The Independent Health and Aged Care Pricing Authority (IHACPA) launched version 1 of its national Data Quality Framework on 9 October 2025, focusing on improving data governance across Australia’s health and aged care systems. The framework sets clear guidelines to ensure accuracy, consistency, and transparency in data collection, validation, transformation, and sharing processes. This initiative addresses ongoing challenges linked to fragmented systems and isolated data that obstruct transparency and accountability.
IHACPA has integrated the framework into its Three-Year Data Plan and Data Compliance Policy, requiring jurisdictions to demonstrate accuracy beyond Statements of Assurance and maintain thorough documentation of all data transformations. IHACPA establishes the national efficient price and cost for public hospitals and provides aged care pricing guidance to the government. This marks a significant step towards cohesive digital governance. The framework is a major transition from scattered datasets to a unified, secure, and dependable national data infrastructure.
IHACPA described the Framework as “structured into key elements of data quality principles, data quality definition, roles and responsibilities, quality assurance processes, enablers, systems and tools, and framework governance.” The Authority stated that these components “provide a consistent approach to data quality that can be applied across all data collections.”
Data governance overhaul
IHACPA is now in charge of all datasets, arranging them in a single system that follows the Public Governance, Performance, and Accountability Act and the National Health Reform Act. The organisation takes full responsibility for maintaining the integrity of data in the health and elder care sectors. The Corporate Plan and the Three-Year Data Plan integrate the Data Quality Framework, clearly defining roles, responsibilities, systems, and assurance processes. The IHACPA requires jurisdictions to adhere to consistent data specifications throughout the collection, validation, transformation, and utilisation processes.
It creates thorough audit trails for every transformation, including logic versions, thresholds, and remediation actions. Adherence links directly to the Data Compliance Policy and ensures continued access to Commonwealth funding. The authority now relies on more than just Statements of Assurance for evidence of accuracy. New requirements mandate detailed metadata, reporting on error rates, detecting anomalies, and providing a clear rationale for any exceptions. IHACPA holds the power to pursue independent evaluations or further reconciliations to guarantee data accuracy.
IHACPA confirmed that the consolidated national dataset serves as a single source of truth, highlighting its dedication to centralising and standardising data management across jurisdictions. The Authority plans to implement enhanced documentation standards and will carefully record all internal data transformations and decision-making processes. This governance model aims to enhance traceability, reduce data silos, and strengthen data stewardship across agencies.
Verified Data Integrity
IHACPA has strengthened its dedication to accuracy assurance by moving from Statements of Assurance to concrete and verifiable evidence. Jurisdictions must now deliver Data Quality Statements confirming their compliance with the Australian Hospital Patient Costing Standards. They are also required to submit cost and activity data that has undergone independent financial review. IHACPA’s national review confirms that most cost datasets are appropriate for their intended use.
However, it highlights the discrepancies caused by the COVID-19 pandemic, which affected data comparability. The Data Compliance Policy links submission timeliness, completeness, and accuracy, ensuring clear public reporting in line with the National Health Reform Agreement. This clarifies responsibilities for jurisdictions and ensures continuous oversight of national data integrity.
IHACPA integrates auditability across all lifecycle phases, requiring documented reconciliation of cost allocation methods, financial statements, and identified anomalies. The regulation requires the disclosure of error rates and triggers investigations when data strays from expected thresholds. Recent reforms significantly transform the landscape of accountability within digital government. Confidence in decisions related to policy and pricing strengthens when they are grounded in evidence. They strengthen data governance through the implementation of strong privacy measures, cybersecurity protocols, and cloud storage solutions that protect sensitive health information.
Check out: “Smarter data, stronger government services”
Secure data cloud
IHACPA has launched a Secure Data Management System (SDMS) on cloud infrastructure, enabling secure submissions from jurisdictions and ensuring they are retained under controlled conditions during analysis. It eliminates the risk of data leakage via portable media. The SDMS supports multi-factor authentication for access. It separates environments for data ingestion, staging, and final validated datasets. IHACPA enforces encryption both at rest and in transit as part of its Confidential Data Management Policy. It categorises data based on sensitivity rules and enforces role-based access.
IHACPA requires technical measures for audit logs that record all activities related to data, including submitting, changing, accessing, and sharing it. It sets clear standards for encryption compliance, mandates the retention of system logs, and outlines triggers for incident response. It employs secure Dropbox functionality and an online portal for data submission, automatically validating files against specifications before acceptance. Researchers must verify their identities, complete security training, and obtain approvals to access and release data.
IHACPA stated that “thresholds and remediation actions must be clearly documented”, aligning data governance with established quality controls.
Aligned data governance
IHACPA has set up a Secure Data Management System (SDMS) that works in the cloud, making it safe for jurisdictions to submit data and keeping it secure while it is analysed. It eliminates the risk of data leakage via portable media. The SDMS enables multi-factor authentication for access. It separates environments for data ingestion, staging, and final validated datasets. IHACPA enforces encryption both at rest and in transit as part of its Confidential Data Management Policy.
It classifies data based on sensitivity rules and applies access based on roles. IHACPA mandates technical controls for audit logs that track every action on data, including submission, transformation, access, and sharing. It sets thresholds for encryption compliance, retention of system logs, and triggers for incident response. The system employs secure drop box functionality and an online portal for data submission, automatically validating files against specifications before acceptance. Researchers must verify their identities, complete security training, and obtain approvals for data access and release processes.
Executive data mandate
IHACPA encourages CEOs, CIOs, and COOs across the public sector to:
- Integrate the IHACPA Data Quality Framework into enterprise risk management and governance processes. This will ensure consistent oversight of data accuracy, completeness, and accountability across all operational layers. Executives take charge of ensuring measurable data quality outcomes.
- Jurisdictional agencies must provide verified metadata, accuracy statements, and audit trails for all submissions. This strengthens transparency and enables leadership to respond to early signs of system or reporting failures.
- Implement standard data specifications and validation thresholds for all health and aged care datasets. This eliminates duplication, cuts down on rework, and enhances interoperability among digital systems.
- Implement independent review mechanisms to validate data and ensure accuracy, thereby strengthening integrity and maintaining confidence in the national datasets used for policy and pricing decisions.
- Implement privacy, cybersecurity, and cloud storage requirements into procurement and ICT policy to protect information and meet Australian Government standards.
- Link data quality performance to funding and performance reviews to drive continuous improvement. This encourages adherence and propels a shift in culture towards management grounded in evidence.
- Encourage cross-agency data collaboration to break down data silos and foster unified digital government practices. This approach enhances service design, boosts cost transparency, and strengthens public accountability.
The IHACPA Data Quality Framework sets a national standard for governing, validating, and sharing health and aged care data. It brings together technical, operational, and policy requirements across jurisdictions while integrating continuous assurance into national pricing and funding processes. The framework makes reporting easier and improves accountability for leaders by using clear management processes and linking performance to compliance.
The integration of cybersecurity, privacy, and cloud storage safeguards establishes a new standard for data integrity in the public sector. The next phase emphasises continuous reviews, automated validation processes, and enhanced data collaboration among government systems. Australia’s digital government reforms enable a reliance on consistent, transparent, and defensible data for health system funding, planning, and strategic policy development.
Public Spectrum is the first knowledge-sharing platform in Australia to embrace the entire public sector. This website is a platform where you can connect, collaborate, empower, inspire, and upskill with public sector professionals.
Latest
Popular