As a Health Information Management Services Manager or HIPAA Security Officer, you are responsible for having policies and procedures in place regarding the security of protected information stored in the Electronic Health Record (EHR). These are essential to electronic health record integrity, confidentiality, and appropriate access. Mechanisms should be in place, including physical and personnel security measures, risk prevention, and monitoring of the EHR systems security.

Your goal is to design a policy and procedure for the security and monitoring of Protected Health Information (PHI) in your organization's EHR. Use information from the readings to compose the policy and procedure (P&P).