IT Support

OU Physicians Information Systems

405-271-3131

oupsys@ouhsc.edu

_____________________________________________________________________________________
IT Policies & Procedures

UNATTENDED COMPUTERS

Unattended computers should be shut down, logged off, or locked to prevent unauthorized access. When leaving a system unattended for a long period of time, logging off or shutting down is advised. When leaving your system unattended for short periods, you are advised to lock the computer by hitting the windows logo and L keys at the same time:

*In addition, all department computers are set to automatically lock after 10 minutes of inactivity. This is set through group policy and cannot be disabled.

WINDOWS UPDATES

Security updates and other fixes are routinely released by Microsoft and should always be installed as soon as they are available. Do not ignore windows update reminders! When prompted, always install the available Microsoft updates by clicking the yellow shield icon in the lower right-hand corner of your screen:

VIRUS-SCAN UPDATES

All department computers have McAfee anti-virus installed and are set to auto-update virus definitions daily. However, it may sometimes be neccesary or desirable to update McAfee manually. Do this by right-clicking its icon in the lower right-hand corner of your screen, then choose "Update Now":

HANDHELDS\SMARTPHONES\PDA's

Handheld computing devices such as PDA's, smartphones, and Blackberries should be password-protected. Do not store the password with the device or on the device itself. Instructions to enable or change your handheld's password vary by device. Contact your IT support if you need further assistance.

ACCEPTABLE USE POLICY

Access to computer systems and networks owned, operated, or provided by the University is predicated on compliance with certain responsibilities and obligations and is granted subject to University policies and local, state and federal laws. By using University information systems or computing resources, you agree to abide by and comply with the applicable policies, procedures and laws. Acceptable use must be ethical, reflect academic honesty, and show responsible use in the consumption of shared resources. Acceptable use also demonstrates respect for intellectual property, ownership of data, system security mechanisms, and freedom from intimidation and harassment. Information created or stored on University computer resources, networks and systems may be subject to the Oklahoma Open Records Act.

PROTECTED HEALTH INFORMATION (PHI)

Protected Health Information, or "PHI" is defined as individually identifiable health information. All PHI must be stored on university file servers (preferably) or properly secured laptops and handhelds (only if absolutely necessary). Do not use third-party email services (such as Hotmail, Yahoo, etc) for any type of work communications -- use Outlook (or Outlook webmail) only. Do not store PHI on non-secure devices such as USB flash drives or portable hard drives. To the greatest extent possible, strive to keep PHI and non-PHI data organized into separate folders on the server. This will facilitate our eventual move to separate file servers for PHI, which will be located in a special campus data center.

OUHSC IT Standards and Policies - http://www.ouhsc.edu/it/policy/

OUHSC IT Information Security Page - http://www.ouhsc.edu/it/security/