2,654
edits
Retention and Destruction/Disposal of Private and Confidential Information: Difference between revisions
Jump to navigation
Jump to search
Retention and Destruction/Disposal of Private and Confidential Information (view source)
Revision as of 15:24, August 29, 2022
, August 29, 2022no edit summary
mNo edit summary |
No edit summary |
||
| Line 35: | Line 35: | ||
<big>'''Retention and Destruction/Disposal of Private and Confidential Information Policy'''</big> | <big>'''Retention and Destruction/Disposal of Private and Confidential Information Policy'''</big> | ||
== Basis for Policy == | == Basis for Policy == | ||
Nebraska Medicine/UNMC implements reasonable and appropriate access controls in alignment with National Institute of Standards and Technology (NIST) standards and guidance to maintain the minimum necessary access. NIST Special Publication 800-53 and the HIPAA Security Rule outline considerations for the access control family of security controls. | Nebraska Medicine/UNMC implements reasonable and appropriate access controls in alignment with National Institute of Standards and Technology (NIST) standards and guidance to maintain the minimum necessary access. [https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST Special Publication 800-53] and the [https://www.cdc.gov/phlp/publications/topic/hipaa.html#security-rule HIPAA Security Rule] outline considerations for the access control family of security controls. | ||
==Policy== | ==Policy== | ||
1#It is the policy of the UNMC/Nebraska Medicine and its affiliated entities to ensure the privacy and security of confidential information in the maintenance, retention and eventual destruction/disposal of such media. All destruction/disposal of confidential information media will be done in accordance with federal and state law and pursuant to the [http://www.sos.ne.gov/records-management/schedule_170.html UNMC Record Retention Schedule]. Records that have satisfied the period of retention will be destroyed/disposed of in an appropriate manner. | 1#It is the policy of the UNMC/Nebraska Medicine and its affiliated entities to ensure the privacy and security of confidential information in the maintenance, retention and eventual destruction/disposal of such media. All destruction/disposal of confidential information media will be done in accordance with federal and state law and pursuant to the [http://www.sos.ne.gov/records-management/schedule_170.html UNMC Record Retention Schedule]. Records that have satisfied the period of retention will be destroyed/disposed of in an appropriate manner. | ||
| Line 114: | Line 114: | ||
*Contact the [mailto:infosecurity@unmc.edu Information Security Office] | *Contact the [mailto:infosecurity@unmc.edu Information Security Office] | ||
*Contact Director, Environmental Services, at 402-559-6118, '''(do you have a better number for them?)''' | *Contact Director, Environmental Services, at 402-559-6118, '''(do you have a better number for them?)''' | ||
*[mailto:rboldt@unmc.edu Recycling Coordinator] | **Contact Human Resources – Records at 402-559-8962 or Human Resources - Employee Relations | ||
*Contact [mailto:rboldt@unmc.edu Recycling Coordinator] | |||
*Contact [mailto:debrbishop@nebraskamed.com Privacy Officer] | *Contact [mailto:debrbishop@nebraskamed.com Privacy Officer] | ||
*Procedure No. 6056, [https://info.unmc.edu/its-security/policies/procedures/destruction-confinfo.html Destruction of Private and Confidential Information] | *Procedure No. 6056, [https://info.unmc.edu/its-security/policies/procedures/destruction-confinfo.html Destruction of Private and Confidential Information] | ||
| Line 121: | Line 122: | ||
*Radiology Dept. Policy, LR - 6.12, Retention/Disposal of Radiology Images | *Radiology Dept. Policy, LR - 6.12, Retention/Disposal of Radiology Images | ||
*“Contract Management Policy”) | *“Contract Management Policy”) | ||
*[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST Special Publication 800-53] | |||
*[https://www.cdc.gov/phlp/publications/topic/hipaa.html#security-rule HIPAA Security Rule] | |||
This page maintained by [mailto:dpanowic@unmc.edu dkp]. | This page maintained by [mailto:dpanowic@unmc.edu dkp]. | ||