DHHS Privacy and Security Awareness Hub

This web site is intended to provide County Organizations with a resource to access some basic training related to securing the data entrusted to them. This web site links to web sites maintained by other entities. Reasonable precautions are taken to link to web sites that are relevant, accurate, and maintained by reputable organizations. These web sites and the information contained within are not developed, maintained, or controlled by the NCDHHS Privacy and Security Office or NCDHHS. NCDHHS is not responsible for the content or opinions expressed in linked sites.

This web site is provided for educational purposes only and is not intended to be a comprehensive resource for data security or other training. An organization’s security and training needs will vary based on many factors and in no way does the completion of these trainings guarantee compliance with any legal or regulatory requirements, or an organization’s internal policies and procedures.

Organizations and their employees are responsible for their use of this website, and the DHHS Privacy and Security Office and NCDHHS assume no responsibility for the use or misuse of the information.

If you believe the information obtained from this web site is inaccurate or outdated, please notify The Office of Privacy and Security, DHHS.Security@dhhs.nc.gov

Privacy and Security Publications

Department of Information Technology Cybersecurity Newsletters

Policies

Statewide Information Security Policies
DHHS Privacy and Security Manuals

Security Training

Knowbe4 Home Course: A 35 minute training video of basic cybersecurity concepts. The course requires a password that can be requested from The DHHS Privacy and Security Office by emailing DHHS.Security@dhhs.nc.gov from an official County email address.

Cybersecurity and Infrastructure Security Agency: General cybersecurity and Industrial Control Systems courses.

The Federal Virtual Training Environment (FedVTE): Courses include risk management, ethical hacking, malware analysis, ranging from beginner to advanced.

Insider Threat Mitigation: Information, guides and resources provided by the Cybersecurity and Infrastructure Security Agency (CISA) to help create or improve existing insider threat prevention, detection, assessment, and response efforts.

Continuity of Operations Training

Emergency Management Institutes: The Federal Emergency Management Agency (FEMA) catalog of courses on emergency management, preparedness, and continuity of operations.

Regulatory Based Training

Internal Revenue Service (IRS) Safeguard Program: A series of IRS disclosure awareness videos designed to explain key concepts in protecting the confidentiality of Federal Tax Information (FTI).

Social Security Administration (SSA): Provides an overview of what an SSA agreement is and the associated safeguards.

Health Insurance Portability and Accountability Act (HIPAA): Centers for Medicare & Medicaid Services (CMS) provided general training on the HIPAA Privacy, Security, and Breach Notification Rules.

Presentations

2024 Social Services Institute DHHS PSO Presentation