26-3-10 - Department measures to protect security of health data.
26-3-10. Department measures to protect security of health data.
The department shall protect the security of identifiable health data by use of thefollowing measures and any other measures adopted by rule:
(1) limit access to identifiable health data to authorized individuals who have receivedtraining in the handling of such data;
(2) designate a person to be responsible for physical security;
(3) develop and implement a system for monitoring security; and
(4) review periodically all identifiable health data to determine whether identifyingcharacteristics should be removed from the data.
The department shall protect the security of identifiable health data by use of thefollowing measures and any other measures adopted by rule:
(1) limit access to identifiable health data to authorized individuals who have receivedtraining in the handling of such data;
(2) designate a person to be responsible for physical security;
(3) develop and implement a system for monitoring security; and
(4) review periodically all identifiable health data to determine whether identifyingcharacteristics should be removed from the data.
Amended by Chapter 201, 1996 General Session