on interpretation of standards, process or an administrative matter; Ensures relevant documentation and reports are completed. The assessors will: Review the HIS self-assessment and its supporting evidence; Conduct a site visit to validate the self- assessment and explore key lines of enquiry through semi-structured interviews, personal observation and assessment of any additional evidence provided during the visit; Complete relevant documentation and reports. All members of the assessment team complete a confidentiality agreement and undergo appropriate training in preparation for their roles. 11

13 6.3. Assessment team arrival The assessment team will normally enter your organisation together. Upon arrival, the assessors will meet with the delegated contact person for the HIS. This person should be available throughout the onsite visit to coordinate the assessment Opening meeting The assessment team will hold a short opening meeting with the HIS. Please limit attendees to a maximum of six representatives, which should ideally include the executive director for the HIS. The meeting will cover the following: An explanation of the purpose and scope of the assessment; An introduction to the assessment team, the general areas that each will be responsible for and the various documents that they may request to see; Clarification of all areas and locations of the HIS that may be visited; Information on the names, locations and telephone numbers of key staff to whom any questions should be addressed; The approximate time, location and possible attendees of any meetings to be held during the assessment; Proposed times for meeting with senior staff from the HIS during the assessment and at the closing of the assessment. 12

14 7. The assessment The objective of the assessment is to determine if a HIS is compliant with the standards. The outcome will be based on evidence provided for review during the assessment period, unless an improvement period is granted During the assessment The assessment team will normally be accompanied by the HIS staff as the assessment is conducted. In instances where the evidence provided by the HIS has not provided sufficient assurance, the assessment team may seek further documentary evidence or additional interviews with relevant staff. To enable the assessment team to determine an assessment outcome, the HIS will be required to submit requested additional evidence well in advance of the scheduled closing meeting at the end of the assessment What will be assessed? Documents reviewed should be in current use, up to date and reflective of current practice. They may be in paper format or electronic. The list below is an example of the types of evidence the assessment team will expect to review, but is not exhaustive. Organisation s documentation o Types of documents to be reviewed include service level agreements, policies, procedures, guidelines, minutes of meetings, etc. HIS systems o Service level agreement(s) o License management procedures o Service management reports o Service delivery procedures covering o Service desk o Incident management o Problem management o Change management o Release management o Configuration management o Business continuity/it Disaster Recovery Plan o Networking policy and infrastructure diagram o NHS Infrastructure Maturity Model (NIMM) reports o Telecommunications policy o Copy of any accredited management systems certification covering the HIS, e.g. ISO/IEC :2011 certification Training/HR records o Training database and/or records to determine if staff have completed the appropriate training o Human Resources systems to ensure that there is a robust process for recruitment/managing staff Observations o The assessment team will want to visit relevant areas of the HIS to review evidence in practice. This will be agreed at the start of the assessment during the opening meeting; any disruption to staff at work will be kept to an absolute minimum 13

15 Interviews o Informal interviews will be conducted throughout the assessment o The assessors will use the information obtained to determine what additional observations, interviews or documents may be needed o Telephone interviews can be conducted if necessary, but the preference is for in-person interviews wherever possible Analysis of findings Before the closing meeting, the assessment team will meet to review their findings. The purpose for this meeting is to discuss findings, review and analyse all information collated from observations, interviews and documentation reviews, and to determine whether or not the HIS meets the requirements set out in the standards Closing meetings A closing meeting is held at the end of the assessment to enable the assessment team to present their findings. Normally the team will be able to inform you of the outcome at the end of the assessment visit. On some occasions this may not be possible and it may be necessary for the assessment team to review their findings with colleagues to ensure consistency The lead assessor is responsible for the closing meeting and will determine who will present the findings. The HIS should decide which staff they want to attend the closing meeting, and should limit attendees to a maximum of six, unless express agreement has been granted to extend this number by the assessment team. The HIS should ensure that the executive director attends wherever possible What happens if compliance cannot be demonstrated? In some situations it may be that the assessment team considers it appropriate to allow an improvement period of up to six weeks; this could be useful for example where there are minor issues that can quickly be sorted out, but that would otherwise result in non-compliance. The assessment team will discuss this option if it is deemed appropriate with the HIS team at the time of the assessment, including timescales and responsibilities. An improvement period is not an automatic right, but will depend on the findings of the assessment team and the number and severity of the issues identified. Where an improvement period is granted, the evidence must be submitted electronically by the agreed date. The lead assessor will provide feedback to the HIS within five working days How soon can a HIS reapply for accreditation if they are non-compliant? Where a HIS has not been successful in achieving accreditation, it must wait for a period of six months before reapplying. 14

16 8. After the assessment 8.1. Assessment report The assessment team will draft a report including its recommendations, and this will be submitted to the Accreditation Board within 20 working days of the onsite visit (or within 20 working days following submission of evidence where an improvement period was granted). Within five working days of receipt, the Accreditation Board will make a final decision whether or not to award accreditation. The final report and accreditation certificate (where applicable) will then be sent to the HIS within five working days of the Accreditation Board s decision Sharing your assessment results The HIS is advised to wait for the final report from DNV before sharing assessment results outside of the HIS. DNV will post details of those HIS s that have achieved accreditation on their website, unless the HIS specifically requests otherwise Raising concerns If you have any concerns about the assessment or report, these should be raised with the lead assessor or the DNV Head of Operations as soon as possible and no later than 20 working days after the receipt of the report. Please note that it will not be possible to make any additions to the report. If your concerns are not resolved or you feel that the assessment outcome is unjust, you may refer the matter to tracy.mundell@this.nhs.uk Your feedback DNV, as part of its commitment to the provision of a quality service aims to gather feedback on the services provided. Any HIS that goes through an assessment against the standards will be invited to complete a web based survey. Feedback from the survey will be used to continuously inform the development and ongoing quality of the assessment process. Once the HIS has received the accreditation certificate, the assessment results can be shared as the HIS sees fit. It is advisable to await the final decision from the Accreditation Board, irrespective of the assessment team s findings and feedback at the end of the assessment. 15

17 Appendix 1 HIS Accreditation Timeline Summary 1. The HIS will complete Section 1 information (service description sheet) and send to dnvhealthcare@dnv.com As soon as possible 2. DNV will draft proposal using the information provided in the service description DNV will send the proposal to the HIS within 10 working days of receiving the Section 1 information 3. Following proposal agreement, DNV will send a contract to be signed by the HIS to be returned to dnvhealthcare@dnv.com DNV will send contract within 5 working days following proposal agreement 4. Following signed contract, DNV will contact the HIS to agree date for evidence submission and date for on-site visit DNV will agree dates with the HIS within 5 working days of receiving the signed contract 5. DNV will send a confirmation letter, self-assessment tool and instructions for evidence submission to the HIS DNV will send the information and instructions within 5 working days of agreeing dates 6. The HIS will complete a self-assessment using the self-assessment tool and identify and collect relevant evidence In advance of the agreed date for evidence submission 7. The HIS will upload the completed self-assessment tool and evidence as per instructions The HIS must upload the tool and evidence before the agreed date for evidence submission 8. The assessment team will complete off-site evidence review and plan onsite visit according to findings DNV will complete off-site review before on-site visit 9. The assessment team will complete onsite visit and give verbal feedback to the HIS at the end of the visit Onsite visit completed on agreed date 10. If compliance with the standards has not been achieved and remedial actions can be completed within a short time an improvement period (of up to 6 weeks) will be offered to address non-compliant areas Additional evidence submitted electronically. Feedback will be provided within 16

18 5 working days of receipt. 11. The assessment team will draft the formal report and make a recommendation to the Accreditation Board Within 20 days of on-site visit 12. Decision made by accreditation board Within 5 days of receipt of report 13. Formal report and accreditation certificate (if applicable) sent to the HIS Within 5 working days of board s decision 17

19 Appendix 2 Service Description Sheet Health Informatics Service Accreditation SECTION 1 Service Description The service description provides contextual information about the informatics service and will not be assessed. Please complete the information below. This will inform the allocation of time and resources needed for accreditation against the Health Informatics Service Accreditation Standard. In addition to the information provided below, the following documents are also required. Service Catalogue Service Schedule Organisation Chart Information Requirements Full name of the informatics service and, if relevant, its host organisation: Informatics service address: Name and contact details of the Director or Head of Service for the informatics service: Name and contact details of the point of contact within the informatics service for accreditation: Name: Phone: Name: Phone: 18

20 Information Requirements Indicate the categories of services provided: Total income passing through the Informatics service account: Total income is an indicator of service size and should recognise the annual income value, whether this is a series of income streams from several customers or an allocated budget for an internally-provided service. The total number should relate to annual turnover; i.e. recurrent revenue. Capital should not be included. Number of customer organisations the Informatics service supports. A customer is an agency that negotiates with the informatics service and purchases its services, and may choose between different suppliers. This refers to separate organisations rather than, e.g. different divisions or departments in a hospital trust. 1. ICT 2. Information Governance 3. Medical records 4. Library 5. Knowledge Management 6. Information Management 7. Telecommunications 8. Clinical Coding 9. Training 10. Data Management & Integration Centre (DMIC) 11. Business Intelligence (BI) 12. Other (please describe) A - Less than 499,999 B - 500, ,999 C - 1, ,999,999 D - 5,000,000 9,999,999 E - More than 10,000,000 A - One B - 2 C D E - More than 10 19

21 Information Requirements Total number of sites supported by the Informatics service. Number of discrete physical sites covered: A site is a building or set of buildings with a name that clearly separates them from other buildings or sets of buildings with a name. For example, a foundation Trust running South Town University Hospital and North Town Hospital would count as two sites. A Pathology building and a Physiotherapy building on the same hospital site would count as one. Count a GP practice as one site. Total number of service users: Those who use the services purchased by the customer from the informatics service. Number of service users in customer organisations with an account, including service users supported by an in-house service. A - Fewer than 29 B C D E - More than 300 A - Fewer than 999 B C D - 10,000-19,999 E - More than 20,000 Total number of staff working for the Informatics Service. A - Fewer than 29 Please indicate the areas in which the staff work (e.g. ICT, information management, training, etc.): If relevant, please indicate the approximate split between Data Management & Integration Centre and Business Intelligence: Has a self-assessment against the HISA standards been completed? If not please indicate when this will be done. Please indicate when you would wish to undergo formal assessment against the HISA standards. B C D E - More than