Professional Documents
Culture Documents
MANAGEMENT INFORMATION
SYSTEMS (MIS)
&
DATA SECURITY
Security Awareness and Training
Initial/New Hire & Annual Refresher
O The purpose of this presentation is:
O Accept responsibility for the security and integrity of data and systems for
which access is granted
O Maintain User Identifiers (userIDs) required to access server, email, and MIS
systems
O Maintain password integrity:
O Use a combination of alpha and numerics as defined by MIS,
O Comply with password reset or change requirements,
O Do NOT use your name or personal identifiers,
O Do NOT share with anyone or request anothers, or
O Do NOT write it down
O Participate in security awareness and training sessions at minimum annually
O Protect data and system information from theft, loss, damage and
unauthorized disclosure and misuse and immediately report any such
occurrences
O Assist in maintaining the security and integrity of the data systems
O Restrict the use of applicant, participant and employer information for official
purposes only
O Do not abuse or maintain in an insecure manner and data or MIS information
from the workplace or store information on remote storage media devices
Review and Acknowledgement
@ Is Not Private
@ Is the property of WorkNet Pinellas
@ Messages sent outside WorkNet or email server are not secure
@ Do not share e-mail accounts or passwords
@ Offensive, demeaning or disruptive messages are prohibited
Note: Mandatory Completion annually of the Computer Use Policy Agreement and
DEO Mandatory Agreement located in ATLAS under MIS Security file.
Protection of PII
Under Federal and State guidelines, CSPIN staff have
access to and manage participant information highly
confidential and protected under law.
This customer information is called Personal
Identifying Information (PII)
Staff protocols and management must comply with the
following steps:
When PII information is not needed, do not save or send PII
Staff should make use of EFM StateID and/or OSST ID when
tracking or referencing a customer with customer last name
If saving or sending of PII is required, the CSPIN protocols should
be followed:
Documents should be password-protected and encrypted.
Emails containing attachments with PII should be encrypted using
CareerSource email encryption available within CSPIN outlook.
Staff shall avoid inclusion of PII in the body of the email
Applications
Customer Service
Interviews
Orientations
Workshops
External documentation
Various MIS systems
Data Security Best Practices
O Do not discuss customer information with others
O Do not discuss customer information on phone or with co-
workers in an environment or manner in which customer
confidentiality is not maintained
O Do not request personal protected data in open areas from
customer, i.e. office lobby, hallway, etc.
O Do not leave customer documents in unsecure locations, i.e.
desks, copiers, file cabinets, clip boards.
O Documentation that is currently being worked on should be placed in a desk
drawer, file cabinet drawer.
O Copiers, Fax machines, and clip boards should be monitored at the end of
each day for any documentation containing customer information
O Do not download protected data on jump drives, CDs, etc.
O Do not keep hard copy documentation of forms already
uploaded to queues or customer files.
Data Security-Medical Documents
Must secure all documentation in secured environment;
WorkNet e-filing or separate locked storage file
O The use of mobile devices and media are limited and must be
approved by management
Potential Penalties:
O Users who do not comply with the confidential provisions in user agreements
and prescribed rules of behavior are subject to administrative penalties
available through existing policies, procedures, rules, regulations and federal
and state statutes
O Reprimands
O Termination of employment
O Criminal prosecution
IT Support or Assistance:
Check with your supervisor for assistance as your first step
IT assistance or requests are initiated by completion of an IT
support ticket accessed via your desktop
IT assistance may also be requested by supervisors through
direct email request and ensure a copy to appropriate
manager
Password Resets:
E-mail request directly to security officer
Copy your supervisor on the e-mail
Specify which system needs to be reset
State if request is to reset access and/or password
Send your username or user id
Never include your password
System/Data Security
Please send any questions,
comments, or suggestions to:
Lysandra Montijo
lmontijo@careersourcepinellas.com
Or
Don Shepherd
dshepherd@careersourcepinellas.c
om
THE END