ABSTRACT
It is a necessity for every practice to develop a security policy to protect all information-processing systems in healthcare adequately. To achieve this, the security policy should set out guidelines and protocols that ensure the physical, procedural and logical security and regulate the management, distribution and protection of data/materials. The chapter ensures that information processing is properly assessed for security. By developing proper levels of security the confidentiality as well as the integrity and availability of information are achieved. Through audit and incident reporting the awareness of information security issues is raised and security needs and systems are improved. The chapter discusses the following topics: equipment security, maintenance of the equipment, maintaining the confidentiality of all data within the practice, the disposal of confidential material or equipment containing confidential information, and protocol regarding the use and maintenance of CCTV equipment.
