DHHS Privacy and Security Awareness Hub
This web site is intended to provide County Organizations with a resource to access some basic training related to securing the data entrusted to them. This web site links to web sites maintained by other entities. Reasonable precautions are taken to link to web sites that are relevant, accurate, and maintained by reputable organizations. These web sites and the information contained within are not developed, maintained, or controlled by the NCDHHS Privacy and Security Office or NCDHHS. NCDHHS is not responsible for the content or opinions expressed in linked sites.
This web site is provided for educational purposes only and is not intended to be a comprehensive resource for data security or other training. An organization’s security and training needs will vary based on many factors and in no way does the completion of these trainings guarantee compliance with any legal or regulatory requirements, or an organization’s internal policies and procedures.
Organizations and their employees are responsible for their use of this website, and the DHHS Privacy and Security Office and NCDHHS assume no responsibility for the use or misuse of the information.
If you believe the information obtained from this web site is inaccurate or outdated, please notify The Office of Privacy and Security, DHHS.Security@dhhs.nc.gov
Policies
Statewide Information Security Policies
DHHS Privacy and Security Manuals
Security Training
Knowbe4 Home Course: A 35 minute training video of basic cybersecurity concepts. The course requires a password that can be requested from The DHHS Privacy and Security Office by emailing DHHS.Security@dhhs.nc.gov from an official County email address.
Cybersecurity and Infrastructure Security Agency: General cybersecurity and Industrial Control Systems courses.
The Federal Virtual Training Environment (FedVTE): Courses include risk management, ethical hacking, malware analysis, ranging from beginner to advanced.
Insider Threat Mitigation: Information, guides and resources provided by the Cybersecurity and Infrastructure Security Agency (CISA) to help create or improve existing insider threat prevention, detection, assessment, and response efforts.
Continuity of Operations Training
Emergency Management Institutes: The Federal Emergency Management Agency (FEMA) catalog of courses on emergency management, preparedness, and continuity of operations.
Regulatory Based Training
Internal Revenue Service (IRS) Safeguard Program: A series of IRS disclosure awareness videos designed to explain key concepts in protecting the confidentiality of Federal Tax Information (FTI).
Social Security Administration (SSA): Provides an overview of what an SSA agreement is and the associated safeguards.
Health Insurance Portability and Accountability Act (HIPAA): Centers for Medicare & Medicaid Services (CMS) provided general training on the HIPAA Privacy, Security, and Breach Notification Rules.