Information security in general practice
Information security strategy
Last revised: 21 Apr 2023
You should document all confidentiality and privacy agreements for practice team members, together with an appropriate internet and email use agreement. Practice team members and relevant external providers should sign these agreements.
These agreements act to protect practice owners in the event of legal action, should a security breach occur.
Your practice has a responsibility to ensure anyone who has access to practice clinical and/or business information is aware of their obligations to comply with your information security policies.
Technical service providers are usually granted unrestricted access to practice data.
See module on cloud-based information security for more information
Advertising