For HeartAI delivery and management of operationally-ready services, there is an expectation that these services may have an impact and influence with business and clinical decision-making. To maintain assurance that HeartAI service provision can provide a high-level of service delivery, and to be responsive to the possibility of increasing complexity and evolving service demands, HeartAI must coordinate with clients, service partners, and governance authorities to define and provide rigorous service assurances. These should include formal documentation for service provision and engagement, and suitably maintain robustness with organisational, operational, and technical service delivery.
1.1. HeartAI provides a variety of operationally-ready services, products, and technologies. There is a potential that these services may impact business and clinical decision-making, in an environment of increasing complexity and responsibility. It is imperative that HeartAI provides a high-level of service assurance and maintains responsibilities and obligations in these environments.
1.2. Formalisation of service assurance should occur as part of HeartAI service engagement. This formalisation should consider the specification of service-level roles and responsibilities, in addition to specified service-level agreements with clients, service partners, and governance authorities.
- In relation to service-level specifications and agreements:
2.1. When HeartAI engages with clients, service partners, and governance authorities, the parties should consider the nature of the service engagement, including the corresponding roles and responsibilities of each party. This should be documented and understood by the parties. This process should formalise service engagement before service progression and delivery. The following information should be specified through this process:
2.1.1. The nature of the service engagement, including the expected objectives, how the parties intend to achieve the objectives, and expected resourcing requirements.
2.1.2. The roles and responsibilities of each party, including how each party will manage these roles and responsibilities, the processes and policies governing the engagement of the parties, the reporting expectations and obligations of the engagement, and how the parties will respond to incidents and business continuity.
2.2. In addition to service engagement specification, HeartAI should provide and maintain an appropriate service-level agreement (SLA). This agreement should provide service-level expectations including:
2.2.1. The resourcing requirements to maintain service delivery, with reasonable estimations of organisational and operational administration and cost.
2.2.2. The expected service availability, including service uptime, failure rates, data integrity measures, and recovery mechanisms. Where applicable, this availability should be supported by corresponding service guarantees.
- In relation to the ongoing review of this policy:
3.1. This policy should be reviewed at least every 6 months. This review should assess the appropriateness of the existing policy, and should propose any modifications or extensions to the policy where needed.
3.2. Modifications or extensions to this policy should be reviewed and approved by corresponding governing authorities.
3.3. This policy welcomes suggestions and feedback.
- In relation to the governance and compliance of this policy:
4.1. This policy must be understood and agreed to by HeartAI administrators and developers before the approval of access to HeartAI platform components.
4.2. Where this policy does not provide a specification to, or conflicts with, a mandated SA Health or SA Government policy, the existing SA Health or SA Government policy will take precedence. HeartAI administrators will resolve policy deficits by approved modification or extension to HeartAI policy.
4.3. HeartAI administrators are responsible for ensuring that this policy is compliant with SA Health and SA Government policies.