PPT-PII BREACH MANAGEMENT Army Privacy Office

7701 Telegraph Road Casey Building Room 144 Alexandria VA 22315 7034286513 DSN 3286513 Fax 7034286522 What is a Breach The actual or possible loss of control unauthorized disclosure or unauthorized access of personally identifiable information PII where persons other than authorized users gain access or potential access to such information for other than authorized purposes where one or more individuals will be adversely affected. I I I Y LNIT AMLL AND LAIQU A AL AAILAL IN 0 INIHD 7HIT LNIT 4XTUD AL AAILAL IN FU 0 3TAIND HAD 9 I I II II II I I Privacy at DHS: Protecting Personal Information. . Reviewed, DIR-T USCGAUX. Privacy at DHS: . Protecting Personal Information. Introduction. Hi, I'm the DHS Privacy Man. For the next 15 to 20 minutes, I want to talk to you about the importance of safeguarding personal information, such as Social Security numbers, that DHS may collect or store in its databases or in paper files. Congress and OMB have mandated privacy training for both employees and contractors at all federal agencies to help staff identify and mitigate privacy risks related to sensitive personal information, which I will define in a moment.. Dr. Catrina Purvis, CISSP, Esq.. Chief. Privacy Officer. and Director of Open Government. Office of the Secretary. United States Department of Commerce. (202) 482-1190. c. purvis. @doc.gov. Rod Turk. Emily Coble. UNC Chapel Hill. Session Etiquette. Please turn off all cell phones. . Please keep side conversations to a minimum. . If you must leave during the presentation, please do so as quietly as possible.. Risk . Assessment . . 1. Risk Assessment and Breach Management . Privacy Officer Roles. Oversight. Compliance. Breach Management. 2. Governance. Compliance. Risk. Risk Assessment and Breach Management . Leroy Jones, Jr. Evlyn Hearne . Army Privacy Office Army Privacy Office. (703) 428-6185 (703) 428-7497. leroy.jonesjr1@us.army.mil evlyn.hearne@us.army.mil. Office of the Administrative Assistant to the . (Managerial Training). Overview. After completing this training . managers . should be familiar with the following: . Managerial Responsibilities. Breach Prevention and Mitigation. Best Practices. Privacy Officers: . (Compliance Training). Overview. This training applies to the Privacy officials, system owners, program managers, and all other individuals who are responsible for fulfilling the requirements of the Privacy Act. . Why worry about your privacy?. Specific safety threats to military members and families. Identity theft for adults and children following data breaches. Desire to stay out of the media spotlight. A personal right in the US, guaranteed by the Constitution. (Compliance Training). Overview. This training applies to the Privacy officials, system owners, program managers, and all other individuals who are responsible for fulfilling the requirements of the Privacy Act. . Dino@Tsibouris.com. Student Lending. Privacy and Data Security. Data Breaches Average $6.5M in Damage to US Companies. How much is your customers’ data worth?. Sample Student Loan Breaches. Student loan data (2007 - Lost offsite storage media). Initial . Training . For Employees. Compliance is Everyone’s Job. For UA Health Care Components, Business Associates & Health . Plans. 2018 v1. INTERNAL USE ONLY. Topics to Cover. General HIPAA Privacy and Security Overview. Division of Institutional Compliance & Privacy. Why should . HIPAA. . matter to me?. First of all, what is HIPAA?. Health Insurance Portability and Accountability Act of 1996.. Heath Information Technology for Economic & Clinical Health Act (HITECH) a part of the American Recovery and Reinvestment Act (ARRA) 2009 amended HIPAA.. and RMF Changes and Privacy. Tim Howell - Security Admin Lead SSCD. Scott Roy - Security Compliance Lead SSCD. GRC 10.1. New Features. New processes. Common Process issues. Job Aids. GRC 10.1 New Features.