Cybersecurity

Information Security and Privacy Program

IT Security and Privacy Policies

• 2013-0002: HHS Information Sharing Environment (ISE) Privacy Policy (5/29/2013)
• Implementation of OMB M-10-22 and M-10-23 (2/21/2010) (HTML)
• Incident Reporting, Policy and Incident Management Reference
• HHS Information Security and Privacy Policy (IS2P) – 2014 Edition.
• Privacy Impact Assessments (PIAs) & Resources
• HHS-OCIO Policy for Social Media Technologies
• Personally Identifiable Information (PII) Breach Response Team (BRT) Policy

Standards

• 2009-0003.001S: HHS-OCIO Standard for IEEE 802.11 WLAN (7/27/2009) - DOC
• HHS Standard for System Inventory Management

Charters

• 2010-0001.001C: Privacy Incident Response Team (PIRT) Charter (1/6/2011) (HTML)

Training Resources

See Security Awareness and Training for a list of cybersecurity and role-based training for HHS employees and contractors.