| Participating Health Care Provider Policies and Procedures |
To establish the obligations of each participating health care provider. |
SEC001 Participating Provider |
|
|---|
| Information Security |
To ensure that appropriate technical, administrative, and physical safeguards are applied end-to-end in the VHIE, including VITL and participating health care providers. |
SEC002 Information Security |
SEC002-1 Information Security Procedures
SEC002-11 Participant Acknowledgement of VITL Policies |
|---|
| Auditing and Access Monitoring |
To insure that the security and confidentiality of patient data is protected. |
SEC004 Auditing and Access Monitoring |
SEC004-1 Audit & Access Monitoring Procedures
SEC004-2 Audit Request Form |
|---|
| Privacy and Security Events |
To describe VITL’s responsibilities when VITL’s privacy or security policies have been violated. |
SEC005 Privacy and Security |
SEC005-1 Privacy & Security Events Procedures
SEC005-2 Reportable Event Form |
|---|
| Secondary Use of Data |
To establish the conditions, if any, under which protected health information on the VHIE may be used for purposes other than direct patient care. |
SEC006 Secondary Use |
|
|---|
