LAC Department of Mental Health Public Portal

	LOS ANGELES COUNTY DEPARTMENT OF MENTAL HEALTH
	Policy 550.02 Workforce Members Security

Policy Category: Administrative

Distribution Level: Directly Operated and Contractors

Responsible Party: Chief Information Office Bureau

Approved by Edgar M. Soto, MBA, CSP, Administrative Deputy III, on January 21, 2020

I. POLICY STATEMENT

The purpose of this policy is to:

Ensure Los Angeles County Department of Mental Health (DMH/Department) workforce members have appropriate access to data systems and information contained in data systems, and
Prevent unauthorized access to confidential and protected health information (PHI).

Contracted agencies shall develop an internal policy and associated procedures that are consistent with their organizational practices and meet the requirements set forth in this policy.

II. DEFINITIONS

Information Technology and Security Glossary

III. POLICY

DMH must ensure the security (confidentiality, integrity, and availability) of PHI and other confidential information.

DMH must develop and implement security procedures that protect the confidentiality of PHI and other confidential information.

Information access shall be granted based on each workforce member's job responsibilities and need to know.

IV. PROCEDURES

Procedures - Workforce Members Security

V. AUTHORITIES

Code of Federal Regulations Title 45 Section 164.308(a)(3)(i), Standard: Workforce security
Code of Federal Regulations Title 45 Section 164.308(a)(3)(ii), Implementation specifications
Los Angeles County Board of Supervisors Policy No. 6.100, Information Security Policy
Los Angeles County Board of Supervisors Policy No. 6.101, Use of County Information Assets