Transcript Information Security Governance

Mission: To ensure the Nebraska Medical Center Affiliated Covered Entity meets
privacy and information security regulatory requirements related to patient care,
education and research.
Joint Privacy/Information Security Executive Committee
Approve
Compliance
Plan
Privacy/
Information
Security
Program
Management
Approve/Resolve
Policy Matters
Recommend changes
to ACE membership
to governing boards
Approve Risk
Assessment
Review
of
metrics
Oversight of
Incident Response
Joint Privacy/Information Security Work Group
Review and
Recommend
Changes to
Compliance Plan
Review and
Recommend
Policy Matters
Review of
metrics
Review Risk
Assessment
Address joint
privacy/information
security issues as needed
Individual Entity Responsibilities
Implement
Approved
Compliance Plan
7/18/2015
Communicate
Policies and
Procedures
Provide Input Into
Risk Assessment
Provide input into
metrics
Serve on Incident
Response Team