Workstation Security Policy (AUP)

481 Words1 Page

Workstation Security Policy
1. Purpose
The purpose of this policy is to provide guidance for workstation security for Pharmacy Corp workstations to ensure the security of information on the workstation and what it can access. Additionally, the policy provides guidance to ensure the requirements of the HIPAA Security Rule “Workstation Security” Standard 164.310(c) are met.

2. Scope
This policy applies to all Pharmacy Corp employees, contractors, workforce members, vendors and agents with a Pharmacy Corp-owned or personal-workstation connected to the Pharmacy Corp network.

3. Policy
Appropriate measures must be taken when using workstations to ensure the confidentiality, integrity and availability of sensitive information, including protected health …show more content…

3.3 Appropriate measures include:
• Restricting physical access to workstations to only authorized personnel.
• Enabling a password-protected screen saver with a short timeout period to ensure that workstations that were left unsecured will be protected. The password must comply with Pharmacy Corp Acceptable Use Policy (AUP) Password section.
• Saving all sensitive information such as personally identifiable information (PII) and protected health information (PHI) on network servers and not local storage.
• Securing laptops that contain sensitive information by using tether locks and configure screen lock or logout prior to leaving area to prevent unauthorized access.
• Ensure workstation hard drive are encrypted to protect the data if there is a theft.
• Installed software on company workstation must be from an approved list managed by the IT department.
• Do not carry workstations with sensitive information home unless approved by manager
• Installing privacy screen filters or using other physical barriers to alleviate exposing

More about Workstation Security Policy (AUP)

Open Document