|
|
|
|
|
All health and governmental organizations should have
administrative and physical security policies and procedures in place
regardless of whether they are using the Internet to collect or transmit
healthcare or other sensitive information. Most healthcare and other
sensitive data are regulated by standards for compliance, such as HIPAA,
the Health Insurance Privacy Act. Under most of these standards, the
following are required:
- Administrative Policies
such as a Security Policy, Disaster Recovery Policy, and Tape Backup
Rotation Policy
- Procedures to ensure that
staff are familiar with the policies and their requirements to follow
them.
- Physical safeguards such as
access control and environmental controls for data servers and PCs.
- Electronic safeguards such
as access control, password protection via password rotation policies,
auditing, and other logical control measures.
We can
help you establish these services, if you have not done so already. Our
comprehensive security and disaster recovery package is available. Simply
fill out the request form.
|
|
|
|
|
|
|
|
