Sensitive Information Policy -
now with HIPAA Audit Program Guide
 This
policy is easily modified and defines how to treat Credit Card,
Social Security, Employee, and Customer Data. The template is 22
pages in length and complies with Sarbanes Oxley Section 404,
ISO17799 and HIPAA.
This policy applies to the entire enterprise, its vendors, its
suppliers (including outsourcers) and co-location providers and
facilities regardless of the methods used to store and retrieve
sensitive information (e.g. online processing, outsourced to a third
party, Internet, Intranet or swipe terminals).
The HIPAA Audit Program Guide provides you with a checklist of
the must be implemented items which HIPAA mandates.
You can
download the Table of Contents and some sample pages by clicking on
the link below.
Other
Individual
Policies
All of the policies that are provided
here are contained within one or more of the templates that are on
this site. These policies have been added as individual documents in
WORD format for those clients who just need this particular policy.
All policies are Sarbanes-Oxley compliant
Internet, E Mail and Electronic
Communication Policy
- This policy is six page in length and
covers:
-
Appropriate use of equipment
-
Internet access
-
Electronic Mail
-
Retention of e-mail on personal
systems
-
E-mail and business records
retention
-
Copyrighted materials
-
Ownership of information
-
Security
Travel and Off-Site Meeting Policy
-
Protection of data and software is often is complicated by the fact
that it can be accessed from remote locations. As individuals travel
and attend off-site meetings with other employees,
contractors, suppliers and customers data and software can be
compromised. This policy is four page in length and covers:
Outsourcing Policy
- This
policy is seven page in length and covers:
| 
