An information security incident or breach is an improper or impermissible inspection, use, or disclosure of non-public, confidential information maintained by the Oklahoma Department of Human Services (DHS). Security incidents or breaches may result from:
- Lost, stolen or missing cellular devices
- Lost, stolen or missing IT equipment such as computers, cameras, flash drives, voice recording devices, and others
- Lost, stolen or missing DHS paperwork, files and other case-related documents
- Network intrusions
- Malware incidents
- Email breaches such as phishing incidents, emails or attachments sent to unintended recipients, and others
- Verbal disclosure of information to unintended recipients
All DHS employees, contractors, or other individuals who discover or have knowledge of a possible security incident or breach must notify the DHS Office of Inspector General (OIG) Information Security Unit immediately and immediately. Persons must not wait for confirmation of an incident or breach before reporting the situation.
Report possible security incidents or breaches to: *DHS.INFORMATION.SECURITY.
Employees must also notify their immediate supervisors and contractors must notify their contract monitors as soon as possible after notifying the OIG Information Security Unit.
Spam or Suspicious Email Reporting
If you have received a spam email or other suspicious email in your DHS Outlook inbox, do not open any attachments or click on any links in the email. Even if you recognize the sender’s email address, do not open emails that you were not expecting.
Report spam email or suspicious email received in your DHS Outlook inbox to: *DSD.VirusAlert.