Policy Management Policy

Wildfire Labs implements policies and procedures to maintain compliance and integrity of data. The Privacy Officer and Security Officer are responsible for maintaining policies and procedures and assuring all Wildfire Labs workforce members, business associates, customers, and partners are adherent to all applicable policies. Previous versions of policies are retained to assure ease of finding policies at specific historic dates in time.

Applicable Standards

HITRUST Common Security Framework

  • 12.c - Developing and Implementing Continuity Plans Including Information Security

HIPAA Security Rule

  • 164.316(a) - Policies and Procedures

  • 164.316(b)(1)(i) - Documentation

Maintenance of Policies

  1. All policies are stored and up to date to maintain Wildfire Labs compliance with HIPAA, HITRUST, NIST, and other relevant standards. Updates and version control is done similar to source code control.

  2. Policy update requests can be made by any workforce member at any time. Furthermore, all policies are reviewed annually by both the Security and Privacy Officer to assure accuracy.

  3. Edits and updates made by appropriate and authorized workforce members are done on their own versions, or branches. These changes are only merged back into final, or master, versions by the Privacy or Security Officer, similarly to a pull request. All changes are linked to workforce personnel who made them and the Officer who accepted them.

  4. All policies are made accessible to all Wildfire Labs workforce members.

    1. Changes can be requested to policies using change requests in Gitbook or pull requests in Github.

  5. All policies, and associated documentation, are retained for 6 years from the date of its creation or the date when it last was in effect, whichever is later

    1. Version history of all Wildfire Labs policies is done via Github.

    2. Backup storage of all policies is done with Google Drive.

  6. The policies and information security policies are reviewed and audited annually. Issues that come up as part of this process are reviewed by Wildfire Labs management to assure all risks and potential gaps are mitigated and/or fully addressed.

Additional documentation related to maintenance of policies is outlined in the Privacy Officer's responsibilities.

PreviousRisk Management PolicyNextIncident Response Policy

Last updated