RSS News Feed Feed Description

Sensitive Information Policy- now with HIPAA Audit Program Guide

 

Sensitive Information PolicyThis policy is easily modified and defines how to treat Credit Card, Social Security, Employee, and Customer Data.  The template is 22 pages in length and complies with Sarbanes Oxley Section 404, ISO17799 and HIPAA.

This policy applies to the entire enterprise, its vendors, its suppliers (including outsourcers) and co-location providers and facilities regardless of the methods used to store and retrieve sensitive information (e.g. online processing, outsourced to a third party, Internet, Intranet or swipe terminals). 

The HIPAA Audit Program Guide provides you with a checklist of the must be implemented items which HIPAA mandates. 

You can download the Table of Contents and some sample pages by clicking on the link below.

 

 

 

 

Other Policies

 

Internet, E Mail and Electronic Communication Policy - This policy is twenty-three (23) page in length, is compliant with all recent legislation (SOX, HIPAA, Patriot Act, and Sensitive information), and covers:

  • Appropriate use of equipment

  • Internet access

  • Electronic Mail

  • Retention of e-mail on personal systems

  • E-mail and business records retention

  • Copyrighted materials

  • Banned activities

  • Ownership of information

  • Security

  • Sarbanes-Oxley

  • Abuse

Included are ready to these ready to use forms:

  • Internet & Electronic Communication Employee Acknowledgement (short form)

  • E-Mail - Employee Acknowledgement (short form)

  • Internet Use Approval Form

  • Internet Access Request Form

 

Travel and Off-Site Meeting Policy - Protection of data and software is often is complicated by the fact that it can be accessed from remote locations. As individuals travel and attend off-site meetings with other  employees, contractors, suppliers and customers data and software can be compromised.  This policy is four page in length and covers:

  • Data and application security

  • Minimize attention

  • Shared public resources

  • Off-site meeting special considerations

 

Outsourcing Policy - This policy is seven page in length and covers:

  • Outsourcing Management Standard

    • Service Level Agreement

    • Responsibility

  • Outsourcing Policy

    • Policy Statement

    • Goal

  • Approval Standard

    • Base Case

    • Responsibilities
     

    Note: Look at the Practical Guide for Outsourcing over 110 page document for a more extensive process for outsourcing

 

YFile - Strike toolkit: Coping with the labour dispute
 19, the Executive Committee of Senate issued a bulletin of Updated Information on Course Remediation. The notice advises that Wednesday, Nov. 19, was the 14th day of the strike. Senate policy deems that a disruption of 14 days means all ... more info

» VIDEO: Sibel Edmonds Documentary: Kill The Messenger ::: Patrick ...
 The FBI also intercepted related phone conversations between the Turkish Embassy and the Pakistani Embassy that revealed sensitive U.S. government information was being sold to the highest bidder. Grossman, who emphatically denies ... more info

Canada News Centre - SAVING JUST GOT A WHOLE LOT EASIER
 It is not recommended that sensitive personal information be transmitted electronically. Questions or comments regarding this policy, or the administration of the Privacy Act on the Canada Site may be directed to: ... more info

ICT Review: The Top Ten Data Security Myths
 It makes far more sense from financial, usability and availability standpoints to focus the most stringent security efforts on protecting the most sensitive information. Companies should define their data security strategies based on a ... more info

JFActivist: Disability Group Demands Seat at the Domestic Policy Table
 The integration of disability policy into other policies can threaten individuals and families affected by disabilities; there are no assurances that policy reforms will always be disability-sensitive and provide for reasonable ... more info

Identity Theft and Business: New Proposals in Iowa
 Open-records advocates generally agree that some sensitive information like credit card numbers should not be released. The problem arises if governments redact information such as dates of birth, addresses or other unique identifiers, ... more info

Freebies For Us » Blog Archive » Free Birthstone
 When our registration/order form asks users to enter sensitive information (such as credit card number), that information is encrypted and is protected with the best encryption software in the industry - SSL. While on a secure page, ... more info

Michelle Malkin » The GOP’s Grover Norquist problem and the RNC debate
 Umm, Isn’t the routing number and account number on those checks sensitive information which a thief could use to access the account? It seems to me that they should be blurred out. #15. On January 5th, 2009 at 1:42 pm, Ed Mahmoud abu ... more info

Privacy Lives » Blog Archive » Events of Interest: American ...
 Ensure compliance with the latest FTC rules on identity theft and affiliate-marketing; Protect sensitive information in the hands of third parties through effective vendor management; Develop a comprehensive international privacy ... more info

West Seattle Blog… » Pres.-elect Obama issued the call, West ...
 While privacy concerns were raised, it was also suggested “the sensitive information gets shared anyway.” Coverage equality also came up. As Mick put it, “Why should ANYBODY have better insurance than anyone else? ... more info

 

  

  2001 - 2009 Janco Associates, Inc. - ALL RIGHTS RESERVED --  Revised: 12/20/08.