Generic Security Policy - Free Download | Page 5
4.1,
3597
votes
Please vote for this template if it helps you.
Generic Security Policy
Version 1.1 – 08/03/2005 Page 5 of 24
1 Introduction
1.1 Purpose
This document provides guidance to users of the computer systems of this Practice.
Implementation of the policies herein will ensure adequate security for all information
collected, processed, transmitted, stored, or disseminated as part of the Practice systems and
major applications.
These security policies are consistent with New Zealand Government legislation including the:
• Health Information Privacy Code 1994
• Privacy Act 1993
• New Zealand Copyright Act 1994
Relevant New Zealand standards include:
• AS/NZS HB 231:2000 (Information security risk management guidelines)
• AS/NZS ISO/IEC 17799:2001 (Code of Practice for information security management)
• SNZ HB 8169:2001 (Health Network Code of Practice)
E-government publications are also relevant and can be found at:
www.e-government.govt.nz/publications/securepc/securepc.html
1.2 Contents
This security policy addresses the following areas of concern:
• General security policy and standards
• Security organisation
• Personnel security and training
• Physical security
• Computer systems access control
• New Zealand Health Network
• Security in system life cycle management
• Computer integrity and incident reporting
• Malicious software
• Business continuity management
• Compliance
source: health.govt.nz
