What Is Enterprise Information System Policy

1704 Words7 Pages
1. Enterprise Information Systems Policy (EISP)
This policy clarifies the use and access of a patients history file at a large medical organization with approximately 2,000 patients.
Patient Records
The Medical Records Department will be responsible for maintaining records of each patient's medical history at Rusteze Medical Center and for maintaining some demographic information, such as home address, contact information, and emergency contact information.
Updating Medical Records
It is the responsibility of supervisors or administrators in departments to notify their Medical Records Manager of changes in patient’s active or inactive status. Employees are responsible for notifying Medical Records Department of changes in name, social
…show more content…
However, information on medical record history will be provided to administrative managers by the Medical Records Department assisting the department on a need-to-know basis.
Access to Medical Files by Employees
Upon written request, a patient may make an appointment with the Medical Records Department to view his or her medical record. A patient may not request that material be removed from the medical record unless mutually agreed to by the parties concerned. If the patient feels that a situation has been unfairly represented, he or she may submit a clarifying memorandum to the Medical Records Department and request that it become a permanent part of the file.
A written request also is required from former physicians when requesting access to their medical files.
2. Issue-Specific Security Policy (ISSP)
Title: Use of the Internet/World Wide Web
Statement of Policy
The main purpose of this policy is to protect usability, reliability, integrity, and safety of our organization and its classified material. This security policy addresses the fair use of the Internet/World Wide Web. This includes but is not limited to hardware, software, and protocols associated with the LANs. It is intended for the organization including its employees who are authorized users. Authorized users are defined as anyone who has classified security
Get Access