OAR 333-018-0135
HAI Data Security

The Authority shall undertake precautions to prevent unauthorized disclosure of the raw data files. These precautions include but are not limited to:


Storing the raw data files on the internal storage hardware of a password-protected personal computer that is physically located within the Authority;


Restricting staff access to the raw data files;


Restricting network access to the raw data files; and


If applicable, storing patient information within a strongly-encrypted and password-protected virtual drive or using other methods to reliably achieve the same level of security.
Last Updated

Jun. 8, 2021

Rule 333-018-0135’s source at or​.us