UW Medicine Compliance
Box: 358049
Seattle, WA 98195-8049
Fax: 206-221-5172
Box: 358049
Seattle, WA 98195-8049
Fax: 206-221-5172
Web: depts.washington.edu/comply/
Box: 358049
Seattle, WA 98195-8049
Fax: 206-221-5172
Box: 358049
Seattle, WA 98195-8049
Fax: 206-221-5172
Web: depts.washington.edu/comply/
The purpose of the Security Toolkit is to provide the information necessary to let System Owners and System Operators [SOSO] be successful in the purchasing, implementation, configuration, maintenance, and overall security of all UW Medicine systems.
Related Items: Department Toolkit & Inventory Toolkit
System Owners are individuals within the UW Medicine community accountable for the management and use of one or more electronic information systems, electronic databases or electronic applications.
System Operators are individuals responsible for the administration and management of the daily activities for one or more electronic information systems, electronic databases, or electronic applications under direction of the System Owner.
It is essential that System Owners put appropriate contract language into contracts when purchasing IT Systems. Contracts must include language that requires vendors to be accountable to good security practices. Additionally, contracts with vendors using or disclosing patient information must include the Business Associate Agreement contract language.
[Requires
UW Net ID]All System Owners and Sytem Operators are required to complete the UW Medicine IT Services SOSO Training and a Systems Informal Compliance Review [ICR]. An Advanced System Guide provides help in completing the ICR. Additionally, a Policy Exception Form must be completed for those systems which cannot comply with an Information Security Requirement.
