Policy Manual


Risk Management and Analysis      

Type: Policy                 Category: Information Technology                 Level: Community Care 

Parties: Community Care

Printer Friendly Version: http://apps.comcareme.org/policymanual/default.aspx?code=6.ME.27&nonav=yes

Supporting References: HIPAA Security Rule 164:308(a)(1)(A) and 164.308(a)(1)(B)

Parent Effective Date Approval Level Revision Dates Last Reviewed
6.ME.12  4-1-2005  Board    7-14-2004
Related Document Code Related Document Name Type

Policy:  Community Care will conduct an initial accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic information it creates, maintains, receives and transmits. This Risk Assessment will be conducted at the supervision of the Security Officer. Upon completion of the assessment, Community Care will convene a Risk Management Task Force to review, adopt and implement security measures to reduce risks and vulnerabilities to a reasonable and appropriate level.