Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
technical_safeguards [2016/05/27 13:00] jillian_nadette_de_leon |
technical_safeguards [2016/07/04 16:00] (current) jillian_nadette_de_leon |
||
---|---|---|---|
Line 1: | Line 1: | ||
##TECHNICAL SAFEGUARDS | ##TECHNICAL SAFEGUARDS | ||
- | **ACCESS CONTROLS**\\ | + | **A. Access Controls**\\ |
- | * Standard user IDs shall be given to each staff whose work entails the need to access or process heath information.\\ | + | Technical policies and procedures for electronic information systems that maintain electronic protected health information to allow access only to those persons or software programs that have been granted access rights:\\ |
- | * There shall be a three way process for authentication of users: something they know (password), something they have (secure token), and something they are (biometrics).\\ | + | |
- | * Multi-factor authentication shall be implemented, especially for admin and supervisory accounts. | + | |
- | * Passwords shall have the following characteristics: minimum of eight characters in length, have an upper case, lower case and special character in it.\\ | + | |
- | * The last user ID that logged in must not be displayed on the log-in screen.\\ | + | |
- | * There shall be an automatic screen or keyboard locking after 5 minutes of inactivity.\\ | + | |
- | //Leave of Absence// | + | I. Information access management (required)\\ |
- | * User IDs of employees/staff who are on extended leave of absence shall be disabled until they return for work.\\ | + | 1. Implementation specifications:\\ |
+ | (A) Isolating health care clearinghouse functions (required). If a health care clearinghouse is part of a larger organization, the clearinghouse must implement policies and procedures that protect the electronic protected health information from unauthorized access by the larger organization.\\ | ||
+ | (B) Access authorization (addressable). Policies and procedures for granting access to electronic health information such as access to a workstation, transaction, program, process or other mechanisms shall be implemented by the health facility. Guidelines on the access of health information are provided in Rule III (Access of Health Information) in the SOR.\\ | ||
+ | (C) Access establishment and modification (addressable). Based upon the access authorization policy of the data controller and/or data processor, policies and procedures on the establishment, documentation, review and modification of a user's rights to access a workstation, transaction, program or process shall be implemented.\\ | ||
+ | II. User identification (required). A process for unique user identification shall be made within a policy and procedure of the health facility.\\ | ||
+ | 1. Implement specifications: \\ | ||
+ | (A) There shall be a user name and/or number for identifying user identity throughout all levels of the organization.\\ | ||
+ | (B) User identity shall not be shared, delegated or assigned to a group or individual.\\ | ||
+ | (C) User identity that was previously used shall not be reused for new and/or existing users.\\ | ||
- | **DATA PROTECTION**\\ | + | III. Emergency Access Procedure (Required). Procedures for obtaining necessary electronic health information during an emergency.\\ |
- | * Data on many computer devices can be damaged by being moved, knocked or even when turned off. If there is a hard disk, the heads on the drive should be "parked" before moving the system to avoid destroying stored information (devices with solid state drives have a different system and are less vulnerable to movement).\\ | + | 1. Situations that may require emergency access shall be identified, defined, and described by health facilities.\\ |
- | * Due to the different variations of computers and types of connections, it is important to seize all the different cables and chargers for the seized equipment.\\ | + | 2. There shall be identification of authorized personnel who will need to access health information during emergency situations.\\ |
- | * Antivirus software must be loaded in every computer possible. The software needs to be configured regularly and automatically download updates for the latest threats. \\ | + | 3. Procedures for obtaining necessary health information during emergency situations shall be established and implemented.\\ |
- | * Complete back-ups of the system shall be done periodically- once a month or every few months.\\ | + | 4. Policies and procedures for governing access to health information shall be created.\\ |
- | * Back-up data tapes shall not be stored near a computer monitor or uninterruptible power supply-the electromagnetic interference coming from these devices can corrupt data on them or completely delete them.\\ | + | |
- | **CONFIGURATION MANAGEMENT** | + | IV. Automatic log-off (addressable). Implement electronic procedures that terminate an electronic session after a predetermined time of inactivity.\\ |
- | * It is important to document how the computer system is organized to know when and how to disconnect additional pieces of equipment such as telephone modems, auto-dialers, and printers from the system. Otherwise, important information can be lost.\\ | + | 1. A policy and procedure that governs how automatic log-off is used shall be created.\\ |
- | * There shall be a regular monitoring and maintenance of database and networks of health facilities to be conducted by the Database and Network administrator of the PHIE group.\\ | + | 2. A predetermined time shall be documented within the policy based on the application.\\ |
+ | V. Encryption and decryption (addressable). The method of converting an original message of regular text into encoded text using an algorithm.\\ | ||
+ | 1. For encryption in transit, the standard security technology shall be Secure Socket Layer (SSL) (addressable).\ | ||
+ | 2. Minimum requirement AES (Advanced Encryption Standard) 128\\ | ||
+ | 3. Encryption in storage TKE (Trusted Key Entry)\\ | ||
- | **POINTS TO CONSIDER**\\ | + | VI. Multi-factor authentication (addressable). Policy, operational, and technical mechanisms must be in place to use multi-factor authentication for those systems identified to have significant risk (e.g. servers, unified threat management, etc.)\\ |
- | * The minimum server configuration shall be specified.\\ | + | |
- | * Provide detailed and specific protocols on encryption (e.g. encryption of data at rest).\\ | + | |
- | (//Specific technical requirements should ideally be developed by DOST-ICTO.//)\\ | + | |
- | * Security features shall be incorporated in the system requirements.\\ | + | |
- | * HIS should only be for recording and record keeping, but access to the medical records should be under the MRS.\\ | + | |
+ | **B. Audit Controls**\\ | ||
+ | A record that shows who has accessed a computer system when it was accessed and what operations were performed.\\ | ||
+ | I. Recording of information (required). Recorded information must include, but is not limited to, unique user identified, date and time of use/access, location (if applicable).\\ | ||
+ | II. Audit Data Life Span (addressable). A policy shall be made by health facilities to specify the length of time the data must be stored and how it will be destroyed.\\ | ||
+ | III. Access to Audit Data (addressable). The Medical Records Officer alongside with the Privacy Officer shall be authorized to audit the shared health record. | ||
+ | |||
+ | **C. Integrity Controls**\\ | ||
+ | Protection of electronic health information from improper alteration or destruction. \\ | ||
+ | I. Implementation specifications:\\ | ||
+ | (A) Mechanism to authenticate electronic protected health information (addressable). Mechanisms to corroborate that electronic health information has not been altered or destroyed in an unauthorized manner shall be implemented.\\ | ||
+ | (B) Digital signatures (required). Digital signatures shall be used to identify authenticity of the entry in an electronic system.\\ | ||
+ | (C) Sum Verification (required) shall be used to determine if the input data matches the source data.\\ | ||
+ | (D) Anti-virus software (required). Computers shall have an Industry Standard Antivirus Software with automatic updates turned on. The software shall be configured regularly and automatically download updates for the latest threats.\\ | ||
+ | (E) Data storage encryption (required). Data storage and transmission shall be encrypted. For websites, https encryption shall be used. \\ | ||
+ | (F) Transmission encryption (required). Data transmission via wireless networks or the internet shall always be encrypted. \\ | ||
+ | (G) Proper Handling of Mechanical Components. Training on the proper use and handling of CPUs, Servers, flash drives, external hard drives shall be given to the user of electronic systems. (addressable)\\ | ||
+ | (H) Back-up components such as servers, flash drives, external hard drives shall be stored away from possible electromagnetic interference. (addressable)\\ | ||
+ | (I) Offline modes and Caching. Electronic systems shall have online and offline modes. (addressable)\\ | ||
+ | (J) Interface Integration of Information Systems. Data transmission from electronic medical records shall follow a standard for integration and interfacing to facilitate interoperability and data compatibility. (addressable)\\ | ||
+ | |||
+ | **D. Transmission Security**\\ | ||
+ | Technical security measures to guard against unauthorized access to electronic health information that is being transmitted over an electronic communications network shall be implemented.\\ | ||
+ | |||
+ | **E. Identity Authentication**\\ | ||
+ | Procedures to verify that a person or entity seeking access to electronic health information is the one claimed shall be implemented. Rule III (Access of Health Information) provides guidelines on authentication of access. \\ | ||
+ | |||
+ | **F. Storage Security**\\ | ||
+ | Implementation Specifications:\\ | ||
+ | (A) Data stored in portable data storage devices (e.g. Flash drive, portable hard drives, etc.) must be encrypted. | ||
+ | (B) Data stored in cloud storage services (e.g. Dropbox, OneDrive, Google Drive, etc.) must be encrypted. | ||
---- | ---- |