The purpose of the Catalogue and Settings Policy is:
- To ensure all hardware and software containing ePHI has been accounted.
- To assign a reliable party to be responsible for the accountability and security of ePHI as it resides or itโs used within the different systems.
- To ensure all security settings are available and have been enable.
Procedure: The Security Manager or delegated representative shall ensure that all software and hardware handling electronic PHI (ePHI) is accounted for, has security settings and that the same settings have been enabled.
- Conduct audit to ensure that all relevant equipment and software has been accounted for;
- Update audits on an annual basis or as if needed in case of changes;
- Maintain a written record of the analysis/assessment for 7 years.