VA Ramps Up Security Training

Will Deny Network Access to Those Lacking Updated Education
VA Ramps Up Security Training

The Department of Veterans Affairs is ramping up its privacy and security training efforts and plans to eventually deny network access to those who have not had training within the past year.

See Also: Webinar | Prevent, Detect & Restore: Data Security Backup Systems Made Easy

The stepping up of training is one component of the VA's Continuous Readiness and Information Security Program, says Roger Baker, CIO. VA leaders decided that the department's 95 percent compliance rate for annual training "was not sufficient," he notes. Some 450,000 individuals, including 315,000 employees and 135,000 contractors, have access to the VA network.

In recent months, training compliance has increased to 97 percent, Baker says, and the goal is to achieve 99 percent compliance.

"We've been focused for the last several months at the VA on a significant step-up in our information security and information protection," Baker says, requiring all facilities to make sure that all processes, including training, are followed.

Training Technique

The training features online videos "offering vignettes about different situations that individuals may find themselves in relative to information protection," Baker says. Many of these security scenarios are based on real-world cases at the VA, he notes.

"The training is to watch the video, get asked questions about what is the right thing to do and then a review of whether or not you answered the questions correctly," Baker explains. Those who pass the test receive a certificate and sign a "rules of behavior" document for accessing the VA network.

The renewed emphasis on training "is one example of how we're buttoning down our processes to ensure our network is completely secure," Baker adds.

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.