Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revision Both sides next revision | ||
|
administrative_security [2016/06/20 22:42] jillian_nadette_de_leon |
administrative_security [2016/06/21 00:44] jillian_nadette_de_leon |
||
|---|---|---|---|
| Line 4: | Line 4: | ||
| //Policies and Procedures//\\ | //Policies and Procedures//\\ | ||
| * Privacy and security policies must be documented, maintained and updated as appropriate, and retained for at least 6 years. \\ | * Privacy and security policies must be documented, maintained and updated as appropriate, and retained for at least 6 years. \\ | ||
| + | * Health care providers shall clearly define access rights and user roles of staff to ensure that only appropriate people have access to the minimum necessary protected health information. The health care provider shall create policies and procedures to specify the groups and positions that need to access health information to perform their job responsibilities, as well as the type of health information to which they need access. The Chief of Health Facility shall issue a memorandum containing the list of names and information stated in the preceding statement and a copy shall be furnished to the DOH central office.\\ | ||
| * An orientation regarding privacy and security policies shall be done for all employees in the health facility with great emphasis to the information security personnel.\\ | * An orientation regarding privacy and security policies shall be done for all employees in the health facility with great emphasis to the information security personnel.\\ | ||