Policy
The following policy documents describe and specify the responsibilities and obligations of HeartAI platform components and HeartAI administrators and developers within the health system context. HeartAI is expected to maintain a high-level of due diligence, particularly with the management of potentially sensitive information. HeartAI is committed to close coordination with SA Government and SA Health organisations and to understanding and following state and federal laws, policies, regulations, and compliance standards.
HeartAI policies may be found with the following documents:
- Legal compliance
- Information security
- Management of sensitive information
- Change management process
- Personnel security
- Identity and access management
- Management of corporate and personal devices
- Management of sensitive keys and secrets
- Encryption and cryptography
- Deployment environment management
- Platform and data access
- Source repository access and usage
- Security education and awareness
- Security review and auditing
- Service engagement and assurance
- Incident management and business continuity