When it comes to running a business, especially dealing with private medical records, both physical and cybersecurity is paramount to the success of the business, especially when it comes to patient confidentiality. When it comes to security, especially in the medical field, the implementation of effective security policies should be the organization 's top priority, for it protects the safety and well-being of both business and patient. The policies formulated must comply with the Health Insurance Portability and Accountability Act (HIPAA), in order to enforce patient confidentiality and avoid any legal issues. In order to protect both physical and cyber security, policies should overview acceptable computer use, email use, password policy, and wireless and device usage.
Company employees are expected to use their computers responsibly and productively, Internet …show more content…
No matter how secure a user 's password may seem initially, there is one thing that one must take into account, the fact that the user will eventually change the password into something of their preference. Therefore password policy implementation is paramount to the success and security of the organization and its mission. In order to prevent system and patient compromisation, an employee 's password must never be shared with anyone, no matter the relation to the individual. System administrators are to ensure that the computer is not to store old passwords, this is to prevent any password compromisations if an attacker is to gain access to the system. It is expected that employees change their passwords in accordance with the minimum password age value set by the administrator, likewise, it is also expected that employees meet the password length and complexity requirements set by the administrator in order to reduce the risk of system