1 / 11

Top 10 DHS IT Security & Privacy Best Practices

Top 10 DHS IT Security & Privacy Best Practices. #10. Contact The Office of Systems & Technology for appropriate ways to proceed if you need access to another employee's data. #9. Users of DHS information systems should have no expectation of personal privacy in the use of these resources.

pierce
Download Presentation

Top 10 DHS IT Security & Privacy Best Practices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Top 10 DHS IT Security & PrivacyBest Practices

  2. #10 Contact The Office of Systems & Technology for appropriate ways to proceed if you need access to another employee's data. 2014 DHS IT Security & Privacy Training

  3. #9 Users of DHS information systems should have no expectation of personal privacy in the use of these resources. 2014 DHS IT Security & Privacy Training

  4. #8 All DHS employees must follow the DHS Security and Privacy Policies. These may be found on DHS Share under 5000 & 4000 series. 2014 DHS IT Security & Privacy Training

  5. #7 There are specific conditions under which HIPAA allows DHS to share PHI without an Authorization to Disclose; you must know which conditions are allowable and which are not. Please contact the DHS Security Office at 501-320-3911. 2014 DHS IT Security & Privacy Training

  6. #6 Each user has the responsibility to monitor the physical security of the DHS work area. This work area includes your desk and the DHS facility. 2014 DHS IT Security & Privacy Training

  7. #5 The failure to protect sensitive information can impact the privacy of DHS clients and may lead to disciplinary action as well as criminal and civil penalties against DHS and those individuals who improperly access or disclose Sensitive Information. 2014 DHS IT Security & Privacy Training

  8. #4 Never give out your user name and password. DHS tech support staff will never ask anyone for this information. Anyone who asks for it is trying to get more than that from you and DHS. 2014 DHS IT Security & Privacy Training

  9. #3 Under HIPAA, clients’ files containing PHI may only be shared with those who “need to know” the information. This is called the Minimum Necessary Rule. Under the Minimum Necessary Rule, DHS can only disclose the PHI that is necessary to satisfy a particular need or request. 2014 DHS IT Security & Privacy Training

  10. #2 Don’t comply with a request for information unless you are sure the requestor is authorized to obtain or have that information. 2014 DHS IT Security & Privacy Training

  11. #1 Report security incidents ASAP – within one business day of occurrence, at the most. DHS employees are required by policy 5006 to report security incidents. 2014 DHS IT Security & Privacy Training

More Related