Information security policy issues to cover
Information security policy issues to cover
The following are key issues to cover in any policy designed to protect the security of patient records either paper or electronic as recommended by the Computer-Based Patient Record Institute in Schaumburg, IL:
• a statement of the hospital’s philosophy on the protection of information;
• a detailed list of patients’ rights in controlling the use of information about themselves, including their right to review the information, to correct it, to block its release, and to be notified when it is disclosed to others;
• protection of information about caregivers and employee records, similar to the protection given to patients but emphasizing the caregivers’ responsibility to protect information to which they have access;
• the privileges and obligations of researchers who use patient information, including the role of the institutional review board;
• how to comply with laws requiring release of information to public health authorities or for use in criminal or civil proceedings;
• policies on collecting and authenticating information, and on retaining or destroying business or patient records;
• a formal information security program;
• the responsibilities of all groups who have access to records;
• who may have access to different types of information and who has responsibility for verifying that the access is legitimate;
• a classification of information, according to how sensitive it is;
• ways to record the identity of people who have had access to the information;
• disaster recovery plans, in case the information is lost or destroyed;
• provisions for monitoring the implementation of the security program;
• penalties for unauthorized disclosures and security breaches;
• training on information security and awareness.
Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.