Annual Security Refresher Briefing. Brett Moore Facility Security Officer McLane Advanced Technologies Temple, Texas
|
|
- Philip Strickland
- 7 years ago
- Views:
Transcription
1 Annual Security Refresher Briefing Brett Moore Facility Security Officer McLane Advanced Technologies Temple, Texas
2 Annual Security Refresher Briefing The annual security refresher briefing is all about reminders. Reminding you of things you already know but maybe haven t thought about in a while.
3 Remember the Initial Employee Security Brief. We talked about awareness, defensive security, classifications, reporting, job duties and procedures. They haven t changed, but we have.
4 It s about remembering Maybe you haven t been in a secure closed room in awhile, or haven t checked out a classified document in a few months. Could be you ve not attended a classified meeting or worked a classified project this year, but that is no reason to become complacent in your security posture.
5 The intention This refresher briefing is to bring back to the forefront of your mind SECURITY our national security and your personal role in it.
6 Security violations Could be as simple as just didn t think about it and pinning a classified document to your cubicle wall in plan sight for all to see
7 Security violations Violations could be worse, like leaving a classified security container open and unattended
8 Security violations Or even worse yet, actual acts of espionage..
9 Remember. As a defense contractor employee you are a target for espionage, foreign and domestic. Military and economic espionage are the games and the players want to know what you know or have access to.
10 They want. Company proprietary information to gain a competitive advantage in the market place; they want military technology to gain the advantage on the battlefield. Our company has both and the adversary will target you because you are an employee here.
11 OPSEC Operations Security (OPSEC) is concerned with identifying, controlling, and protecting the generally unclassified evidence that is associated with sensitive operation and activities. OPSEC denies the adversaries information.
12 OPSEC The most important characteristic is that it is a process that can be applied to every day activities and not a collection of specific rules or instructions. OPSEC can be view in a simple flow: identify critical information, analysis of threats and vulnerabilities to that information and select an appropriate course of action to protect that information (at work and at home).
13 OPSEC The OPSEC plan can be as complex as Command and Control Warfare (C2W) or as simple as shredding your monthly credit card statement at home and not just tossing it in the trash. The idea is: don t give the adversary any information they can compile in small pieces to see the bigger picture. Don t give them anything to work with. Deny them any opportunity to gain the advantage.
14 Remember. Company photo ID badges have reason. The ID badge is not just a key to unlock a door, its much, much, more.
15 ID Badges Our company badge system is designed to facilitate employee identification, to provide a security clearance crosscheck, to identify visitors and, by the absence of the required badge, to identify unauthorized personnel on company premises.
16 ID Badges Also, remember employees and visitors will wear the badge in a conspicuous place clearly visible at or above the waist, at all times, while on company premises. All employees entering or leaving the facility are reminded to badge in or badge out each time they enter or exit the facility. And challenge any person tailgating (person not badging in but instead enters behind another who has)
17 ID Badges All employees shall challenge any person who is not displaying a ID badge while within the facility. If a person is not in possession of a valid ID badge, DO NOT attempt to physically restrain the individual. Report it immediately to the security office by dialing 6142 on a company desk phone or contact the front lobby receptionist.
18 Remember. Removing company material without authorization, regardless of value, can result in disciplinary action, including dismissal. This is especially critical for classified or company proprietary materials.
19 Classified information or materials are the property of the U.S. Government and is always handled in accordance to specific procedures. Whether working on a classified document, processing on a classified computer system or discussing classified in a meeting with others, it is always controlled and safeguarded according to DoD guidelines.
20 Simple guidelines like; Covering a document when unauthorized persons approach you or closing a door and pulling the window blinds down before turning on a classified computer system. Each classified activity has guidance. If you re unsure, ask.
21 Remember. Classified materials are specifically marked and easily identified. And this for the sole reason is to remind you what you have and to safeguard it appropriately.
22 Remember. Classified materials in your possession are your responsibility to protect from unauthorized disclosure. The U.S. Government is depending on you. This is the primary reason you received a security clearance. Based on your character and integrity, the government granted you the privilege of working with our National Secrets.
23 REPORTING REQUIREMENTS Cleared and uncleared personnel are responsible to report the following: Suspicious contacts Change in status which includes a name change, or change in citizenship A desire not to perform on classified work Loss, compromise, or suspected compromise of classified information Adverse information concerning yourself or another employee
24 REPORTING REQUIREMENTS Adverse information should be reported to your Facility Security Officer (FSO) Adverse information may include but is not limited to: Reflects unfavorable integrity or character of a person Severe financial problems Unexplained affluence Criminal conduct / suspicious persons hanging around Mental or emotional stress Alcohol and / or drug abuse Sexual misconduct / heavy gambling / unusual buying or selling Foreign connections - business or personal Subversive political activity
25 REPORTING REQUIREMENTS Adverse information should be reported to your Facility Security Officer MAT s FSO is John Hille at phone extension 6142 Industrial Security Letter #3 Report participation in rehab programs as -- Adverse Information
26 DSS Annual Facility Security Review Our Defense Security Service (DSS) Industrial Security Representative (IS Rep) will choose at random cleared employees and engage them in private interviews. IS Rep will evaluate: 1. The security program of the company 2. The companies security education and training program 3. Employee understanding of the National Security program 4. Employee understanding of their personal responsibilities 5. Employee daily activity involving classified information
27 DSS Annual Facility Security Review What can you as an employee expect during an interview? Types of questions typically asked are more or less event driven (conversation between IS-Rep and employee) What kind of work do you do? Answer: developer, FSR, tester, management, etc How long have you work here? Answer: forever actual years or date. Who is your FSO? (Facility Security Officer) Answer: John Hille do you know your FSO? What does the color on you ID Badge mean? Answer: Red means Cleared Employee, Green not cleared What level is your PCL? (Personnel Clearance Level) Answer: SECRET if you have a Red badge or None if a Green badge
28 DSS Annual Facility Security Review What can you as an employee expect during an interview? Types of questions typically asked are more or less event driven (conversation between IS-Rep and employee) How long have you held a security clearance? Answer: from my enlistment in the Army, other employment, since 1976, etc Do you reproduce classified? Answer: No not without specific instructions DERIVATIVE CLASSIFICATION Incorporating, paraphrasing, restating, or generating in new form, information that is already classified. Written authority is not needed Source material must be identified NOTE: We are User s of classified material unless written authority has been granted from the Original Classification Authority (OCA) to make a determination in classifying information. Marking Original and Derivative Classification decisions can be complicated, therefore, please contact your security staff for additional training or clarification.
29 DSS Annual Facility Security Review What can you as an employee expect during an interview? Types of questions typically asked are more or less event driven (conversation between IS-Rep and employee) Do you courier or transmit classified outside this facility? Answer: No not without specific instructions Must be designated in writing (Courier Letter) by the Facility Security Officer, Security Manager or Corporation Must have an authorized ID card with specific information on it Must be properly briefed on their responsibilities to safeguard classified information Do you mail or prepare classified for mailing? Answer: No not without specific instructions Classified material must be properly sealed (double wrapped in opaque/kraft paper) A receipt shall be enclosed Note: Depending on the classification level, classified material must be sent via the Defense Courier Service, U.S. Postal Express Mail / Registered Mail or other methods as directed in writing by the Government Contracting Agency.
30 DSS Annual Facility Security Review What can you as an employee expect during an interview? Types of questions typically asked are more or less event driven (conversation between IS-Rep and employee) How often do you access classified and what type? Answer: Daily activity, monthly meetings, when traveling to Government facilities I was told the contract requires you to hold a clearance because of job duties I don t access real documents, I work with a classified computer system. Types: TOP SECRET, SECRET or CONFIDENTIAL documents or computer systems FOUO For Official Use Only (can not be released to general public) SBU -Sensitive but Unclassified (I work with unclassified parts) CONOP --(location that I work requires it, I m exposed to classified) IT Sensitive --(over the shoulder work, I m exposed to classified)
31 DSS Annual Facility Security Review What can you as an employee expect during an interview? Types of questions typically asked are more or less event driven (conversation between IS-Rep and employee) When was your last security education training and what type? Answer: Annual brief by the FSO or as directed by the security office to review our company Intranet Security Power Points or Last months Newsletter article Do you know of any conditions that might jeopardize the safekeeping of classified materials here at this company? Answer:..(if YOU do; your FSO wants to know about it)
32 Thank You Questions? Concerns Remember to sign the attendance log to receive credit for this years briefing Or If you are viewing this on line, Remember to send an notice with date and time of completion to the Security Office at
Annual DoD Security Refresher Training
Annual DoD Security Refresher Training Welcome to your annual security refresher training. The purpose of this briefing is to remind you of your personal responsibilities and liabilities under United States
More informationDepartment of Commerce Office of Security. Initial Information Security Briefing
Department of Commerce Office of Security Initial Information Security Briefing Security Clearance A security clearance is a determination of trust, which makes you eligible for access to classified information.
More informationConsultant Annual DoD Security Refresher
Consultant Annual DoD Security Refresher 1 About This Course This course should be taken by Consultants Only in this PDF format All others should take this course online LMPeople > LMCareers > Learning
More information03/21/2013. Security Incident Requirements. Information Security Webinar. Administrative Announcements. Security Incident Requirements
Security Incident Requirements Information Security Webinar Security Incident Requirements Host: Lisa Rainey, SAPPC Information Security Curriculum Manager, DSS - CDSE Distinguished career-security professional
More informationThere are many examples of sensitive information falling into the wrong hands. What s the worst that can happen? The worst has already happened.
Data Spills Short Introduction There are many examples of sensitive information falling into the wrong hands. What s the worst that can happen? The worst has already happened. When data spills occur, they
More informationDefense Security Service (DSS)
Defense Security Service (DSS) Center for Development of Security Excellence (CDSE) ADMINISTRATIVE INQUIRY (AI) PROCESS JOB AID July 2011 TABLE OF CONTENTS 1. INTRODUCTION... 1 1.1 Scope... 1 2. PRELIMINARY
More informationIntroduction. Derivative Classification Training JOB AID
Introduction Derivative Classification Training The purpose of this job aid is to provide reference information for the responsibilities and procedures associated with derivative classification. This job
More informationIntroduction to Security Awareness Briefing. Office of Security @ NOAA
Introduction to Security Awareness Briefing Office of Security @ NOAA 4/21/2009 1 Agenda/Topics to Be Covered Introduction Security policies & procedures Security Force Property Control Access to NOAA
More informationCYBERSECURITY POLICY
* CYBERSECURITY POLICY THE CYBERSECURITY POLICY DEFINES THE DUTIES EMPLOYEES AND CONTRACTORS OF CU*ANSWERS MUST FULFILL IN SECURING SENSITIVE INFORMATION. THE CYBERSECURITY POLICY IS PART OF AND INCORPORATED
More informationSelf-Inspection Handbook for NISP Contractors TABLE OF CONTENTS
Self-Inspection Handbook for NISP Contractors TABLE OF CONTENTS The Contractor Security Review Requirement... 2 The Self-Inspection Handbook for NISP Contractors... 2 The Elements of Inspection... 2 Self-Inspection
More informationSecurity Awareness. A Supplier Guide/Employee Training Pack. May 2011 (updated November 2011)
Security Awareness A Supplier Guide/Employee Training Pack May 2011 (updated November 2011) Contents/Chapters 1. How do I identify a DWP asset 2. Delivering on behalf of DWP - Accessing DWP assets 3. How
More informationwelcome to Telect s Minimum Security Criteria for Customs-Trade Partnership Against Terrorism (C-TPAT) Foreign Manufacturers Training Presentation
welcome to Telect s Minimum Security Criteria for Customs-Trade Partnership Against Terrorism (C-TPAT) Foreign Manufacturers Training Presentation Minimum Security Criteria Scope Designed to be the building
More informationSMSe Privacy Impact Assessment
1. Contact Information Department of State Privacy Coordinator Margaret P. Grafeld Bureau of Administration Global Information Services Office of Information Programs and Services 2. System Information
More informationSection 5 Identify Theft Red Flags and Address Discrepancy Procedures Index
Index Section 5.1 Purpose.... 2 Section 5.2 Definitions........2 Section 5.3 Validation Information.....2 Section 5.4 Procedures for Opening New Accounts....3 Section 5.5 Procedures for Existing Accounts...
More informationBERKELEY COLLEGE DATA SECURITY POLICY
BERKELEY COLLEGE DATA SECURITY POLICY BERKELEY COLLEGE DATA SECURITY POLICY TABLE OF CONTENTS Chapter Title Page 1 Introduction 1 2 Definitions 2 3 General Roles and Responsibilities 4 4 Sensitive Data
More informationINFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL
INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL 1 INTRODUCTION The County of Imperial Information & Technical Services (ITS) Security Policy is the foundation of the County's electronic information
More informationTitle: Data Security Policy Code: 1-100-200 Date: 11-6-08rev Approved: WPL INTRODUCTION
Title: Data Security Policy Code: 1-100-200 Date: 11-6-08rev Approved: WPL INTRODUCTION The purpose of this policy is to outline essential roles and responsibilities within the University community for
More informationNational Recreation and Park Association Recommended Guidelines for Credentialing Volunteers
National Recreation and Park Association Recommended Guidelines for Credentialing Volunteers Background Screening Practices The National Recreation and Park Association has reviewed the resources of the
More informationIntermec Security Letter of Agreement
Intermec Security Letter of Agreement Dear Supplier, Please be advised that Intermec Technologies has joined US Customs and Border Protection (USC&BP) in the Customs-Trade Partnership Against Terrorism
More informationU.S. Department of the Interior's Federal Information Systems Security Awareness Online Course
U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course Rules of Behavior Before you print your certificate of completion, please read the following Rules of Behavior
More informationImporters must have written and verifiable processes for the selection of business partners including manufacturers, product suppliers and vendors.
Security Profile For each of the sections below, you will be required to write a response and/or upload a document demonstrating how your company adheres to the stated requirement. There is no one right
More informationCommanding Officer and Executive Officer. Information and Personnel Security Reference Handbook
Commanding Officer and Executive Officer Information and Personnel Security Reference Handbook Assistant for Information and Personnel Security (N09N2) Office of the Chief of Naval Operations Governing
More informationC-TPAT Self-Assessment - Manufacturing & Warehousing
Task # Section/Control Description 1 Security Management System 1.1 Is there a manager or supervisor responsible for implementing security within the company? Please provide the security manager s name
More informationAnnual HIPAA Security & Information Security Competency
Annual HIPAA Security & Information Security Competency 1 General Information FISO- What is a FISO? Facility Information Security Officer Responsible for the physical protection and recovery of all electronic
More informationABBVIE C-TPAT SUPPLY CHAIN SECURITY QUESTIONNAIRE
AbbVie is a participant in the U.S. Customs supply chain security program called the Customs-Trade Partnership Against Terrorism (C-TPAT). Participation in C-TPAT requires AbbVie to ensure that its overseas
More informationMILITARY HEALTH SYSTEM NOTICE OF PRIVACY PRACTICES. Effective April 14, 2003
HEALTH AFFAIRS MILITARY HEALTH SYSTEM NOTICE OF PRIVACY PRACTICES Effective April 14, 2003 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO
More informationTENANT ACCESS COORDINATOR HANDBOOK
TENANT ACCESS COORDINATOR HANDBOOK CHILDRESS KLEIN PROPERTIES July 22, 2009 CHILDRESS KLEIN PROPERTIES CARD ACCESS PROCEDURES TABLE OF CONTENTS I. Card Access System 1 A. Card Readers 1 B. Access Cards
More informationEducational Leadership Center Identification Badge Procedures
Educational Leadership Center Identification Badge Procedures October 2007 Educational Leadership Center Visitor Identification Badge Procedures Purpose: To explain the identification badging process used
More informationHuman Resources Policy and Procedure Manual
Procedure: maintains a computer network and either purchases software for use in the network or develops proprietary software systems for Company use. Company employees are generally authorized to use
More informationStudent Guide. counterintelligence.training@dss.mil
Short: Suspicious Emails Student Guide Objective POC Estimated completion time Determine whether an email is suspicious based on warning signs and determine the correct action to take if the email is suspicious.
More informationHIPAA Compliance. 2013 Annual Mandatory Education
HIPAA Compliance 2013 Annual Mandatory Education What is HIPAA? Health Insurance Portability and Accountability Act Federal Law enacted in 1996 that mandates adoption of Privacy protections for health
More informationHope In-Home Care CODE OF CONDUCT AND ETHICS
Hope In-Home Care CODE OF CONDUCT AND ETHICS September 2014 Table of Contents A MESSAGE FROM OUR DIRECTOR... 3 INTRODUCTION TO THE CODE OF CONDUCT AND ETHICS... 4 ELEMENT 1: QUALITY OF CARE... 5 ELEMENT
More informationNATO SECURITY BRIEFING NATO/ATOMAL SECURITY BRIEFING
NATO SECURITY BRIEFING FOREWORD This sample security briefing contains the minimum elements of information that must be provided to individuals upon initial indoctrination for access to NATO classified
More informationDepartment of Health and Human Services Policy ADMN 004, Attachment A
WASHINGTON COUNTY Department of Health and Human Services Policy ADMN 004, Attachment A HHS Confidentiality Agreement Including HIPAA (Health Information Portability and Accessibility Act of 1996) OREGON
More informationCHARLOTTE SCHOOL of LAW IDENTIFICATION BADGE POLICY
CHARLOTTE SCHOOL of LAW IDENTIFICATION BADGE POLICY PURPOSE: The purpose of the Identification Badge Policy is: To provide a consistent method of identification of those authorized to be on campus To provide
More informationJanuary-March 2009, 2d QTR FY09. Upcoming Events. Message from the Installation Security Manager Greetings Newsletter readers,
Newsletter Contents Installation Security 1 Manager s Message Security and Intelligence 2 Division Information Security 3 Security Education 4 Training and Awareness Industrial Security and 5 Foreign Representatives
More informationCOMPUTER USE POLICY City of Proctor
COMPUTER USE POLICY City of Proctor Purpose This policy serves to protect the security and integrity of the city s electronic communication and information systems by educating employees about appropriate
More informationC-TPAT Importer Security Criteria
C-TPAT Importer Security Criteria Importers must conduct a comprehensive assessment of their international supply chains based upon the following C-TPAT security criteria. Where an importer outsources
More information2. Begin gathering necessary documents for student (refer to Record Acknowledgement Form)
Dear Colleague, This notice is to share some recent changes we ve made with our Student Onboarding Process. Effective October 1, 2014, our onboarding process is migrating from Public Safety to our Human
More informationJOB AID. Derivative Classification Training U N I T E D A M E R I C A S TAT E S O F. Center for Development of Security Excellence (CDSE) www.cdse.
Center for Development of Security Excellence Learn. Perform. Protect. www.cdse.edu DEFENSE SECURITY SERVICE U N I T E D S TAT E S O F A M E R I C A Center for Development of Security Excellence (CDSE)
More informationPractice Test Security Fundamentals Professional Certification (SFPC) Multiple Choice. Multiple-Choice Sample Question # 1
The following Practice Test presents samples of the type, difficulty, and format of questions found on the SFPC assessment. At the end of the Practice Test, a table is provided outlining the topics and
More informationAnnual Compliance Training. HITECH/HIPAA Refresher
Annual Compliance Training HITECH/HIPAA Refresher January 2015 Sisters of Charity of Leavenworth Health System, Inc. All rights reserved. 1 Annual Refresher Training Welcome to the SCL Health System Compliance
More informationBusiness Conduct, Compliance and Ethics Program. important
Business Conduct, Compliance and Ethics Program important Table of Contents Letter from Troy Kirchenbauer As healthcare s first online direct contracting market, aptitude is committed to upholding the
More information2014 Core Training 1
2014 Core Training 1 Course Agenda Review of Key Privacy Laws/Regulations: Federal HIPAA/HITECH regulations State privacy laws Privacy & Security Policies & Procedures Huntsville Hospital Health System
More informationPCI Compliance Security Awareness Program For Marine Corps Community Services Contacts: Paul Watson
PCI Compliance Security Awareness Program For Marine Corps Community Services Contacts: Paul Watson Overview What is PCI? MCCS Compliance PCI DSS Technical Requirements MCCS Information Security Policies
More informationAUBURN WATER SYSTEM. Identity Theft Prevention Program. Effective October 20, 2008
AUBURN WATER SYSTEM Identity Theft Prevention Program Effective October 20, 2008 I. PROGRAM ADOPTION Auburn Water System developed this Identity Theft Prevention Program ("Program") pursuant to the Federal
More informationIdentity Theft Prevention Program Compliance Model
September 29, 2008 State Rural Water Association Identity Theft Prevention Program Compliance Model Contact your State Rural Water Association www.nrwa.org Ed Thomas, Senior Environmental Engineer All
More informationASCINSURE SPECIALTY RISK PRIVACY/SECURITY PLAN July 15, 2010
ASCINSURE SPECIALTY RISK PRIVACY/SECURITY PLAN July 15, 2010 OBJECTIVE This Security Plan (the Plan ) is intended to create effective administrative, technical and physical safeguards for the protection
More informationVRH s Internal Customer Service Policy
VRH s Internal Customer Service Policy Excellent customer service depends mainly on two elements: (1) training, and (2) management follow-through. VRH asset managers must always maintain a calm and professional
More informationPage 1. NAOP HIPAA and Privacy Risks 3/11/2014. Privacy means being able to have control over how your information is collected, used, or shared;
Page 1 National Organization of Alternative Programs 2014 NOAP Educational Conference HIPAA and Privacy Risks Ira J Rothman, CPHIMS, CIPP/US/IT/E/G Senior Vice President - Privacy Official March 26, 2014
More informationNC DPH: Computer Security Basic Awareness Training
NC DPH: Computer Security Basic Awareness Training Introduction and Training Objective Our roles in the Division of Public Health (DPH) require us to utilize our computer resources in a manner that protects
More informationHTIC provides specialized equipment when needed. This equipment should only be used for the purpose designed.
Board Policies Section: VII.D. Title: Employee Policy Handbook (Staff) Company Policies COMPANY EQUIPMENT HTIC provides specialized equipment when needed. This equipment should only be used for the purpose
More informationCustoms-Trade Partnership Against Terrorism (C-TPAT) Security Guidelines for Suppliers/Shippers
Customs-Trade Partnership Against Terrorism (C-TPAT) Security Guidelines for Suppliers/Shippers In support of Vectora's C-TPAT program implementation, these security requirements and guidelines are provided
More informationPartners in Protection / C-TPAT Supply Chain Security Questionnaire
Partners in Protection / C-TPAT Supply Chain Security Questionnaire Dear: Supply Trade Partner As you are aware there have been several changes in the transportation industry over the past few years. One
More informationCounterintelligence Awareness Glossary
Counterintelligence Awareness Glossary Access: The ability and opportunity to obtain knowledge of classified information. Anomaly: Activity r knowledge, outside the norm, that suggests a foreign entity
More informationHFS DATA SECURITY TRAINING WITH TECHNOLOGY COMES RESPONSIBILITY
HFS DATA SECURITY TRAINING WITH TECHNOLOGY COMES RESPONSIBILITY Illinois Department of Healthcare and Family Services Training Outline: Training Goals What is the HIPAA Security Rule? What is the HFS Identity
More informationJEWISH FAMILY SERVICE NOTICE OF PRIVACY PRACTICES
Jewish Family Service takes pride in treating our clients and each other with respect and dignity. Protecting your health information is very important to us. We want you to have a clear understanding
More informationWhy do we need to protect our information? What happens if we don t?
Warwickshire County Council Why do we need to protect our information? What happens if we don t? Who should read this? What does it cover? Linked articles All WCC employees especially mobile and home workers
More informationANNUAL SECURITY RESPONSIBILITY REVIEW
ANNUAL SECURITY RESPONSIBILITY REVIEW For Faculty and Staff Who Use Computers Minimally in their work May 2012 Training Topics What is Information Security? Review Security Vulnerabilities Phishing email
More informationReception Services. What makes a good reception area? Comfy Chairs. Meeting Area. Plants. Security Camera. Refreshments. Entry phone system
Waiting area Reception Services What makes a good reception area? Informal Meeting Area Comfy Chairs Security Camera Magazines etc Photographs Plants Entry phone system Switchboard, fax & PC Refreshments
More informationPCI Training for Retail Jamboree Staff Volunteers. Securing Cardholder Data
PCI Training for Retail Jamboree Staff Volunteers Securing Cardholder Data Securing Cardholder Data Introduction This PowerPoint presentation is designed to educate Retail Jamboree Staff volunteers on
More informationPROGRAM PARTICIPANT (STUDENT PARTICIPANT OR FACULTY PARTICIPANT) SIGNS:
PROGRAM PARTICIPANT (STUDENT PARTICIPANT OR FACULTY PARTICIPANT) SIGNS: EXHIBIT A STATEMENT OF RESPONSIBILITY For and in consideration of the benefit provided the undersigned in the form of experience
More informationHFS DATA SECURITY TRAINING
HFS DATA SECURITY TRAINING WITH TECHNOLOGY COMES RESPONSIBILITY Illinois Department of Healthcare and Family Services Training Outline: Training Goals What is the HIPAA Security Rule? What is the HFS Identity
More informationThis directive applies to all DHS organizational elements with access to information designated Sensitive Compartmented Information.
Department of Homeland Security Management Directives System MD Number: 11043 Issue Date: 09/17/2004 SENSITIVE COMPARTMENTED INFORMATION PROGRAM MANAGEMENT I. Purpose This directive establishes Department
More informationHealth Insurance Portability and Accountability Act (HIPAA) Overview
Health Insurance Portability and Accountability Act (HIPAA) Overview Agency, Contract and Temporary Staff Orientation Initiated: 5/04, Reviewed: 7/10, Revised: 10/10 Prepared by SHS Administration & Samaritan
More informationPROTECTING PATIENT PRIVACY and INFORMATION SECURITY
PROTECTING PATIENT PRIVACY and INFORMATION SECURITY 2 PROTECTING PATIENT PRIVACY AND INFORMATION SECURITY PROTECTING PATIENT PRIVACY AND INFORMATION SECURITY 3 INTRODUCTION As an agency employee, student,
More informationPolk Medical Center Notice of Privacy Practices
Polk Medical Center Notice of Privacy Practices THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
More informationService Children s Education
Service Children s Education Data Handling and Security Information Security Audit Issued January 2009 2009 - An Agency of the Ministry of Defence Information Security Audit 2 Information handling and
More information+GAMES. Information Security Advisor. Be a Human Firewall! The Human Firewall' s Top Concerns in the Cyber, People & Physical Domains
Information Security Advisor December 2015 Be a Human Firewall! The Human Firewall' s Top Concerns in the Cyber, People & Physical Domains +GAMES Spot the insider & Human firewall Filtering EXerCISE Good
More informationHIPAA Security Training Manual
HIPAA Security Training Manual The final HIPAA Security Rule for Montrose Memorial Hospital went into effect in February 2005. The Security Rule includes 3 categories of compliance; Administrative Safeguards,
More informationDEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-6000
DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-6000 CHIEF INFORMATION OFFICER October 1, 2015 MEMORANDUM FOR SECRETARIES OF THE MILITARY DEPARTMENTS CHAIRMAN OF THE JOINT CHIEFS OF
More informationA Message for Warehouse Operators And Security Guidelines for Warehouse Operators
A Message for Warehouse Operators And Security Guidelines for Warehouse Operators Kingchem LLC is a participant in the Customs-Trade Partnership Against Terrorism (C-TPAT). C-TPAT is a voluntary joint
More informationSAFEGUARDING CHILDREN AND CHILD PROTECTION POLICY
SAFEGUARDING CHILDREN AND CHILD PROTECTION POLICY Our setting will work with children, parents and the community to ensure the rights and safety of children and to give them the very best start in life.
More informationThe Design Society. Information Security Policy
The Design Society Policies and Forms That Conform to PCI DSS SAQ A Version 2.0 June 2014 About this Document This document contains The Design Society information security policies. This document is
More informationData Security John Hopkins Core Operations Manager Melanie Williams, Ph.D. Branch Manager Texas Cancer Registry April 17, 2009
Data Security John Hopkins Core Operations Manager. Melanie Williams, Ph.D. Branch Manager Texas Cancer Registry April 17, 2009 Background TCR receives approximately 200,000 reports from over 500 reporters
More informationIdentity Theft Information
Identity Theft Information Houston Police Department Criminal Investigations Command Financial Crimes Unit 713-308-2500 The information contained on this page is intended to assist the citizens of Houston
More informationSecurity Awareness Quiz Questions
Category Question Awareness Quiz Questions Answer 1. Why is backing up data files important? Backups ensure that the information you need is there when you need it If the information is damaged it can
More informationSELF-LEARNING MODULE (SLM) 2012 HIPAA Education Privacy Basics and Intermediate Modules
SELF-LEARNING MODULE (SLM) 2012 HIPAA Education Privacy Basics and Intermediate Modules Page 2 Index Privacy 101 and Intermediate Privacy Self-Learning Module 2012 HIPAA Education 3 Instructions Index
More informationRisk Management Handbook
Risk Management Handbook 1999 Introduction Risk management is the process of selecting and implementing countermeasures to achieve an acceptable level of risk at an acceptable cost. The analytical risk
More informationSECURITY ORIENTATION
SECURITY ORIENTATION Administration and Resource Management Division Security Programs and Information Management Branch HQMC Security Manager: Kevin J White HQMC Assistant Security Manager: Orlando Roman
More informationNotice of Privacy Practices
Notice of Privacy Practices This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully. This practice uses
More informationPeace Corps Office of the OCIO Information and Information Technology Governance and Compliance Rules of Behavior for General Users
Table of Contents... 1 A. Accountability... 1 B. System Use Notification (Login Banner)... 1 C. Non-... 1 D. System Access... 2 E. User IDs... 2 F. Passwords... 2 G. Electronic Information... 3 H. Agency
More informationDr. Adam Apfelblat 5140 Highland Road Waterford 48327 Phone: (248)618-3467 Fax: (248)618-3515
Dr. Adam Apfelblat 5140 Highland Road Waterford 48327 HIPAA NOTICE OF PRIVACY PRACTICES PLEASE REVIEW THIS NOTICE CAREFULLY. IT DESCRIBES HOW YOUR MEDICAL INFORMATION MAY BE USED AND DISCLOSED AND HOW
More informationPROCESSING CLASSIFIED INFORMATION ON PORTABLE COMPUTERS IN THE DEPARTMENT OF JUSTICE
PROCESSING CLASSIFIED INFORMATION ON PORTABLE COMPUTERS IN THE DEPARTMENT OF JUSTICE U.S. Department of Justice Office of the Inspector General Audit Division Audit Report 05-32 July 2005 PROCESSING CLASSIFIED
More informationPersonally Identifiable Information (PII), Protected Health Information (PHI), and Federal Information Requirements
Personally Identifiable Information (PII), Protected Health Information (PHI), and Federal Information Requirements (Revised April 9, 2015) 1. General Requirements Overview - Personally Identifiable Information
More informationINFORMATION SECURITY SPECIFIC VENDOR COMPLIANCE PROGRAM (VCP) ACME Consulting Services, Inc.
INFORMATION SECURITY SPECIFIC VENDOR COMPLIANCE PROGRAM (VCP) ACME Consulting Services, Inc. Copyright 2016 Table of Contents INSTRUCTIONS TO VENDORS 3 VENDOR COMPLIANCE PROGRAM OVERVIEW 4 VENDOR COMPLIANCE
More informationWAREHOUSE SECURITY BEST PRACTICE GUIDELINES CUSTOMS-TRADE PARTNERSHIP AGAINST TERRORISM
BACKGROUND WAREHOUSE SECURITY BEST PRACTICE GUIDELINES CUSTOMS-TRADE PARTNERSHIP AGAINST TERRORISM In the aftermath of September 11, U.S. Customs and Border Protection (CBP) in cooperation with its trade
More informationProtective security governance guidelines
Protective security governance guidelines Security awareness training Version 1.0 Approved September 2010 Contents Introduction... 1 Who gets of security awareness training/briefings?... 2 Security awareness
More informationCASE STUDY OF INDUSTRIAL ESPIONAGE THROUGH SOCIAL ENGINEERING
CASE STUDY OF INDUSTRIAL ESPIONAGE THROUGH SOCIAL ENGINEERING Ira S. Winkler National Computer Security Association 10 South Courthouse Avenue Carlisle, Pennsylvania 17013 winkler@ncsa.com (717) 258-1816
More informationAPOSTOLIC CHRISTIAN HOME OF EUREKA NOTICE OF PRIVACY PRACTICES
APOSTOLIC CHRISTIAN HOME OF EUREKA NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW
More informationEvery member of our healthcare team has a specific role in maintaining the high quality of care that distinguishes the hospital.
Welcome! It is a pleasure for me to welcome you to The University Hospital family. Our volunteers play an integral role in the healthcare services we provide to our patients and the community. Every member
More informationGovernment Worker Privacy Survey. Improper Exposure of Official Use, Sensitive, and Classified Materials
Government Worker Privacy Survey Improper Exposure of Official Use, Sensitive, and Classified Materials 1 Introduction Data privacy is a growing concern for the US government as employees conduct business
More informationJeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act Compliance
Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act Compliance Campus Safety & Security Report Introduction The Jeanne Clery Disclosure of Campus Security and Campus Crime
More informationHow To Maintain A Security Awareness Program
(Company Name) SECURITY AWARENESS PROGRAM INFORMATION, PHYSICAL AND PERSONAL SECURITY Company Policies Security Awareness Program Purposes Integrate Define Feedback Activities Elicit Implement Employees
More informationInsider Threats in the Real World Eavesdropping and Unauthorized Access
Insider Threats in the Real World Eavesdropping and Unauthorized Access A Visual Data Security Whitepaper Prepared by: OptioLabs Camden Yards 323 West Camden Street, Suite 801 Baltimore, Maryland 21201
More informationDelaware State University Policy
Delaware State University Policy Title: Delaware State University Acceptable Use Policy Board approval date: TBD Related Policies and Procedures: Delaware State University Acceptable Use Policy A Message
More informationDSS Monthly Newsletter
(Sent on behalf of ISR) Dear FSO, DSS Monthly Newsletter December 2012 This is the monthly email containing recent information, policy guidance, security education and training updates. If you have any
More informationReturn the attached PPG Supply Chain Security Acknowledgement by email, fax, or mail within two weeks from receipt.
TO: International Suppliers shipping to the United States PPG Industries, Inc., and its affiliates have been certified as a member of the U. S. Customs Trade Partnership Against Terrorism ( C-TPAT ). C-TPAT
More informationObtaining a Facility Security Clearance A Pinkerton Government Services White Paper
Obtaining a Facility Security Clearance A Pinkerton Government Services White Paper Robert Maydoney Vice President Sales Pinkerton Government Services, Inc. 740 North Main Street Mansfield, MA 02048 T:
More informationHIPAA RULES AND REGULATIONS
HIPAA RULES AND REGULATIONS INTRODUCTION Everyone who works in or around health care has heard about the HIPAA, the Health Insurance Portability and Accountability Act. And certainly, everyone who is in
More information