| Los Angeles County Department of Mental Health (DMH/Department) must ensure workstation security procedures are strictly enforced within each facility to maximize the protection of PHI.
All workstations must be used in a manner commensurate with the sensitivity of the information accessed via those workstations.
Only DMH-issued equipment shall be connected to the County network. DMH-issued equipment shall only be used to conduct County business and store County data.
All workforce members must take reasonable physical security precautions to prevent unauthorized physical access to sensitive information from workstations. Physical attributes of surroundings must be taken into consideration (e.g., concealing screen displays and securing unattended workstations). - Computer monitors must be positioned away from common areas or a privacy screen must be installed to prevent unauthorized observation or access in accordance with DMH Policy 508.01.
- Computer peripherals such as network printers and fax machines must not reside in crowded common areas or public spaces.
DMH systems managers/owners must implement physical safeguards to permit only authorized user access to workstations with accessibility to confidential and/or sensitive information.
All users who use workstations as described above must be trained to exercise proper security practices. Training and documentation must be in accordance with the DMH Policies 553.01 and 555.01.
| 