An information security incident or breach is an improper or impermissible inspection, use, or disclosure of non-public, confidential information maintained by the Oklahoma Human Services (OKDHS). Security incidents or breaches may result from:
- Lost, stolen or missing cellular devices
- Lost, stolen or missing IT equipment such as computers, cameras, flash drives, voice recording devices, and others
- Lost, stolen or missing DHS paperwork, files and other case-related documents
- Network intrusions
- Malware incidents
- Email breaches such as phishing incidents, emails or attachments sent to unintended recipients, and others
- Verbal disclosure of information to unintended recipients
All DHS employees, contractors, or other individuals who discover or have knowledge of a possible security incident or breach must notify the OKDHS Office of Inspector General (OIG) Information Security Unit immediately and without delay. Persons must not wait for confirmation of an incident or breach before reporting the situation.
Report possible security incidents or breaches by completing the CSS Report of Data Incident/Breach of FTI/PII form and email it to: *DHS.INFORMATION.SECURITY.
Employees must also notify their immediate supervisors and contractors must notify their contract monitors as soon as possible after notifying the OIG Information Security Unit.
Spam or Suspicious Email Reporting
If you have received a spam email or other suspicious email in your OKDHS Outlook inbox, do not open any attachments or click on any links in the email. Even if you recognize the sender’s email address, do not open emails that you were not expecting.
Report spam email or suspicious email received in your OKDHS Outlook inbox to: *DSD.VirusAlert.
For related articles, try clicking one of the tags at the bottom of this page.