Personnel Training for Privacy

Slides:

Advertisements

Similar presentations

ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.

Advertisements

University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.

Red Flag Rules: What they are? & What you need to do

DOCUMENTATION Missouri Medicaid Audit and Compliance Provider Certification Review Materials.

Springfield Technical Community College Security Awareness Training.

FAIR AND ACCURATE CREDIT TRANSACTIONS ACT (FACTA)- RED FLAG RULES University of Washington Red Flag Rules Protecting Against Identity Fraud.

Identity Theft Someone steals your personal information for his/her own gain It’s a crime!

G Personal Finance G  Almost 31% of an individual’s paycheck is deducted  Taxes are the largest expense most individuals will have 

Data Classification & Privacy Inventory Workshop

UNC Charlotte Purchasing Card Training for Auditor Role Annette Heller.

PRIVACY ACT Federal Workers’ Compensation Conference 2014 Department of Labor.

Data Security Overview ORSP Staff AT Desktop Service Team November 18th, 2014.

What is personally identifiable information (PII)? KDE Employee Training Data Security Video Series 1 of 3 October 2014.

OCPA NEIGHBORHOOD WATCH PROGRAM THE OHIO CRIME PREVENTION ASSOCIATION IDENTITY THEFT.

17-2 Financial Services and Electronic Banking. Types of financial services Savings services Financial institutions accept money for safekeeping. A broad.

Understanding Your Paycheck and Tax Forms

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

WHO’S IN YOUR “WALLET” WHO’S IN YOUR “WALLET” YOU BETTER “RECOGNIZE” YOU BETTER “RECOGNIZE” STEPPING $200 $200 $300 $400 $500 $400 $300 $200 $500 $400.

Identity Theft.  What is it?  How is it perpetrated?  Can you avoid it?  What if you become a victim?

Protecting Personal Information at Fermilab: Advanced Course Irwin Gaines – Lab Privacy Committee Chair.

1 General Awareness Training Security Awareness Module 1 Overview and Requirements.

Ames Laboratory Privacy and Personally Identifiable Information (PII) Training Welcome to the Ames Laboratory’s training on Personally Identifiable Information.

Federal Work Study Instructions in Completing the Forms Student Financial Services.

Florida Information Protection Act of 2014 (FIPA).

Protecting Personal Information at Fermilab. What You Will Learn F Why must we protect personal information? F What are the laboratory policies governing.

Information Technology & Communications Sensitive Data Use, Storage & Security Meeting Background Data Breach on February 18, 2014 Security Meeting with.

Protecting Personal Information at Fermilab. Outline F Why must we protect personal information? F What is Protected Personally Identifiable Information.

IDENTITY THEFT. Illegally obtaining personal information such as name, social security, drivers license, or mothers maiden name, address, bank/credit.

21/01/03 Paymentech proprietary and confidential information By John Florinis, Scotiabank As presented to FCA 240 at Seneca March

What You Need to Know About Your Personal Information.

ANTI-MONEY LAUNDERING COMPLIANCE PROGRAM FCM TRAINING

Update on Privacy Issues at USU October 10, 2013.

C4HCO Security and Privacy Discussion Bill Jenkins C4HCO Security and Privacy Officer 16 October 2013.

 Make a list of things you did today. From the time you got up until now.  Who you talked to? How you communicated?  What you did before you came to.

STANFORD UNIVERSITY RESEARCH COMPUTING Are we outliers? Institutional minimum security requirements RUTH MARINSHAW OCTOBER 14, 2015.

Privacy Act United States Army (Managerial Training)

Safeguarding Sensitive Information. Agenda Overview Why are we here? Roles and responsibilities Information Security Guidelines Our Obligation Has This.

Tracking Your Money Module 4.1. Vocabulary Check: a legal written document directing a financial institution to pay out funds from a specific account.

Hourly Student Employees Getting Them Hired & Records Management Best Practices.

Identity Theft. What Is Identity Theft? – Acquiring someone’s identifying information and impersonating them for gain.

POLICIES & PROCEDURES FOR HANDLING CONFIDENTIAL INFORMATION NOVEMBER 5 TH 2015.

Identity Theft It’s a crime!

Hourly Student Employees Hiring & Records Management

An Update on FERPA and Student Privacy

Privacy and Security Basics for Falls Evidence Based Programs Data Collection . October 2016.

Bank Secrecy Act SCEFCU June 21, 2005.

Privacy and Security Basics for CDSME Data Collection

Streamline your HR document management processes

Florida Information Protection Act of 2014 (FIPA)

Responding to a Data Breach 360° of IT Compliance

Protecting Personal Information at Fermilab

Secure Electronic Transaction

Cyber Security Awareness Workshop

Paul T. Smith Davis Wright Tremaine LLP

Florida Information Protection Act of 2014 (FIPA)

Understanding Your Paycheck and Tax Forms

FERPA HEA Privacy Act: Protecting Students Data

Understanding Your Paycheck and Tax Forms

Least Privilege.

Dawn Holding LLC Presents EB-5 VISA PROGRAM HELPING HANDS INC. GLOBAL CENTER PROJECT HUNT COUNTY,TEXAS USA.

Office of Information Security

Compliance….GlobalSearch……WHAT?!?!

Driver License Division Management Team Houston, TX

Identity Theft Prevention Program Training

HIPAA Security Standards Final Rule

Wissam Maroun- CAMS Head Of Compliance- BBAC S.A.L

Anthem Data Breach Group 2: Jing Jiang, Dongjie Wang, Haitao Huang, Binju Gaire, Parneet Toor.

Examples of Personal Data Requiring Protection

Colorado “Protections For Consumer Data Privacy” Law

PERSONALLY IDENTIFIABLE INFORMATION: AUDIT CONSIDERATIONS

Presentation transcript:

Personnel Training for Privacy Information Privacy & Cybersecurity

Definitions of Data Protection US: Security controls to protect data from being compromised by un-authorized actors (hackers) Europe: Same as US but add a persons rights to privacy

Protected PII is defined as an individual’s name in combination with one or more of the following items: social security number or foreign national ID number passport number or visa number driver’s license number personal credit card number bank account number date and place of birth (both together, not one by itself) mother’s maiden name detailed personal financial information (not merely salary history) detailed medical records What is Protected PII?

What if I need to access PII Staff have a need to maintain and process some PII (customer & employee records, financial transactions, credit card numbers etc.), but this should be restricted to only those employees that require access. These employees should be granted special roles and authority to properly access only the appropriate level of PII What if I need to access PII

How Do We Help Protect Privacy Communication Education Training Testing

Communication Create, publish and review Data Privacy Policies including: Data Types Document Classifications Retention Policy Responsibilities Technical and Physical Security

Education Seek out the appropriate education and certifications for you roles Guide others to the appropriate education and certifications

Training Cybersecurity Awareness Campaign Create Mandatory Training Sessions Create ongoing newsletters, e-mails, posters, videos Cybersecurity Awareness Campaign Training

Data Privacy Social Engineer Training

Testing Test Phish Vish Shoulder Surf Tail-Gate

Where do I go if I have any questions SANS.org ISACA.org pcisecuritystandards.org