| TITLE: Information Security | ID: |
| ORIGINATOR: Information Security Office | DATE: Jan 5, 2005 |
| REVIEWED: President's Council | DATE: Feb 16, 2005 |
| APPROVED: Raymond S. Greenberg, MD, PhD | DATE: Feb 16, 2005 |
| IMPLEMENTATION: Enterprise-wide | DATE: Feb 16, 2005 |
Please refer to MUSC Information Security Rationale: The Need for Safeguards for an overview of the legal and ethical considerations that have motivated the development of this policy. The following laws and regulations have particular relevance:
Evaluation of all information security policies and procedures should occur at regular intervals, and also in response to environmental, operational, policy or regulatory changes.
MUSC's Entity IACOs are required to monitor and evaluate the effectiveness of all information security policies and procedures within their respective entities.
System Owners are required to monitor and evaluate the effectiveness of all System-specific policies and procedures.
This policy will be maintained and published electronically by the Information Security Office. This policy is a public document and there are no restrictions on its distribution.