IT security policies are often derived from other, non-technology, organizational policies. Because electronic communication can be very problematic for a service organization that works with confidential medical information, it is a great idea for a hospital to establish a clear policy for the use and retention of email messages.
Requirements:
For this assignment, you will create two use and retention policies for the staff of a hospital:
Part 1
Write a Use and Retention Policy for Paper Medical Records establishing rules for the distribution and retention of paper medical records containing confidential patient data within the hospital.
Part 2
Write a Use and Retention Policy for Email Communication Containing Patient Data.
Include a statement about how email messages should be retained.
Remember that electronic patient health information in transit also should be encrypted.
Include at least one method that could be used to audit the organization in order to determine if this policy is being adhered to.
Your policies should include the following criteria:
Used policy and procedure format.
1 page in length, double-spaced.
Free of spelling, grammar, and punctuation errors.