1 / 20

Enhancing Security in Child Support Enforcement Programs: Measures and Best Practices

This guide addresses essential security measures within Child Support Enforcement Programs. It covers three major areas: Physical, Technical, and Administrative Security. Learn about physical security procedures, including evacuation techniques and sensitive data handling. Understand technical security, through password management and safe computing practices. Finally, explore administrative security measures, emphasizing the logging and proper disposal of sensitive information, compliance with federal regulations, and incident handling protocols. Protecting sensitive data is vital for ensuring confidentiality and compliance.

april-hamilton
Télécharger la présentation

Enhancing Security in Child Support Enforcement Programs: Measures and Best Practices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Protecting the Child Support Enforcment Program

  2. Learning Objectives • Discuss measures to address: • Physical Security • Technical Security • Administrative Security

  3. Three Major Areas of Security PHYSICAL TECHNICAL ADMINISTRATIVE

  4. What Physical Security Procedures are in Place in Your Office?

  5. Physical Security - Precautions • Security Drills • Evacuation Techniques • Bomb Threats

  6. Physical Security – Sensitive Data • Proper Handling of Sensitive Information • Fax Machines • Copy Machines • Locked file cabinets • Do NOT leave sensitive information out in the open

  7. Fax Requirements for IRS Data • Staff member at both sending and receiving of fax • Maintain broadcast lists • Include a cover sheet that provides guidance to the recipient • Notification of the sensitivity/need for protection • Notice to unintended recipient to phone sender 2-5

  8. Physical Security- Restricted Areas • Security/Restricted Areas • Authorized personnel only • Access logs • These logs are subject to audit by IRS

  9. Technical Security – Warning Banners • Warning Banner • Read and understand; you are liable for civil and criminal penalties

  10. Technical Security-Passwords • Passwords • Audit trails • Log-off computer when away from desk for an extended period of time • Password protected screensavers

  11. Technical Security – Safe Computing • E-mail attachments • Do not open attachments that you are not expecting

  12. Technical Security – Home Computing • DSL Lines • Firewalls • Virus Protection Software

  13. Administrative Security - Sensitive Data Logging of Sensitive Information • Record all incoming and outgoing tapes and hard copy • All sensitive information must be accounted for • All sensitive information must be tracked • Manual log with transition to automated database

  14. Administrative Security - Retention Requirements • Federal Tax Information (FTI) • Governed by IRC 6103 • National Directory of New Hires (NDNH) • Governed by Section 453

  15. Administrative Security- Transporting Sensitive Data • Authorized personnel only • Label all tapes or hard copy containing IRS data as “Federal Tax Data”

  16. Administrative Security - Disposal • Burning • All sensitive data should be destroyed using an incinerator to ensure all pages are consumed • Shredding • Documents must be shred perpendicular to the cutting line and be in 5/16 inch wide strips or smaller

  17. Administrative Security – Incident Handling/Reporting • Policies for: • Viruses, malicious software, hoaxes, vandalism, automated attacks and intrusions • Defines roles and responsibilities for: • Managers, Supervisors, Users

  18. Administrative Security- Employee Departures Employee Departure Checklist • Notifies Security Unit upon an employee’s departure • Must be submitted to the Security Unit within designated timeframe • Ensure system access, and building access are terminated promptly

  19. Administrative Security- Workplace Violence • Workplace Violence • Policies and procedures

  20. Summary PHYSICAL TECHNICAL ADMINISTRATIVE

More Related