Skip to site content
U.S. Department of Health and Human Services
Office of Information Technology (OIT)

Information Systems Security Awareness Training

ISSA Training

Information Systems Security Awareness (ISSA) is mandatory annual security awareness training for all IHS system users and fulfills federal mandates and regulations. IHS develops the modules in line with National Institute of Standards and Technology (NIST) guidelines on information security awareness and information security trainings.

The ISSA modules fulfill an IHS user's annual requirements for the following:

  • Acknowledgement and acceptance of the IHS Rules of Behavior
  • Privacy training
  • Protecting sensitive information and the Health Insurance Portability and Accountability Act (HIPAA) & the Health Information Technology for Economic and Clinical Health Act (HITECH)
  • Physical and information security
  • Appropriate email use
  • Protecting mobile devices and portable media
  • Social engineering awareness
  • Incident response and learning from past incidents

You can take the training or learn more at the ISSA website.

Click here for help resolving ISSA compliance issues

A stethescope resting on top of a computer keyboard.

Useful References

  1. Area IT Service Desk
    Links to local IT support.
  2. Training Resources
    Documents, infographics, websites, and videos created by DIS to help users learn more about cybersecurity.
  3. ISSA Training Site
    A direct link to IHS's mandatory security training site.
  4. NIST Glossary Exit Disclaimer: You Are Leaving www.ihs.gov 
    A link to a glossary of terms from NIST's cybersecurity- and privacy-related publications.