IT4076
2
Operational Management Policy
1.0 Purpose: 1.1 This policy outlines the operation procedures to ensure the systems are kept secure and less likely for a breach to happen, as well as minimizing the risk of information loss. 2.0 Scope
2.1 This policy covers all of High Class Healthcare and all employees, departments, vendors, contractors, and hospitals tied to this organization. 3.0 Policy
3.1
All changes must be approved by the correct parties as well as a description for it. 3.2 Data must be separated on multiple backup services to ensure less of a risk if an incident does occur. 3.3 All data disposed should be disposed of properly and securely. 3.4 All devices will be monitored and all data logged as needed. 3.5 Proper recovery plans should be put into place and followed properly. 3.6 Audit logs must be kept for at least 6 months. Details of the data before and after the audit must be kept.
