Privacy/Confidentiality: Difference between revisions

Jump to navigation Jump to search
no edit summary
No edit summary
No edit summary
Line 35: Line 35:
<big>'''Privacy, Confidentiality and Security of Patient and Proprietary Information Policy'''</big><br /><br />
<big>'''Privacy, Confidentiality and Security of Patient and Proprietary Information Policy'''</big><br /><br />
== Basis for Policy ==
== Basis for Policy ==
Nebraska Medicine/UNMC implements reasonable and appropriate access controls in alignment with National Institute of Standards and Technology (NIST) standards and guidance to maintain the minimum necessary access. NIST Special Publication 800-53 and the HIPAA Security Rule outline considerations for the access control family of security controls.   
Nebraska Medicine/UNMC implements reasonable and appropriate access controls in alignment with National Institute of Standards and Technology (NIST) standards and guidance to maintain the minimum necessary access. [https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST Special Publication 800-53] and the [https://www.cdc.gov/phlp/publications/topic/hipaa.html#security-rule HIPAA Security Rule] outline considerations for the access control family of security controls.   
== Policy ==
== Policy ==
It is the policy of Nebraska Medicine/UNMC to maintain strict confidentiality and security of protected health information (PHI) and proprietary information.
It is the policy of Nebraska Medicine/UNMC to maintain strict confidentiality and security of protected health information (PHI) and proprietary information.
Line 138: Line 138:
*[http://info.unmc.edu/wiki/index.php/Faculty_Handbook UNMC Faculty Handbook: Operating Procedures]
*[http://info.unmc.edu/wiki/index.php/Faculty_Handbook UNMC Faculty Handbook: Operating Procedures]
*[http://catalog.unmc.edu/general-information/ Student Handbook]
*[http://catalog.unmc.edu/general-information/ Student Handbook]
*[https://aspe.hhs.gov/report/health-insurance-portability-and-accountability-act-1996 Health Insurance Portability and Accountability Act of 1996] (HIPAA)
*[https://www.cdc.gov/phlp/publications/topic/hipaa.html Health Insurance Portability and Accountability Act of 1996] (HIPAA)
*[https://www.cdc.gov/phlp/publications/topic/hipaa.html#security-rule HIPAA Security Rule]
*[http://www.ftc.gov/privacy/privacyinitiatives/glbact.html Gramm-Leach-Bliley Act] (GLBA)
*[http://www.ftc.gov/privacy/privacyinitiatives/glbact.html Gramm-Leach-Bliley Act] (GLBA)
*[http://www.ed.gov/offices/OM/fpco/ferpa/index.html Family Educational Rights and Privacy Act] (FERPA)
*[http://www.ed.gov/offices/OM/fpco/ferpa/index.html Family Educational Rights and Privacy Act] (FERPA)
Line 152: Line 153:
*[https://www.unmc.edu/vcr/about/research-handbook-web.pdf Research Handbook]
*[https://www.unmc.edu/vcr/about/research-handbook-web.pdf Research Handbook]
*[http://www.unmc.edu/irb/ Institutional Review Board Guidelines]
*[http://www.unmc.edu/irb/ Institutional Review Board Guidelines]
*[https://csrc.nist.gov/publications/detail/sp/800-171/rev-1/final Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations]
*[https://csrc.nist.gov/Projects/protecting-controlled-unclassified-information/sp-800-171 Protecting Controlled Unclassified Information (CUI)
*[https://csrc.nist.gov/publications/detail/sp/800-53/rev-4/final Security and Privacy Controls for Federal Information Systems and Organizations]  
*[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final Security and Privacy Controls for Information Systems and Organizations]  


This page maintained by [mailto:dpanowic@unmc.edu dkp].
This page maintained by [mailto:dpanowic@unmc.edu dkp].

Navigation menu