Presentation is loading. Please wait.

Presentation is loading. Please wait.

Action Tracker · Status Report | Bill Moss, Assistant Secretary Oct 6, 2015 Aging and Long-Term Support, Administration Background Group Topic / Strategic.

Published byCharlotte Hoover Modified over 8 years ago

Similar presentations

Presentation on theme: "Action Tracker · Status Report | Bill Moss, Assistant Secretary Oct 6, 2015 Aging and Long-Term Support, Administration Background Group Topic / Strategic."— Presentation transcript:

1 Action Tracker · Status Report | Bill Moss, Assistant Secretary Oct 6, 2015 Aging and Long-Term Support, Administration Background Group Topic / Strategic Plan Goal / Other Mission Critical Goals Sub Topic / Strategic Objective: Increase IT security support to improve and enhance data security to perform oversight activities to ensure evidence of compliance for both internal and external business partners statewide with data security requirements mandated by state and federal laws, DSHS Administrative and Washington State Office of Chief Information Officer (OCIO) security standards and policies, and Health and Human Services (HHS), Office of Civil Rights (OCR) DSHS investigation findings. Strategic Objective # : 4.2 Measure Title : Reduce the monthly security vulnerabilities weighted score by 5 percent for servers and workstations through June 2017. ID#Problem to be solvedStrategy/Approach Task(s) to support strategyLeadStatusDueExpected OutcomePartners 4.2.1Contractor Compliance Verification Conduct onsite compliance verification reviews with ALTSA & Developmental Disabilities Administration (DDA) contractors. Develop Compliance Verification (CV) policy & procedure, to include schedules and develop tool for CV reviews. Conduct communications about new process to ALTSA & DDA programs. Kim AndersonOn track12/31/15Ensure contractors are complying with the data security requirements of their contracts in turn keeping DSHS data protected and reducing risk of data breaches.. ALTSA & DDA Contractors 4.2.2Vulnerability Management Statewide Conduct vulnerability scans and timely patching on computer systems. Address vulnerability scans backlog to reach maintenance mode Scott DeMeyerIn progress12/31/2015Reduce or remove vulnerabilities and ensure compliance of HIPAA, state and federal regulations for protecting data. Conduct monthly and more if needed vulnerability scans on systems, applications, and data bases timely Each month through 6/30/2017 Provide oversight and track progress on corrective action plans to completion. 6/30/16 On track10/30/15Regularly updated data for reporting Collect vulnerability data to support monthly reporting. Proposed Action Type of Status Report Strategic Plan SO-4.2IT Security Vulnerability Last modified 10/06/2015 1

2 Action Tracker · Status Report | Bill Moss, Assistant Secretary Oct 06, 2015 Aging and Long-Term Support, Administration Background Group Topic / Strategic Plan Goal / Other Mission Critical Goals Sub Topic / Strategic Objective: Increase IT security support to improve and enhance data security to perform oversight activities to ensure evidence of compliance for both internal and external business partners statewide with data security requirements mandated by state and federal laws, DSHS Administrative and Washington State Office of Chief Information Officer (OCIO) security standards and policies, and Health and Human Services (HHS), Office of Civil Rights (OCR) DSHS investigation findings. Strategic Objective # : 4.2 Measure Title : Reduce the monthly security vulnerabilities weighted score by 5 percent for servers and workstations through June 2017. ID#Problem to be solvedStrategy/Approach Task(s) to support strategyLeadStatusDueExpected OutcomePartners 4.2.3Security Log Monitoring for compliance with HIPAA regulations, Office of Chief Information Officer (OCIO) IT standards and DSHS Information Security Polies Security Log Monitoring on headquarters servers that store Category 3 and 4 data. Develop documented procedure, schedules, timelines. Kim AndersonOn track6/30/16Increased security compliance required by HIPAA regulations, OCIO IT standards and DSHS Information Security Policies 4.2.4Internal verification of compliance Conduct internal audits Conduct 1-2 random audits of ALTSA and DDA sites to determine data security compliance and risk, establish corrective action plans and track to completion. Michele WeedinOn trackEach month through 6/30/2017 Increased compliance and reduced risk to department data and IT resources. ALTSA & DDA Sites Develop policy & procedure, to include schedules and develop tool for reviews. Conduct communications about new process to ALTSA & DDA programs. Proposed Action Type of Status Report Strategic Plan SO-4.2IT Security Vulnerability Last modified 10/06/2015 2

Download ppt "Action Tracker · Status Report | Bill Moss, Assistant Secretary Oct 6, 2015 Aging and Long-Term Support, Administration Background Group Topic / Strategic."

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
Ways to Improve the Hazard Management Process

Ways to Improve the Hazard Management Process
MONITORING OF SUBGRANTEES

MONITORING OF SUBGRANTEES
(Individuals with Disabilities Education Improvement Act) and

(Individuals with Disabilities Education Improvement Act) and
THE DEPARTMENT OF HEALTH AND HUMAN SERVICES (HHS) OFFICE FOR CIVIL RIGHTS (OCR) ENFORCES THE HIPAA PRIVACY, SECURITY, AND BREACH NOTIFICATION RULES HIPAA.

THE DEPARTMENT OF HEALTH AND HUMAN SERVICES (HHS) OFFICE FOR CIVIL RIGHTS (OCR) ENFORCES THE HIPAA PRIVACY, SECURITY, AND BREACH NOTIFICATION RULES HIPAA.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.

USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.

Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.
Randy Benson RHQN Executive Director May, 2012. Compliance Issues During Survey Compliance Officers monitor healthcare facilities (hospitals and clinics)

Randy Benson RHQN Executive Director May, Compliance Issues During Survey Compliance Officers monitor healthcare facilities (hospitals and clinics)
STATE OF MARYLAND DEPARTMENT OF HEALTH AND MENTAL HYGIENE Statewide Transition Plan for Compliance with Home and Community-Based Setting Final Rule 1 Public.

STATE OF MARYLAND DEPARTMENT OF HEALTH AND MENTAL HYGIENE Statewide Transition Plan for Compliance with Home and Community-Based Setting Final Rule 1 Public.
SL21 Information Security Board Mission, Goals and Guiding Principles.

SL21 Information Security Board Mission, Goals and Guiding Principles.
1 HIT Standards Committee Privacy and Security Workgroup: Recommendations Dixie Baker, SAIC Steven Findlay, Consumers Union August 20, 2009.

1 HIT Standards Committee Privacy and Security Workgroup: Recommendations Dixie Baker, SAIC Steven Findlay, Consumers Union August 20, 2009.
The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.

The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.
Summer 200811 IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.

Summer IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.
Federal Protective Service National Protection and Programs Directorate U.S. Department of Homeland Security 2010 Gary W. Schenkel Director.

Federal Protective Service National Protection and Programs Directorate U.S. Department of Homeland Security 2010 Gary W. Schenkel Director.
Security Controls – What Works

Security Controls – What Works
August 9, 2005 UCCSC -- 2005 IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.

August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Federal Transit Administration Office of Safety and Security FTA BUS SAFETY & SECURITY PROGRAM 18 th NATIONAL CONFERENCE ON RURAL PUBLIC AND INTERCITY.

Federal Transit Administration Office of Safety and Security FTA BUS SAFETY & SECURITY PROGRAM 18 th NATIONAL CONFERENCE ON RURAL PUBLIC AND INTERCITY.
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

Similar presentations

Ads by Google