Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Last revision Both sides next revision | ||
|
physical_security [2016/03/16 18:09] jillian_nadette_de_leon |
physical_security [2016/06/15 15:34] jillian_nadette_de_leon |
||
|---|---|---|---|
| Line 7: | Line 7: | ||
| //Applications.// Only applications for the hospital information system shall be installed in the computer system. Other applications, most especially social media applications are strictly not allowed. | //Applications.// Only applications for the hospital information system shall be installed in the computer system. Other applications, most especially social media applications are strictly not allowed. | ||
| - | //Computer loss.// In case of computer loss, the accounts in the computer system shall be reset and deactivated until it is retrieved or reported. | ||
| **SERVERS**\\ | **SERVERS**\\ | ||
| - | *The health facility shall provide a designated area for the housing of servers/data centers. It shall be a separate area from the data collection and processing as well as from the IT office. The server room shall be marked as "Restricted" and shall only be accessible to authorized personnel. If the health facility cannot allot a space for the server room, at the minimum, a data cabinet shall be installed.\\ | + | *The health facility shall provide a designated area for the housing of servers/data centers. It shall be a separate area from the data collection and processing as well as from the IT office. The server room shall be marked as "Restricted" and shall only be accessible to authorized personnel. If the health facility cannot allot a space for the server room, at the minimum, a data cabinet shall be installed and restrictions in terms of access shall be provided.\\ |
| - | + | ||
| - | * For smaller health facilities or clinics, they may use cloud computing while bigger facilities use servers. \\ | + | |
| //IT Room.// The IT room shall only be accessible to authorized personnel and to personnel involved during quality assurance monitoring. A designated IT personnel shall be tasked to handle the servers.\\ | //IT Room.// The IT room shall only be accessible to authorized personnel and to personnel involved during quality assurance monitoring. A designated IT personnel shall be tasked to handle the servers.\\ | ||
| **OTHER DEVICES**\\ | **OTHER DEVICES**\\ | ||
| - | * Facility-registered electronic devices shall not be brought outside the hospital premises except under circumstances such as disasters and vaccinations. USB devices shall be limited to office use but as may be practical, shall not be used.\\ | + | * Facility-registered electronic devices shall not be brought outside the premises of the health facility except under circumstances such as disasters and vaccinations or unless otherwise approved by the head of the facility. USB devices shall be limited to office use but as may be practical, shall not be used.\\ |
| * Mobile devices used for job responsibilities are subject to audits even if an employee owns it.\\ | * Mobile devices used for job responsibilities are subject to audits even if an employee owns it.\\ | ||