Health Information Bill FAQ

What is the Health Information Bill (HIB)?

The HIB is a regulatory framework introduced by Singapore’s Ministry of Health (MOH) to ensure the secure collection, storage, access, and sharing of health information. It establishes mandatory cybersecurity and data protection standards for healthcare providers to safeguard patient data and ensure care continuity.

Who must comply with the HIB?

Compliance with HIB is mandatory for the following:

  • Healthcare Services Act (HCSA) licensees.
  • Approved National Electronic Health Record (NEHR) users.
  • MOH entities, including Health Promotion Board (HPB) and National University Health System (NUHS).
  • Community care organisations and retail pharmacies.

What types of data are covered under the HIB?

The HIB applies to:

  • Administrative Data: Includes patient demographics, contact details, and service usage information.
  • Clinical Data: Covers diagnoses, treatment details, and physical or mental health conditions.

Does the HIB apply to non-digital systems like pen-and-paper setups?

Yes, even clinics using pen-and-paper systems are required to comply with HIB guidelines, as data protection requirements apply universally.