Statutes, codes, and regulations
Oregon Administrative Code
Chapter 333 - OREGON HEALTH AUTHORITY, PUBLIC HEALTH DIVISION
Division 18 - DISEASE REPORTING
Section 333-018-0135 - HAI Data Security

Or. Admin. Code § 333-018-0135

Download
PDF
Current through Register Vol. 63, No. 10, October 1, 2024
Section 333-018-0135 - HAI Data Security

The Authority shall undertake precautions to prevent unauthorized disclosure of the raw data files. These precautions include but are not limited to:

(1) Storing the raw data files on the internal storage hardware of a password-protected personal computer that is physically located within the Authority;
(2) Restricting staff access to the raw data files;
(3) Restricting network access to the raw data files; and
(4) If applicable, storing patient information within a strongly-encrypted and password-protected virtual drive or using other methods to reliably achieve the same level of security.

Or. Admin. Code § 333-018-0135

OHP 1-2008, f. & cert. ef. 7-1-08; Renumbered from 409-023-0025 by PH 13-2013, f. 12-26-13, cert. ef. 1-1-14; PH 17-2014, f. & cert. ef. 6-9-14

Stat. Auth.: ORS 442.420 & 2007 OL Ch. 838 ¦ 1-6 & 12

Stats. Implemented: ORS 192.496, 192.502 & 2007 OL Ch. 838 ¦ 1-6 & 12