Sensitive Information Policy- now with HIPAA Audit Program Guide

This policy is easily modified and defines how to treat Credit Card, Social Security, Employee, and Customer Data. The template is 22 pages in length and complies with Sarbanes Oxley Section 404, ISO17799 and HIPAA.

This policy applies to the entire enterprise, its vendors, its suppliers (including outsourcers) and co-location providers and facilities regardless of the methods used to store and retrieve sensitive information (e.g. online processing, outsourced to a third party, Internet, Intranet or swipe terminals).

The HIPAA Audit Program Guide provides you with a checklist of the must be implemented items which HIPAA mandates.

You can download the Table of Contents and some sample pages by clicking on the link below.

Other Policies

Internet, E Mail and Electronic Communication Policy - This policy is twenty-three (23) page in length, is compliant with all recent legislation (SOX, HIPAA, Patriot Act, and Sensitive information), and covers:

Appropriate use of equipment

Internet access

Electronic Mail

Retention of e-mail on personal systems

E-mail and business records retention

Copyrighted materials

Banned activities

Ownership of information

Security

Sarbanes-Oxley

Abuse

Included are ready to these ready to use forms:

Internet & Electronic Communication Employee Acknowledgement (short form)

E-Mail - Employee Acknowledgement (short form)

Internet Use Approval Form

Internet Access Request Form

Travel and Off-Site Meeting Policy - Protection of data and software is often is complicated by the fact that it can be accessed from remote locations. As individuals travel and attend off-site meetings with other employees, contractors, suppliers and customers data and software can be compromised. This policy is four page in length and covers:

Data and application security

Minimize attention

Shared public resources

Off-site meeting special considerations

Outsourcing Policy - This policy is seven page in length and covers:

Outsourcing Management Standard

Service Level Agreement

Responsibility

Outsourcing Policy

Policy Statement

Goal

Approval Standard

Base Case

Responsibilities

Note: Look at the Practical Guide for Outsourcing over 110 page document for a more extensive process for outsourcing

Streamload's old Privacy Policy
Streamload uses best practices to protect our Users' information. When Streamload asks users to enter sensitive information (such as credit card number), that information is protected with SSL encryption software for transmission to ... - more info

A Five-Step Plan to Help You Stay Ahead of Security Attacks, Risks ...
A Level 1 incident must involve at least one of the following: unauthorized disclosure, modification, destruction or deletion of sensitive information or data; disruption of business continuity and critical business processes or ... - more info

SecurityFocus Linux Newsletter #396
steal authentication credentials - obtain potentially sensitive information - violate the same-origin policy - execute scripts with elevated privileges - upload arbitrary files to affected computers - cause denial-of-service conditions ... - more info

SecurityFocus Microsoft Newsletter #401
Exploiting these issues may allow attackers to obtain potentially sensitive information, cause crashes, and deny service to legitimate users of the application. Attackers may be able to leverage some of these vulnerabilities to execute ... - more info

Yet Another ID Post...With Some Answers to Your Questions
Our intelligence, military, and law enforcement colleagues -- at great risk to themselves -- develop sensitive information about potential attacks and the people behind them. They get that information to us so that TSA can do its part ... - more info

Just Be American â€¦
Some 8% of the total spam are phishing e-mails - messages that pose as a trustworthy source as a way of getting sensitive information such as user-names, passwords and bank account details. Fourth of July coming up, pulled out Old Glory ... - more info

How to Secure Your Machine (for free!)
I'm going to try to hit all the basics of the minimum you need to use your machine with little chance of bricking it, losing all your stuff, or, even worse, losing your sensitive information. If anything is unclear, feel free to comment ... - more info

The New Company Has a Blog Policy
Do not mention them in your blog without their permission, and make sure you donâ€™t disclose items such as sensitive personal information of others or details related to Companyâ€™s business with its customers. Take care not to disparage ... - more info

Microsoft System Center Mobile Device Manager 2008 x64
Helps protect sensitive information if the device is lost or stolen * Performs instant* remote device wipe to help reduce security risks * Provides security enhanced behind-the-firewall access to mobile users ... - more info

Perfect Storm Brewing Over Climate Change Disclosures Sought By ...
Immediate comment by spokespersons for the American Council of Life Insurers and the Property Casualty Insurers Association of America was concern over the potential public release of proprietary and competitively sensitive information. ... - more info