Ensure and document that we follow"Norm for informasjonssikkerhet i helsejenesten"
Improve access log control and access management also locally.
Provide better and more structured training on confidentiality, privacy / data security when hiring and following up.
Provide structure and routines for delegations and authorization.
Improve risk assessment procedures.
Improve non-conformance reporting system to optimize the possibility of improvement work on the basis of non-conformance.
Increase the use of non-conformance reports, and create a good culture for non-conformance and improvement work.