ABSTRACT

'Security monitoring' is an element of a comprehensive security policy and has an important function in improving the effectiveness of security measures and raising awareness of staff members on security matters. Security monitoring should therefore involve the entire primary healthcare team (PHCT) and should take place on a regular basis. Security monitoring should include: reviewing potential or actual security breaches, and if necessary developing an action plan to improve security; and audits which review the compliance with the guidance on any aspect of security, e.g. access failures, log-on/log-off procedures, password usage, safe-haven procedures, information flow, compliance with the Data Protection Act 1998. The results of such reviews and the resulting changes in security measures or changes to guidelines and protocols should be documented in a report and kept for an agreed period of time as well as handed out to all members of the PHCT.