RSS News Feed Feed Description

 

Sensitive Information Policy- now with HIPAA Audit Program Guide

 

Sensitive Information PolicyThis policy is easily modified and defines how to treat Credit Card, Social Security, Employee, and Customer Data.  The template is 22 pages in length and complies with Sarbanes Oxley Section 404, ISO17799 and HIPAA.

This policy applies to the entire enterprise, its vendors, its suppliers (including outsourcers) and co-location providers and facilities regardless of the methods used to store and retrieve sensitive information (e.g. online processing, outsourced to a third party, Internet, Intranet or swipe terminals). 

The HIPAA Audit Program Guide provides you with a checklist of the must be implemented items which HIPAA mandates. 

You can download the Table of Contents and some sample pages by clicking on the link below.

 

 

 

 

Other Policies

 

Internet, E Mail and Electronic Communication Policy - This policy is twenty-three (23) page in length, is compliant with all recent legislation (SOX, HIPAA, Patriot Act, and Sensitive information), and covers:

  • Appropriate use of equipment

  • Internet access

  • Electronic Mail

  • Retention of e-mail on personal systems

  • E-mail and business records retention

  • Copyrighted materials

  • Banned activities

  • Ownership of information

  • Security

  • Sarbanes-Oxley

  • Abuse

Included are ready to these ready to use forms:

  • Internet & Electronic Communication Employee Acknowledgement (short form)

  • E-Mail - Employee Acknowledgement (short form)

  • Internet Use Approval Form

  • Internet Access Request Form

 

Travel and Off-Site Meeting Policy - Protection of data and software is often is complicated by the fact that it can be accessed from remote locations. As individuals travel and attend off-site meetings with other  employees, contractors, suppliers and customers data and software can be compromised.  This policy is four page in length and covers:

  • Data and application security

  • Minimize attention

  • Shared public resources

  • Off-site meeting special considerations

 

Outsourcing Policy - This policy is seven page in length and covers:

  • Outsourcing Management Standard

    • Service Level Agreement

    • Responsibility

  • Outsourcing Policy

    • Policy Statement

    • Goal

  • Approval Standard

    • Base Case

    • Responsibilities
     

    Note: Look at the Practical Guide for Outsourcing over 110 page document for a more extensive process for outsourcing

 

Deep packet inspection under assault over privacy concerns
 Bell, apparently sensitive to such concerns, has made clear in its own responses to the network neutrality proceeding that its DPI gear looks at packet headers and traffic flows as a means of identifying various applications and ... more info

Less Alphabet Soup, Maybe, but Less Transparency
 Back in January we wrote about the pending new rules for federal agencies for control of information considered sensitive but not classified. We were told that the purpose of the new policy was to ease information-sharing between ... more info

For a Public Information Office
 If the press have to get the State’s side of the story from one person, or one office, they probably won’t get it. A policy against line prosecutors talking to the press will leave an information vacuum that the defense bar will be more ... more info

Debtor Audits in Bankruptcy Cases Resume Today
 The use of the Internet for communications with the firm will not establish an attorney-client relationship and messages containing confidential or time-sensitive information should not be sent. -  more info

“Free” as a verb
 Yesterday, the Free Government Information blog pointed out a new policy from the White House that ends the strange existence of documents that are “sensitive but unclassified” and replaces it with Controlled Unclassified Information ... more info

Secrecy News for 05/12/08
 Development of the CUI policy began with a December 16, 2005 memo from the President directing agencies to "standardize procedures for sensitive but unclassified information." Despite the passage of two and a half years, however, ... more info

Re: Plan to continue restriction on freedom in the US
 The White House last week issued a long-awaited policy on “controlled unclassified information” (CUI) to provide a uniform government-wide system for safeguarding unclassified information that is deemed sensitive. ... more info

travel and hotel information
 These items are not sensitive information, but they would be valuable if you needed them: Keep several various sized envelopes available to store these items safely. The name and contact information of your travel agent (if you used one ... more info

Guidance Software's New EnCase(R) Data Audit and Policy ...
 Solution Reduces Costs, Penalties and Reputational Risks Associated with Leakage of Personally Identifiable Information, Intellectual Property and Other Confidential Data. -  more info

Policy and Evaluation Programme - Health and Human Rights team
 All staff, whether paid or voluntary, will work collectively and individually within the terms and intentions of the Cultural Diversity and Equal Opportunities Policy to promote a constructive and sensitive approach to others from a ... more info

 

  

2008 Janco Associates, Inc. - ALL RIGHTS RESERVED --  Revised: 05/02/08.