Information security 2008


Published on

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Information security 2008

  1. 1. Information Security <ul><li>Protecting Electronic Information is Everyone’s Responsibility </li></ul>
  2. 2. The HIPAA Security Rule <ul><li>Designed to protect Electronic Protected Health Information (EPHI) . </li></ul><ul><li>Three principles for protection of EPHI: </li></ul><ul><ul><li>Confidentiality (keeping it secret) </li></ul></ul><ul><ul><li>Integrity (keeping it from being improperly altered or destroyed) </li></ul></ul><ul><ul><li>Availability (making sure it is readily available to those who need it to perform their jobs) </li></ul></ul><ul><li>Administrative, technical and physical safeguards </li></ul><ul><li>Federal Law </li></ul><ul><li>Penalties (fines & imprisonment) </li></ul>
  3. 3. Plans & Policies to Protect EPHI <ul><li>Electronic Information Protection Plan </li></ul><ul><li>Technology Usage Policy </li></ul><ul><li>E-mail Usage Policy </li></ul><ul><li>HIPAA Information Security </li></ul><ul><li>Policies and Procedures </li></ul><ul><li>Progressive Discipline Policy </li></ul><ul><li>Required Annual Training </li></ul>
  4. 4. Your Role in Protecting Information <ul><li>Confidential logins/passwords </li></ul><ul><ul><li>Your Confidential Password is the First Line of Defense in Protecting Electronic Information! </li></ul></ul><ul><ul><li>Choosing a STRONG password. </li></ul></ul><ul><ul><ul><li>at least 6 characters </li></ul></ul></ul><ul><ul><ul><li>at least one number and one special character (non-alphabetic symbol) </li></ul></ul></ul><ul><ul><ul><li>at least one capital letter </li></ul></ul></ul>
  5. 5. Examples of a Strong Password MickeyMinniePlutoHueyLouieDeweyDonaldGoofySacramento 8 characters, 1 capital Mary had a little lamb! Why are you late? May I help you too? Phrase Mh@l1! Mihy2? Yrul8? Example Time I get up Engine size $1000 Instead of No. of pets England John 3:16 Instead of @5:30Am Cats+4 427Cu&quot; Eng1@nd 4X$250 John3:16 children My4kid$ first car #1Ford Derrick Thomas (Hief58 Tickler Use the first letters of each word in a phrase, adding a letter or a symbol... Password Password Password (NOT a personal identifier like your employee number or social security number) and insert or add a letter and a number. from a song, a poem, a Bible verse, popular saying, geographic name or any other word of your choosing. Substitute a number or symbol for one of the letters, or insert a number or symbol in the middle of the word. like first car or favorite sports player.  Insert a number or special character in place of some of the letters.  While you should never write down a password, you can write down a tickler (reminder) phrase.  For example: Pick numbers that have meaning to you... Pick a favorite word.. Pick a little known fact about yourself...
  6. 6. <ul><li>No illegal, commercial, </li></ul><ul><li>fraudulent, or harmful activity </li></ul><ul><li>No unlicensed software </li></ul><ul><li>Log out of applications </li></ul><ul><li>Location of computers </li></ul><ul><li>Take responsibility for information you access </li></ul><ul><li>Appropriate Internet use </li></ul>Your Role in Protecting Information and Systems
  7. 7. Specific Email Guidelines <ul><li>Primarily for business and appropriate personal use </li></ul><ul><li>Chain email and excessive FW: prohibited by policy </li></ul><ul><li>Abuse of hospital email address affects all of NKCH </li></ul><ul><li>Keep it clean and professional </li></ul><ul><li>All inbound email is scanned for malware and content </li></ul><ul><li>Encrypt outbound confidential information (EPHI) </li></ul><ul><li>All email is property of NKCH </li></ul><ul><li>Be wary of e-mail from unknown or strange address </li></ul><ul><li>Never open attachment unless expected and from known source (virus possibility) </li></ul>Shark Infested Waters!
  8. 8. Running a Tight Ship <ul><li>Computer System User Responsibilities </li></ul><ul><ul><li>Use information appropriately and only for job duties </li></ul></ul><ul><ul><li>Comply with all policies </li></ul></ul><ul><ul><li>Do not disclose EPHI or any information unless authorized </li></ul></ul><ul><ul><li>Keep logon/password confidential </li></ul></ul><ul><ul><li>Report computer problems and security concerns to Help Desk ext. 4357 “HELP” </li></ul></ul>