|TITLE: Information Security||ID:|
|ORIGINATOR: Information Security Office||DATE: Jan 5, 2005|
|REVIEWED: President's Council||DATE: Feb 16, 2005|
|APPROVED: Raymond S. Greenberg, MD, PhD||DATE: Feb 16, 2005|
|IMPLEMENTATION: Enterprise-wide||DATE: Feb 16, 2005|
Please refer to MUSC Information Security Rationale: The Need for Safeguards for an overview of the legal and ethical considerations that have motivated the development of this policy. The following laws and regulations have particular relevance:
MUSC workstations, and any other devices used to access MUSC's network, may be used only for authorized purposes. Workforce members are prohibited from using any MUSC workstation, or any other device used to access MUSC's network, in excess of their authority.
A specific workforce member's use of a specific workstation for a specific purpose must be authorized by all of the following: (a) the designated Owner of the workstation, (b) the workforce member's supervisor or manager, and (c) MUSC policies that establish boundaries for acceptable use.
Workforce members are prohibited from installing unauthorized software on MUSC workstations.
If access to protected information from a workstation is possible, then the designated Owner of the workstation must ensure that:
This policy will be maintained and published electronically by the Information Security Office. This policy is a public document and there are no restrictions on its distribution.