Auditing It Infrastructure Essay

718 WordsJan 17, 20153 Pages
ITT Tech IS423: Auditing it infrastructures for compliance Unit 5 assignment 1: Best practices for user domain compliance 04/21/2014 In order to be compliant with the GLBA law, Financial Privacy & Safeguards Rules compliance audit, we need to first know who can be eligible for this and what they cover. The obligations are which include privacy notices, who will get a privacy notice, customers, expectations, general obligations, and consumers who are not customers. There are limits on reuse and re-disclosure of national provider identifier and those are the general obligations. The disclosure of account numbers is prohibited and the fair credit reporting act, along with enforcement and finally further guidance. Privacy notices for Health care organizations is that they may use information about patients to provide them with medical and mental health treatment or services. Health care organizations might disclose information about patients to doctors, nurses, technicians, students, or other health system personnel who are involved in taking care of them. The patient has the right to inspect and/or receive a copy of their health information, in accordance to their privacy agreement. General obligations and expectations of health care organizations are to ensure the security and confidentiality of records and to control access to those records. There are also rules of conduct for employees to follow. This applies to those responsible for the collection, maintenance, and disclosure of information in the records, or for the design of record systems. Expectations and general obligations from health care organizations are to be committed to protecting medical, mental health and personal information about their patients. They are required by law to maintain the privacy of patients health information, provide customers information about
Open Document