Privacy and Security - Local Servers - EBUS.09
This section only applies to point of service sites hosting patient data on local (physically onsite) servers. The information in this section does not apply to data centre-hosted sites where the requirements are addressed by the application service provider.
For points of service sites using local servers to store patient data the following physical security measures must be in place to protect against unauthorized access:
- locked room with solid wall (floor-to-ceiling) construction or specialized locked cabinet or equivalent;
- restricted key access;
- locks, bolts (or equivalent) on vulnerable doors and windows; and
- motion detectors and intrusion alarm systems.
At a minimum, this secure area must have the following environmental controls in place:
- uninterrupted power supply to facilitate an orderly shutdown process;
- fire detection and suppression;
- temperature and humidity controls; and
- water damage detection and mitigation.
Access to the server area is to be limited to specifically authorized personnel.
To support business continuity and disaster recovery there must be documented procedures for:
- system and application restoration (including configurations); and
- data restoration.
Backup files must be stored in a secure location, preferably off-site. Backup files stored off-site must be encrypted to a minimum of AES-256. Backup files stored onsite must be in a locked safe or equivalent secure location. Procedures and accountability for evaluating and applying operating system and application updates, hot fixes, and patches must be implemented for the local server.
To protect servers from other potential threats, you must implement the following security measures in the server environment:
- Keep operating system and application security patches current using scheduled updates or real-time update protocols;
- Deploy current, actively running anti-virus software , that generates audit logs;
- Install and run firewalls;
- Use managed perimeter defence safeguards to mediate all traffic and to protect systems from "over the network" attacks and attempts at security breaches.
The local server must have system logging capabilities enabled. There must be a schedule and procedures available for the responsible person in your organization to monitor the system logs regularly for unusual patterns or anomalies. All potential security weaknesses or breaches must be reported to the point of service management.