• No results found

Computer Services Staff and Operations

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Computer Services Staff and Operations"

Copied!
9
0
0

Loading.... (view fulltext now)

Download now ( 9 Page )

Full text

(1)

1.C.01

Page 1 of 1

Computer Services Staff and Operations

POLICY

It is the policy of COCHISE REGIONAL HOSPITAL that the Computer Services department will maintain an appropriate number of staff for each position and that normal working hours are clearly defined.

PROCEDURE

Computer Services department hours of operation: 8:00 AM through 4:30 PM Monday through Friday

Effective Date: 9/21/06

Reviewed: 11/07, 11/08, 11/13, 6/14, 11/14 Revised: 11/07, 6/14

(2)

1.C.02

Page 1 of 1

Telecommunication System

POLICY

It is the policy of COCHISE REGIONAL HOSPITAL that the Computer Services

department will maintain the Toshiba computerized branch exchange (CBX) telephone system in effective working order so that there are no disruptions in provisioning 24 hours a day, 7 days a week, 365 days a year (24/7/365) voice communications service. PROCEDURE

If there are problems with the Toshiba CBX, the Computer Services staff will

communicate this to Copper State Communications Inc. located in Tucson, Arizona, whose telephone number is 520-795-1877 and provides 24/7/365 support for their systems.

Effective Date: 9/21/06

Reviewed: 11/07, 11/08, 11/13, 6/14, 11/14 Revised: 11/07, 6/14

(3)

1.C.03

Page 1 of 1

Telecommunication Operations

POLICY

It is the policy of COCHISE REGIONAL HOSPITAL that the Computer Services department will provide for additions, moves, and changes to the station equipment attached to the Toshiba computerized branch exchange (CBX) telephone system during normal business hours.

PROCEDURE

Should any programming be necessary for additions, Computer Services staff will call Copper State Communications Inc. located in Tucson, Arizona, whose telephone number is 520-795-1877, and request the programming addition(s) be effected via remote programming access the Toshiba CBX.

Effective Date: 9/21/06

Reviewed: 11/07, 11/08, 11/13, 6/14, 11/14 Revised: 11/07, 11/08, 6/14

(4)

1.C.04

Page 1 of 1

Telecommunications - Voice Mail

POLICY

It is the policy of COCHISE REGIONAL HOSPITAL that the Computer Services department will provide for additions, deletions, and changes to Voice Mail system integrated into the Toshiba computerized branch exchange (CBX) telephone system during normal business hours.

PROCEDURE

Should any programming be necessary, Computer Services staff will call Copper State Communications Inc. located in Tucson, Arizona, whose telephone number is 520-795-1877, and request the programming addition(s) be effected via remote programming access the Toshiba CBX.

Effective Date: 9/21/06

Reviewed: 11/07, 11/08, 11/13, 6/14, 11/14 Revised: 11/07, 6/14

(5)

1.C.06

Page 1 of 1

Laptop Equipment Security

POLICY

It is the policy of COCHISE REGIONAL HOSPITAL that the hospital employees with personal laptop computers in their possession will safeguard the physical security of said laptop against theft, damage, destruction, or any outside force that would physically damage the laptop computer.

PROCEDURE

Personal laptop computers users will safeguard their units while traveling to prevent theft, damage, loss, or misuse.

Laptop computers should be stored in the locked trunk of the end user’s vehicle during transport to and from working venues.

Laptop computers should be secured with Kensington type locking cables during use at remote locations, including end user’s residences.

Eating and drinking should not be done within three feet of hospital laptop computers to prevent damage.

Effective Date: 9/21/06

Reviewed: 11/07, 11/08, 11/13, 6/14, 11/14 Revised: 11/07, 11/08, 6/14

(6)

1.C.07

Page 1 of 1

Laptop Data Security

POLICY

It is the policy of COCHISE REGIONAL HOSPITAL that the hospital employees with personal laptop computers in their possession will safeguard all hospital data and

patient health information in their possession away from the hospital by utilizing industry best practices on their laptop computers with multilayer software security and

encryption. PROCEDURE

All personal laptop computer users, with the guidance and instruction of Computer Services, should password protect the physical access to the laptop startup with universally available BIOS password protection as a first line of data protection.

All laptop personal computer users should use available password encryption of data in commonly available Microsoft applications such as MS Word, MS Excel, etc. for all hospital data and patient health information on the laptop as a second line of protection. All laptop personal computers should be used with reasonably priced, commercially available software encryption as an additional line of protection for the entire hard drive should the laptop suffer the misfortune of being stolen, lost, or misplaced or become under a non-employee’s control.

In any and all occasions, a laptop personal computer user will always safeguard the screen information of any sensitivity level against the prying eyes of casual snooping of the laptop screen and/or password entry during normal laptop use at any venue at any time.

Effective Date: 9/21/06

Reviewed: 11/07, 11/13, 6/14, 11/14 Revised: 11/07, 6/14

(7)

1.C.08

Page 1 of 2

Access to Facility Computing Systems and

Electronic Medical Record Information

PURPOSE

To establish a policy for access to facility computing systems and electronic medical record information.

POLICY

A. Access to facility computing systems shall be strictly controlled and given to an individual on a job function need-to-know basis. Access shall limit, to the degree practical, the update and/or retrieval capability to only that required for the job function of the person being granted access.

B. Access to facility computing systems and electronic medical record information shall be governed by the owner of the data and the department responsible for the security of the computer system.

C. Patient data contained in electronic medical records is confidential. This includes all patient care, personal, and patient financial data. All persons accessing

electronic medical records shall follow all facility policies and procedures related to confidentiality and release of patient information.

D. Information obtained by computer access shall be used only for the functions of the job for which the access is authorized. Access to data for one’s own personal curiosity, gain, or profit is prohibited.

E. User ID codes and passwords used to access facility computer systems shall not be disclosed to other individuals. Persons shall not use another person’s User ID or password.

F. All persons receiving access to a facility computer system shall abide by the security policies, standards, and procedures of the department responsible for the security of the system.

G. Access to facility computer systems shall be deleted promptly when an employee transfers, no longer requires the access, or terminates employment.

(8)

PROCEDURE

A. Department Heads are responsible for ensuring that employees within their department are accessing facility computing systems in an acceptable manner. B. All persons accessing data stored on facility computer systems are personally

responsible for the protection of that data from unauthorized access, modification, destruction, or disclosure whether accidental or intentional. C. All persons with access to facility computer systems are responsible for

arranging to have their User IDs deleted when they transfer, no longer need the access, or terminate employment.

D. Department/Nursing managers are responsible for ensuring that employee User ID codes are deleted when they change job duties or terminate employment. If the employee fails to do so, the employee’s manager is responsible for notifying Computer Services within one business day of an employee’s termination.

Effective Date: 9/21/06

Reviewed: 11/07, 11/08, 11/13, 6/14, 11/14 Revised: 11/07, 11/08, 6/14

(9)

1.C.09

Page 1 of 1

Access Controls - HIPAA

POLICY

The policies and procedures stated herein apply to all electronic Protected Health Information (PHI) maintained or transmitted by COCHISE REGIONAL HOSPITAL (CRH). The policies and procedures also apply to the hardware and/or software on which data is stored. Access for staff members, professional staff and others by CRH will only be given access to those that have been granted access rights as specified by the completed Security Access form. Only authorized personnel shall access electronic data, including the hardware and/or software on which the electronic PHI is stored, according to their roles including those working on maintenance repair.

PURPOSE

CRH is committed to implementing technical policies and procedures for electronic information systems that maintain electronic protected health information to allow access only to those persons or software programs that have been granted access rights. As such, CRH will continually assess potential risks and vulnerabilities to protected health information in its possession, and develop, implement, and maintain appropriate administrative, physical, and technical security measures in accordance with 45 C.F.R. 164.312.

PROCEDURE

Information Technology follows the CMS guidelines for Access Controls (which is located in Information Technology).

The Information Security Offices is responsible for carrying out the herein describes policies in conjunction with all other CRH security policies and work with the education department to ensure that all employees are adequately informed of this policy.

Effective Date: 9/21/06

Reviewed: 11/07, 11/08, 11/13, 6/14, 11/14 Revised: 11/07, 6/14

References

Download now ( PDF - 9 Page - 120.48 KB )

Related documents

Langmans Medical Embryology test bank questions

The corona radiata consists of one or more layers of follicular cells that surround the zona pellucida, the polar body, and the secondary oocyte.. The corona radiata is dispersed

Medicine Shelf Stuff

○ If BP elevated, think primary aldosteronism, Cushing’s, renal artery stenosis, ○ If BP normal, think hypomagnesemia, severe hypoK, Bartter’s, NaHCO3,

Cirrhosis and HCC. Dr.Abonyi Margit PhD SE 1st.Medical Clinic

 HCC is developing in 85% in cirrhosis hepatis Chronic liver damage Hepatocita regeneration Cirrhosis Genetic changes

TECHNICAL AND VOCATIONAL EDUCATION AND TRAINING (TVET) SYSTEM\ IN INDIA FOR SUSTAINABLE DEVELOPMENT

National Conference on Technical Vocational Education, Training and Skills Development: A Roadmap for Empowerment (Dec. 2008): Ministry of Human Resource Development, Department

Dolphin Morbillivirus in a Cuvier’s Beaked Whale (Ziphius cavirostris), Italy

expanding host range of DMV, testified by the present report and by numerous cases of DMV infection reported in the last 5 years in the Mediterranean Sea ( Mazzariol et al., 2013,

Strategic Audit of National Instruments

Currently, National Instruments leads the 5G Test & Measurement market, being “responsible for making the hardware and software for testing and measuring … 5G, … carrier

Study on the Economic Contribution of the Software Industry in Lebanon

An analysis of the economic contribution of the software industry examined the effect of software activity on the Lebanese economy by measuring it in terms of output and value

Chorionic thickness and PlGF concentrations as early predictors of small-for-gestational age birth weight in a low risk population

A statistically significant negative correlation was dem- onstrated in the study cohort between the maternal serum PIGF levels, foetal heart rate (FHR), birth weight and length,