| This policy outlines the appropriate use of all Los Angeles County Department of Mental Health (DMH/Department) technology resources including, but not limited to, electronic equipment, computing devices, networks, and information systems.
The purpose of this policy is to ensure all workforce members who require access to DMH technology resources and data are responsible for use of technology resources and must abide by all terms and conditions.
|
| This policy includes all aspects of the networked computing environment in DMH, whether or not the equipment is connected to the DMH network (by extension and for the purpose of this policy, the DMH network also includes portions of the Los Angeles County Enterprise Network (LAnet/EN), a wide area network (WAN), and other County information systems as well as the disconnected and stand-alone equipment and devices.
Where it comes into conflict with other existing department policies in the area of computing, this document shall take precedence (unless other policies contain higher levels of security and control requirement, in which case the higher-level requirements supersede), until such time when the conflicting policies are reconciled.
DMH Chief Information Office Bureau (CIOB); Human Resources Bureau (HRB); Capital Planning, Materials/Facilities Management & Disaster Planning; Contracts & Grants; and managers of all units shall carry out the enforcement of this policy where appropriate.
Access to DMH technology resources is a privilege, not a right. Access to networks and computer systems owned or operated by DMH requires certain responsibilities and obligations and is subject to Department policies and local, State, and federal laws. Appropriate use shall always be legal and ethical. Workforce members shall reflect community standards and show consideration and restraint in the consumption of shared resources. Workforce members shall also demonstrate respect for intellectual property, ownership of data, and system security mechanisms.
Access to DMH technology resources and information shall be limited to specific systems and data that are necessary for the workforce member to carry out his/her specific assigned duties and responsibilities.
Appropriate use of computing and networking resources and access to information must be in compliance with the Health Insurance Portability and Accountability Act (HIPAA) Standards for Privacy of Individually Identifiable Health Information.
(45 CFR §§ 160 & 164)
All workforce members, whether permanent, temporary, or part-time, are charged with ensuring the confidentiality, integrity, and availability of DMH technology resources, systems, and data and shall be held personally accountable for actions or negligence.
Workforce members who violate this policy in whole or in part may be subject to appropriate disciplinary action up to and including discharge or termination of contractual agreement. Failure to comply with HIPAA can result in civil and criminal penalties. (42 USC 1320d-5)
|
