Panel |
---|
Document Name: NCSA Information Security Policy |
Table of Contents | ||
---|---|---|
|
...
The Advanced Computational Health Enclave (ACHE) is a special environment with restricted physical and electronic access at NCSA. All electronic personal health information Protected Health Information (ePHI) processed or stored at NCSA is done within this environment.
All NCSA staff workforce members who need access to this environment or who may come in contact with ePHI in during day-to-day operations or an emergency are designated as a part of the NCSA Health Care Component (NHCC) of the University of Illinois Covered Entity.
All workforce members in the covered entity Members of the NHCC must take the official UofI HIPAA training annually. If they use laptops to access these systems, they the devices must utilize full disk encryption. All laptops and workstations they use for this work must also employ password protected screen savers that automatically lock after a period of inactivity.
Violations
The NCSA Security Office has the right and responsibility to take systems offline that are either attacking or causing harm to others and those of persons violating NCSA security policies. While due effort is made to notify system owners before taking a host offline, this is not always possible in an emergency.
Depending upon the severity, type and recurrence of a violation, the Security Office may report the issue to supervisors, HR, senior management or even law enforcement. Violations of the NCSA or University's policies regarding electronic personal health information involving electronic Protected Health Information (ePHI) , in particular, will be reported to the the UofI HIPAA officer UofI HIPAA Privacy and Security Officer, and violators will be subject to disciplinary action as described by University's policies.
...