CIHA Cybersecurity

CIHA Cybersecurity Policies

The purpose of Cherokee Indian Hospital Authority’s 18 cybersecurity policies is to provide a security framework that ensures the protection of the Hospital’s information and data from unauthorized access, loss, or damage while supporting the organization’s business-driven needs by meeting state and federal regulatory compliance, as well as meeting compliance with North Carolina State departments, including the North Carolina Department of Information Technology, the North Carolina Department of Health and Human Services, and NC Medicaid. Based on industry standards and best practices, these policies are the foundation for cybersecurity at CIHA.

In support of the purpose, each policy has been developed to ensure the confidentiality, integrity, availability, privacy, and security of the information assets of the Cherokee Indian Hospital Authority through the establishment of safeguards to prevent theft, abuse, and misuse while exceeding State departments’ compliance requirements. These policies were developed with the assistance of subject matter experts and peer-reviewed by using National Institute of Standards and Technology controls as the framework.