Sunday, 16 July 2017

Describe practices that ensure security when storing and accessing information

To ensure security of storing and accessing information, authorised personnel must have to follow organisational policies and procedures, where guidelines have been prescribed on how to store and access information securely. However, few standards are being described here in below –

Storing Information: There are two types of storing system exist in health and social care settings. They are manual information storing and electronic information storing. The both methods need to ensure security before storing information. Manual storing uses a heavy metal cabinet to store information. To provide security, metal cabinet always have to be locked. Location of this cabinet should be in an isolated place or out of public areas. File cabinet should not be left open.
Storing information electronically means keeping information in electronic device such as computer, cloud server, portable hard disk (memory disk) and memory card or drive. Any electronic device is used to store information must be protected by strong password. If cloud server is being used to store information, then personnel must have to ensure communication between cloud server and work pc is encrypted. Work computer should not be left unlocked in public areas. To avoid accidental data loss we should keep all data backed up in another device or location, in case of system failure.

Accessing Information: It is a best practice to keep all data archived and labelled in order to avoid accidental opening of other person’s file. It is also a best practice, only to bring one file out of the cabinet at a time while working, rather than stacking all of the files together on desk. Leave the file cabinet locked after each time of use. Shred any unwanted paper where any personal or sensitive information is written. Only use work computer to access file electronically. Make sure there is someone waiting there for the document, you sending over an email or fax.

However, mistake occurs unfortunately. In such an unfortunate event, we must contact organisational information security officer and report it.

No comments:

Post a Comment