SEHD Wiki

A source for policies, procedures, handbooks and other resources from the School of Education and Human Development

User Tools

Site Tools

You are here: Welcome to the SEHD Wiki! » SEHD Policies and Procedures » Data Privacy Policies » Privacy and Security Training
policy:data_privacy:security_training

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
policy:data_privacy:security_training [2019/05/20 22:05] tonyromeropolicy:data_privacy:security_training [2019/06/12 19:31] (current) tonyromero
Line 3: Line 3:
 ==== University of Colorado IT Security Program Policy ==== ==== University of Colorado IT Security Program Policy ====
  
-All data and information resources of the SEHD are subject to University of Colorado's IT Secuirty Program policy, [[https://www.cu.edu/ope/aps/6005|APS-6005]]. Within the policy it describes employee training:+All data and information resources of the SEHD are subject to University of Colorado's IT Security Program policy, [[https://www.cu.edu/ope/aps/6005|APS-6005]]. Within the policy it describes employee training:
  
-  - <font 14px/Arial,Helvetica,sans-serif;;inherit;;inherit>Supervisors</font>shall ensure thatemployeesare adequately trained to fulfill their IT security responsibilities .Employees with elevated computing privileges (e.g., server support technicians, user account managers, or webpage administrators) may require additional, specialized training for carrying out theirIT securityresponsibilities effectively. +  - Supervisors shall ensure that employees are adequately trained to fulfill their IT security responsibilities. Employees with elevated computing privileges (e.g., server support technicians, user account managers, or webpage administrators) may require additional, specialized training for carrying out their IT security responsibilities effectively. 
-  - <font 14px/Arial,Helvetica,sans-serifinheritinherit>> Supervisors</font> shall ensure thatemployeesare adequately trained to fulfill theirIT securityresponsibilities.Employeeswith elevated computing privileges (e.g., server support technicians, user account managers, or webpage administrators) may require additional, specialized training for carrying out theirIT securityresponsibilities effectively.</li>/Arial,Helvetica,sans-serif;;inherit;;inherit>All University </font>employees including associates and other individuals, who require the use of University IT resources to perform their duties, shall receive initial training and periodic refresher training relevant to their IT security responsibilities. +  - All University employees including associates and other individuals, who require the use of University IT resources to perform their duties, shall receive initial training and periodic refresher training relevant to their IT security responsibilities. 
-  - <font 14px/Arial,Helvetica,sans-serif;;inherit;;inherit>Supervisors</font> shall coordinate their local IT security training initiatives with the campus Information Security Office+  - Supervisors shall coordinate their local IT security training initiatives with the campus Information Security Office
  
-==== University of Colorado Denver Security Management HIPPA Policy ====+Required information security Skillsoft Training (required in first three months of employment): [[https://universityofcolorado.skillport.com/skillportfe/custom/login/saml/login.action?courseaction=summary&assetid=_scorm12_cu_u00063_0001|Click here. ]]
  
-As applicable, the most secure SEHD data are subject to the UCD Security Management [[http://www.ucdenver.edu/research/Research Administration Documents/7.2 Training.pdf|HIPPA Policy, Training 7.2]]. As stated on the [[http://www.ucdenver.edu/research/ORC/HIPAA/Pages/training.aspx|UCDenver HIPPA Website]]:+==== University of Colorado Denver HIPPA Policy ==== 
 + 
 +As applicable, the most secure SEHD data are subject to the UCD [[http://www.ucdenver.edu/research/Research Administration Documents/7.2 Training.pdf|HIPPA Training Policy]]. As stated on the [[http://www.ucdenver.edu/research/ORC/HIPAA/Pages/training.aspx|UCDenver HIPPA Website]]:
  
 > <font 14px/Arial,Helvetica,sans-serif;;inherit;;inherit>All members of the UCD community with access to individually identifiable health information need to be "hip to HIPAA" - the federal law that requires us to protect patient confidentiality. This includes research subjects.</font><font 14px/Arial,Helvetica,sans-serif;;inherit;;inherit>Mandatory for most of the UCD workforce. As a faculty member, any other type of employee, student, trainee, or volunteer of the UCD (or a faculty member who bills through UPI), **//you must complete// HIPAA training //within 30 days of your hire date//** for new employees.</font> > <font 14px/Arial,Helvetica,sans-serif;;inherit;;inherit>All members of the UCD community with access to individually identifiable health information need to be "hip to HIPAA" - the federal law that requires us to protect patient confidentiality. This includes research subjects.</font><font 14px/Arial,Helvetica,sans-serif;;inherit;;inherit>Mandatory for most of the UCD workforce. As a faculty member, any other type of employee, student, trainee, or volunteer of the UCD (or a faculty member who bills through UPI), **//you must complete// HIPAA training //within 30 days of your hire date//** for new employees.</font>
  
-HIPAA Skillsoft training link: [[https://universityofcolorado.skillport.com/skillportfe/custom/login/saml/login.action?courseaction=summary&assetid=_scorm12_cu_a00020_0001|Click here.]]+Required HIPAA Skillsoft training link: [[https://universityofcolorado.skillport.com/skillportfe/custom/login/saml/login.action?courseaction=summary&assetid=_scorm12_cu_a00020_0001|Click here.]] 
 + 
 +==== Required Trainings for CU-SIS Access ==== 
 + 
 +To gain access to CU-SIS you must complete two courses. 
 + 
 +  - [[https://universityofcolorado.skillport.com/skillportfe/custom/login/saml/login.action?courseaction=summary&assetid=_scorm12_cu_u00049_0001|CU: Family Education Rights and Privacy Act (FERPA).]] This 45-minute course covers how federal law protects student education records. 
 +  - [[https://universityofcolorado.skillport.com/skillportfe/custom/login/saml/login.action?courseaction=summary&assetid=_scorm12_cu_a00140_0001|CU: Introduction to CU-SIS Campus Solutions. ]]This 45-minute course covers the basic functionality and concepts, such as login, navigation, menu items and shortcuts, shared by all CU-SIS Campus Solutions modules for all CU campuses. 
 + 
 +==== Required Trainings for SEHD's Secure Data Warehouse ==== 
 + 
 +To gain access to SEHD's Secure Data Warehouse you must have completed the following courses within the past year. 
 + 
 +  - [[https://universityofcolorado.skillport.com/skillportfe/custom/login/saml/login.action?courseaction=summary&assetid=_scorm12_cu_u00049_0001|CU: Family Education Rights and Privacy Act (FERPA).]] This 45-minute course covers how federal law protects student education records. 
 +  - [[https://universityofcolorado.skillport.com/skillportfe/custom/login/saml/login.action?courseaction=summary&assetid=_scorm12_cu_a00020_0001|HIPAA Regulations: the General HIPAA Course]]. This 30-minute course covers the privacy and security segments of the Health Insurance Portability and Accountability Act (HIPPA) 
 + 
 +Then on an annual basis you must complete the following course.
  
  
policy/data_privacy/security_training.1558389954.txt.gz · Last modified: 2019/05/20 22:05 by tonyromero