Dec 22

Security compliance program: Four policies to help you out

Health and FitnessAdd comments

After your hospital has created an information security management process, you can go forth and create the rest of the policies that will help you comply with HIPAA security regulations.

In fact, hospital’s policies and procedures must reflect what your real operations are.

Are your basic security policies a chaotic jumble of specifications for individual regulations and requirements? Don’t let it be. You can organize your policies under these four fundamental security policies:

  • According to Jim Sheldon-Dean, director of compliance services with
    Lewis Creek Systems LLC, Information Security Management Policy focuses on three things, which are confidentiality, integrity and availability of information. Remember that confidentiality and availability are often in direct opposition, and need to be treated together. Your information security process should protect these three things.
  • According to Sheldon-Dean, Access Control Policy covers the mechanics of allowing and preventing access as appropriate, through administrative processes and technical measures including authentication, encryption, perimeter controls, etc.
  • Contingency Policy covers the essentials of data preservation, data destruction, and disaster recovery. Your contingency plan should come to your rescue in case of a disaster or emergency.So in case there’s fire in the computer room, you need to know where to start, so that you don’t have to build from ground zero. See to it that you at least have a telephone number to call someone who knows about it.
  • User Policy details the requirements of how individual users should and should not use their information devices and the hospital’s data.

    Since portable devices raise troubling issues, see to it that they are addressed clearly.

    • AddThis Social Bookmark Button


    This Article Has 12 views


    Advertisement Here


    Articlesland-- All Rights Reserved
    Entries RSS Comments RSS Log in