As the privacy officer, you have been asked to develop policies and procedures for protecting the confidentiality and security of the clinical data collected in your computerized system. First, you judge the value of information processed by your system and classify it. Another step you would need to take is:
Authorize access to information collected based on level of data sensitivity
Prevent all nonclinicaians access to any confidential information in the system
Establish firewalls to protect aggregate data collected within your facility
Establish passwords for all customers, both internal and external, who request access to the information in your system.