Great care and consideration are put into assuring the security of the CIIS. The CIIS Security Policies and Procedures comply with the security standards defined by the following agencies:
- U.S. Department of Health and Human Services
- International Organization for Standardization
- American National Standards Institute
- National Institute of Standards and Technology
- National Infrastructure Protection Center
- Crisis Emergency Response Team
CIIS security measures include:
- User authentication
- Individual passwords changed every 90 days
- Extensive audit trail records
CIIS revises its Security Policies and Procedures as industry standards are updated.