Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity

Information Security and Privacy Program

IT Security and Privacy Policies

2013-0002: HHS Information Sharing Environment (ISE) Privacy Policy (5/29/2013)
Implementation of OMB M-10-22 and M-10-23 (2/21/2010) (HTML)
Incident Reporting, Policy and Incident Management Reference
HHS Information Security and Privacy Policy (IS2P) – 2014 Edition. If you are having a problem obtaining a copy of this document, please email fisma@hhs.gov
Privacy Impact Assessments (PIAs) & Resources
HHS-OCIO Policy for Social Media Technologies
Personally Identifiable Information (PII) Breach Response Team (BRT) Policy

Standards

Charters

2010-0001.001C: Privacy Incident Response Team (PIRT) Charter (1/6/2011) (HTML)

Training Resources

See Security Awareness and Training for a list of cybersecurity and role-based training for HHS employees and contractors.

Content created by Office of the Chief Information Officer (OCIO)
Content last reviewed July 28, 2022