|TITLE: Information Security||ID:|
|ORIGINATOR: Information Security Office||DATE: Jan 5, 2005|
|REVIEWED: President's Council||DATE: Feb 16, 2005|
|APPROVED: Raymond S. Greenberg, MD, PhD||DATE: Feb 16, 2005|
|IMPLEMENTATION: Enterprise-wide||DATE: Feb 16, 2005|
Please refer to MUSC Information Security Rationale: The Need for Safeguards for an overview of the legal and ethical considerations that have motivated the development of this policy. The following laws and regulations have particular relevance:
If an MUSC System may be used to house protected information, then the System's access control policies and procedures must enforce the principle that access to protected information must be restricted to authorized users of the information.
If an MUSC System may be used to house protected information, then the designated Owner of the System is responsible for ensuring that access to the System is controlled, and that access to the System's protected information is restricted to authorized users of the information.
The Owner of the System is responsible for ensuring that the following specific objectives are met:
Each User of the System is required to:
This policy will be maintained and published electronically by the Information Security Office. This policy is a public document and there are no restrictions on its distribution.