IHS has developed the following modules in accordance with National Institute of Standards
and Technology (NIST) guidelines on information technology security awareness and training.
All IHS information system users must take annual security and privacy training in order to
fulfill federal mandates and regulations. In addition, all new users must successfully
complete this course within 24 hours of receiving access unless the user has read the
IHS Quick Guide to Information Security
[PDF - 249KB], in which case they will have 30 days to complete the training. Failure to
complete training requirements will result in the loss of information systems access.
The 2014 IHS Information Systems Security Awareness training course consists of modules on
the following topics:
NOTE: Some users may be required to take additional Privacy and HIPAA Training. Contact
your supervisor for additional information.
- Acknowledgement and acceptance of the IHS Rules of Behavior
- Privacy training
- Protecting sensitive information and the Health Insurance Portability and
Accountability Act (HIPAA) & the Health Information Technology for Economic and Clinical
Health Act (HITECH)
- Physical and information security
- Appropriate email use
- Mobile device and portable media security
- Social engineering awareness
- Incident response and learning from past incidents
To begin your training please select the appropriate button below.