Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Information Security


Steven Webb

on 18 January 2012

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Information Security

Information Security Passwords Must begin with a letter. Stay away from special characters. Case sensitive. Must be a least 5 characters but no more than 8 long. Must be reset every 90 days. Password history. Passwords may not be reused. Never share or disclose user IDs or passwords,
nor ask others to do so. Single
On Security
Policies Removable Media No Expectation of Privacy Communications Content Personal Conduct Confidential Information Non-compliance Personal
for Security All personnel must ensure that confidential
information is being appropriately protected,
in accordance with existing HIPAA federal laws
and company policies and associated
information security policies and standards. Adhering to all Security policies, standards, procedures, and CHS Code of Conduct Users are responsible for protecting information on their
computers, and must use precautions to physically protect
equipment and information Users are wholly accountable for information assets under their control Shall not copy, release, transmit, sell, loan, alter, purge or destroy any confidential information except as properly authorized Complying with use and disclosure processes
as if electronic information were paper Ensuring that PHI is exchanged only with properly authorized entities, and that electronic transmissions containing PHI are properly encrypted and secured Promptly reporting any privacy or security concerns to your Facility Security Officer Dispose of confidential information utilizing
company-provided secure receptacles Users shall not dispose of electronic devices Work Station
Security Do not leave programs running or data visible when computer is unattended. Lock system (press Window key + L) when leaving the computer for any length of time. Use screen savers with activated passwords, and position screens away from public view Users are responsible for protecting information on their
computers, and must use precautions to physically protect
equipment and information Users should not move or relocate company-provided computing equipment. All computing equipment moves are to be scheduled through the IS Department Important data should not be stored on the local hard drive (the C: drive). Local hard drives are not backed up, and in the case of a hardware failure or theft, the data would be lost. All important data should be stored on a network drive Users are prohibited from installing software from outside sources on their CHS workstations. Such software is not licensed for use by CHS, or may interfere with the operation of other company resources Users are prohibited from installing, distributing, copying or modifying any software programs Laptops shall not be left unattended and unsecured (for example, left on the desk when not in use or overnight in the workplace); they must be locked up. Laptops must not be left in a car, exposed to weather, magnetic fields or radiation. Individually identifiable PHI (protected health information) should not be stored on mobile electronics INFORMATION SYSTEMS Users shall not have the expectation that their email or other electronic communications are private. CHS may capture user activity such as web sites visited. CHS reserves the right, at any time and without prior notice, to examine email, files, and other information stored on CHS information systems. Content of electronic communications should be accurate, sent to recipients with the minimum necessary information based on a need-to-know and sent or posted with appropriate security measures Every user has a responsibility to protect CHS’ public image. Users must avoid communicating anything that might appear inappropriate or misconstrued as inappropriate Do not download any non-standard/non-approved applications to CHS devices.
Do not open unknown email attachments.
Do not use instant messaging features
The following behaviors are strictly prohibited:

Accessing obscene, sexually explicit, or pornographic material from company resources.

Sending harassing, libelous, and disruptive, threatening, racially harassing, or sexually harassing messages, or using any language that could be construed to make the work environment a hostile workplace.

Tying up computer resources by downloading music, movies, software or other applications, or using excessive amounts of storage or sending large file attachments. This could cause congestion, delay, or disruption of service to company systems, and degrades the performance of the entire network.
Using company systems to advertise, provide services, or sell commercial products. Use of any company information technology resources for personal gain or profit is prohibited.

Using company resources in a manner that interferes with performance of employment responsibilities; for example, tying up printers doing non-company related work.

Sending messages with religious, racial, political, or sexual overtones; expressing bigotry, hatred, harassment, abuse, or threats of harm to anyone.

Creating, copying, or sending frivolous or excessive messages, including chain letters, junk mail, advertising material, or spam.
Full transcript