Information Security Policy

Applicable to: This policy is to be read and understood by all staff accessing lCT resources in the WA health system.

Description: Minor amendment to MP 0067/17 v.2.1, revised version MP 0067/17 v.2.2

The Acceptable Use of lCT and Information Security policies are two high risk policies that, together, provide a framework underpinning many of the digital security strategies employed in the WA health system. The Information Security policy outlines the security controls required to be implemented, monitored and reviewed across the WA health system. It aligns to the principles of the Australian Standards for information security management which support a risk-based approach to information security that is appropriate to sensitivity, risk profile and business need. It outlines actions that all staff need to take and additional actions for lCT staff, including those at HSS.

Date of effect: 09 August 2018 to 13 September 2020

Policy Framework