Adequate employee training and education is a key factor in carrying out CMS’ mission. Without proper training and education, individuals will be less effective in their roles and limited in their career development. CMS staff members and partners are required to complete specific training regarding issues like information system security awareness training, privacy awareness training, personally identifiable information (PII) handling instructions, encrypting PII/confidential information training, amongst others. Individuals are also encouraged to participate in voluntary training in order to improve job efficiency and positively affect those with whom they work.
Privacy Awareness Training (required training)
In accordance with the mandates of the Federal Information Security Management Act (FISMA) and the Department of Health and Human Services (HHS), all CMS employees and contractors with user access to CMS networks, applications, or data must complete mandatory Privacy Awareness Training annually. Privacy and data breaches are often caused by a lack of knowledge on basic information security and privacy practices and policies that are meant to protect information assets. Increasing awareness among general system users can go a long way to strengthen information security at CMS. By completing this training course, CMS users will be able to:
• Define privacy and explain its importance
• Identify privacy laws, policies, guidance, and principles
• Understand their role in protecting privacy and the consequences for violations
• Define personally identifiable information (PII) and list examples
• Protect PII in different contexts and formats
• Recognize potential threats to privacy
• Report a privacy incident
In order to complete this annual training, please go to /CBT
Please ensure that you are completing the Privacy Awareness Training, as there are several courses conducted through this Computer Based Training center.
If you have any questions about this training, please contact CBT@cms.hhs.gov