2,654
edits
Privacy/Confidentiality: Difference between revisions
no edit summary
No edit summary |
No edit summary |
||
| Line 35: | Line 35: | ||
<big>'''Privacy, Confidentiality and Security of Patient and Proprietary Information Policy'''</big><br /><br /> | <big>'''Privacy, Confidentiality and Security of Patient and Proprietary Information Policy'''</big><br /><br /> | ||
== Basis for Policy == | == Basis for Policy == | ||
Nebraska Medicine/UNMC implements reasonable and appropriate access controls in alignment with National Institute of Standards and Technology (NIST) standards and guidance to maintain the minimum necessary access. NIST Special Publication 800-53 and the HIPAA Security Rule outline considerations for the access control family of security controls. | Nebraska Medicine/UNMC implements reasonable and appropriate access controls in alignment with National Institute of Standards and Technology (NIST) standards and guidance to maintain the minimum necessary access. [https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST Special Publication 800-53] and the [https://www.cdc.gov/phlp/publications/topic/hipaa.html#security-rule HIPAA Security Rule] outline considerations for the access control family of security controls. | ||
== Policy == | == Policy == | ||
It is the policy of Nebraska Medicine/UNMC to maintain strict confidentiality and security of protected health information (PHI) and proprietary information. | It is the policy of Nebraska Medicine/UNMC to maintain strict confidentiality and security of protected health information (PHI) and proprietary information. | ||
| Line 138: | Line 138: | ||
*[http://info.unmc.edu/wiki/index.php/Faculty_Handbook UNMC Faculty Handbook: Operating Procedures] | *[http://info.unmc.edu/wiki/index.php/Faculty_Handbook UNMC Faculty Handbook: Operating Procedures] | ||
*[http://catalog.unmc.edu/general-information/ Student Handbook] | *[http://catalog.unmc.edu/general-information/ Student Handbook] | ||
*[https:// | *[https://www.cdc.gov/phlp/publications/topic/hipaa.html Health Insurance Portability and Accountability Act of 1996] (HIPAA) | ||
*[https://www.cdc.gov/phlp/publications/topic/hipaa.html#security-rule HIPAA Security Rule] | |||
*[http://www.ftc.gov/privacy/privacyinitiatives/glbact.html Gramm-Leach-Bliley Act] (GLBA) | *[http://www.ftc.gov/privacy/privacyinitiatives/glbact.html Gramm-Leach-Bliley Act] (GLBA) | ||
*[http://www.ed.gov/offices/OM/fpco/ferpa/index.html Family Educational Rights and Privacy Act] (FERPA) | *[http://www.ed.gov/offices/OM/fpco/ferpa/index.html Family Educational Rights and Privacy Act] (FERPA) | ||
| Line 152: | Line 153: | ||
*[https://www.unmc.edu/vcr/about/research-handbook-web.pdf Research Handbook] | *[https://www.unmc.edu/vcr/about/research-handbook-web.pdf Research Handbook] | ||
*[http://www.unmc.edu/irb/ Institutional Review Board Guidelines] | *[http://www.unmc.edu/irb/ Institutional Review Board Guidelines] | ||
*[https://csrc.nist.gov/ | *[https://csrc.nist.gov/Projects/protecting-controlled-unclassified-information/sp-800-171 Protecting Controlled Unclassified Information (CUI) | ||
*[https://csrc.nist.gov/publications/detail/sp/800-53/rev- | *[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final Security and Privacy Controls for Information Systems and Organizations] | ||
This page maintained by [mailto:dpanowic@unmc.edu dkp]. | This page maintained by [mailto:dpanowic@unmc.edu dkp]. | ||