Presentation is loading. Please wait.

Presentation is loading. Please wait.

Safeguarding Sensitive Information. Agenda Overview Why are we here? Roles and responsibilities Information Security Guidelines Our Obligation Has This.

Published byAshley Norman Modified over 9 years ago

Similar presentations

Presentation on theme: "Safeguarding Sensitive Information. Agenda Overview Why are we here? Roles and responsibilities Information Security Guidelines Our Obligation Has This."— Presentation transcript:

1 Safeguarding Sensitive Information

2 Agenda Overview Why are we here? Roles and responsibilities Information Security Guidelines Our Obligation Has This Ever Happened to You? Contract to Safeguard Sensitive Information Wrap-up 2

3 Our Obligation: Laws and Regulations Massachusetts data breach law/regulations – Definition of personal information – Obligation for notification when exposed – Data destruction requirements – Requirement to have written information security program (WISP) Company policy – Privacy and disclosure of information – Information policies 3

4 Types of Sensitive Information 1. Sensitive regulated information requiring notification 2. Sensitive regulated information not requiring notification 3. Sensitive information 4

5 Sensitive Regulated Information Requiring Notification Personal Information Requiring Notification  Social Security #  Credit Card #  Financial Account #  Driver’s License # Notification required if there was a potential for unauthorized use! Inform Information Security Team 5

6 Sensitive Regulated Information Not Requiring Notification HIPAA (Health Insurance Portability and Accountability Act)  Information related to health status, provision of health care, or payment of health care FMLA  Information related to Family & Medical Leave Act FERPA  Student records Inform HR Information Security Team 6

7 Sensitive Information Date of birth Home address Salary information Performance/disciplinary information Other? Inform HR Information Security Team 7

8 Key Take-Aways Massachusetts law and company policy impact how certain sensitive data are handled EVERYONE is responsible for compliance  Know what sensitive data you have  Develop good computing practices  Follow HR Information Security Guidelines  Report a potential breach to HR Information Security Team 8

9 Key Take-Aways If you can’t protect it – don’t collect it  You can’t lose what you don’t have Know what you have  You can’t protect what you don’t know you have 9

Download ppt "Safeguarding Sensitive Information. Agenda Overview Why are we here? Roles and responsibilities Information Security Guidelines Our Obligation Has This."

Similar presentations

University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.

University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.
Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.

Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.
HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.

HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
Privacy Laws & Higher Education. Agenda 1.Five Privacy Laws a.FERPA b.HIPAA c.GLB d.FACTA Disposal Rule e.CAN-SPAM 2.Overview of the Laws a.What does.

Privacy Laws & Higher Education. Agenda 1.Five Privacy Laws a.FERPA b.HIPAA c.GLB d.FACTA Disposal Rule e.CAN-SPAM 2.Overview of the Laws a.What does.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
Today’s Schools face:  Numerous State and Federal Regulations  Reduced Technology Funding  More Stringent Guidelines for Technology Use.

Today’s Schools face:  Numerous State and Federal Regulations  Reduced Technology Funding  More Stringent Guidelines for Technology Use.
HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.

HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.
Regulatory Issues in Campus Computing Privacy and Security in a Digital World Presented by David Gleason, Esq. University Counsel University of Maryland,

Regulatory Issues in Campus Computing Privacy and Security in a Digital World Presented by David Gleason, Esq. University Counsel University of Maryland,
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
 The Health Insurance Portability and Accountability Act of 1996.  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.

 The Health Insurance Portability and Accountability Act of  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.
© 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability.

© 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability.
Health information security & compliance

Health information security & compliance
Health Insurance Portability and Accountability Act (HIPAA)

Health Insurance Portability and Accountability Act (HIPAA)
A dialogue with FMUG: Sensitive Data & Filemaker MIT Policy and Data Classifications ** DRAFT ** Guidelines Feedback and Discussion Tim McGovern 2 June.

A dialogue with FMUG: Sensitive Data & Filemaker MIT Policy and Data Classifications ** DRAFT ** Guidelines Feedback and Discussion Tim McGovern 2 June.

Similar presentations

Ads by Google