HIMSS

All stakeholders in Life and Health Science must be able to trust that Confidentiality, Integrity and Availability (CIA) of the systems in use in the medical product lifecycle are protected in a way that is commensurate to the risk to human life, security and privacy – including protecting patient health information. Security GIPs are a set of good practices and guidelines to ensure that the people, processes, technology and data used to support medical products throughout the product lifecycle, maintain pre-determined specifications for quality and applicable regulations based on the intended use.

The Security module will provide an understanding of security best practices, along with pragmatic tools and example Standard Operating Procedures (SOPs) to assist Life and Health Science organizations to effectively and efficiently plan, implement and operate computer systems and equipment within regulatory expectations. Topics related to security include the assessment of business objectives to ascertain the need for security, implementation of effective security controls, and the management and operation of IT infrastructure systems in a manner that maintains CIA.

By building upon GIP, organizations should be able to plan, design, implement and operate an effective security program that will appropriately protect the CIA of data and the computerized systems that could impact human life, privacy and intellectual property.