OAR 333-018-0135
HAI Data Security


The Authority shall undertake precautions to prevent unauthorized disclosure of the raw data files. These precautions include but are not limited to:

(1)

Storing the raw data files on the internal storage hardware of a password-protected personal computer that is physically located within the Authority;

(2)

Restricting staff access to the raw data files;

(3)

Restricting network access to the raw data files; and

(4)

If applicable, storing patient information within a strongly-encrypted and password-protected virtual drive or using other methods to reliably achieve the same level of security.
Last Updated

Jun. 8, 2021

Rule 333-018-0135’s source at or​.us