Difference between revisions of "Information Security Officer (ISO)"
(→Introduction) |
|||
| Line 1: | Line 1: | ||
An '''information Security Officer (ISO)''' has the responsibility of protecting [[Protected Health Information (PHI)|PHI]] and PII that is electronically stored or transferred by implementing and monitoring compliance with organization policy. | An '''information Security Officer (ISO)''' has the responsibility of protecting [[Protected Health Information (PHI)|PHI]] and PII that is electronically stored or transferred by implementing and monitoring compliance with organization policy. | ||
| + | |||
| + | An information Security Officer (ISO), sometimes called the Chief Information Security Officer (CISO) has the responsibility of information and information technology security, including protecting PHI and PII that is electronically stored or transferred by implementing and monitoring compliance with organization policy. | ||
== Introduction == | == Introduction == | ||
| + | |||
| + | According to AHIMA, “The security officer is responsible for the design, oversight, and ongoing management of the information security program, including policies, procedures, technical systems, and workforce training in order to maintain the confidentiality, integrity, and availability of data within all healthcare organization information systems. The security officer role addresses electronic systems architecture and functionality as it affects safeguards of protected health information (PHI) and business information assets.” | ||
| + | Source: http://www.ahima.org/downloads/pdfs/resources/securityofficerjd.pdf | ||
The ISO is often a separate department from the main information technology group as to provide unbiased jurisdiction over IT activities. The ISO also has the responsibility to keep up with industry standards (such as HIMSS) and national standards, such as the ([[Health Insurance Portability and Accountability Act (HIPAA)|HIPAA]], for information security. | The ISO is often a separate department from the main information technology group as to provide unbiased jurisdiction over IT activities. The ISO also has the responsibility to keep up with industry standards (such as HIMSS) and national standards, such as the ([[Health Insurance Portability and Accountability Act (HIPAA)|HIPAA]], for information security. | ||
''See [[CMIO|Chief medical informatics officer (CMIO)]] | ''See [[CMIO|Chief medical informatics officer (CMIO)]] | ||
Latest revision as of 04:48, 13 November 2012
An information Security Officer (ISO) has the responsibility of protecting PHI and PII that is electronically stored or transferred by implementing and monitoring compliance with organization policy.
An information Security Officer (ISO), sometimes called the Chief Information Security Officer (CISO) has the responsibility of information and information technology security, including protecting PHI and PII that is electronically stored or transferred by implementing and monitoring compliance with organization policy.
Introduction
According to AHIMA, “The security officer is responsible for the design, oversight, and ongoing management of the information security program, including policies, procedures, technical systems, and workforce training in order to maintain the confidentiality, integrity, and availability of data within all healthcare organization information systems. The security officer role addresses electronic systems architecture and functionality as it affects safeguards of protected health information (PHI) and business information assets.” Source: http://www.ahima.org/downloads/pdfs/resources/securityofficerjd.pdf
The ISO is often a separate department from the main information technology group as to provide unbiased jurisdiction over IT activities. The ISO also has the responsibility to keep up with industry standards (such as HIMSS) and national standards, such as the (HIPAA, for information security.
