26-3-10 - Department measures to protect security of health data.
26-3-10. Department measures to protect security of health data.
The department shall protect the security of identifiable health data by use of thefollowing measures and any other measures adopted by rule:
(1) limit access to identifiable health data to authorized individuals who have receivedtraining in the handling of such data;
(2) designate a person to be responsible for physical security;
(3) develop and implement a system for monitoring security; and
(4) review periodically all identifiable health data to determine whether identifyingcharacteristics should be removed from the data.
Amended by Chapter 201, 1996 General Session