CR 30-X/CR 30-X
M
Patient data security
It is the responsibility of the hospital to ensure how the patients' legal
requirements are to be met, how the security of the patient records are:
•
maintained and tested,
•
audited,
•
administered locally to cover risks from third party access,
•
how the availability of the services is to be maintained in the event of
disaster.
It is the responsibility of the hospital to ensure how types of access are
identified, classified and reasons for access are justified.
24
Introduction
2386G EN 20120110