WAG 01-01-04-c: Confidentiality of Earnings Records

PM 01-01-04-c

Procedures for Breach of FTI new manual materialor NDNH Confidentiality Information

new manual materialIn Accordance with IDHS Incident Procedures, in all cases, the IDHS Chief Privacy Officer (CPO) and the IDHS Chief information Security Officer (CISO), the Bureau of Performance Management (BPM) and the Division Director and/or his or her designee must be contacted immediately upon discovery of an authorized disclosure, use or access of FTI or NDNH data by the person who discovered the data incident or the person's supervisor. The CPO and CISO will direct the investigation into the data incident.

new manual materialThe CPO, the CISO or the BPM must report the data incident within 24 hours to the following agencies:

  • FTI: Special Agent-in-Charge, Treasury Inspector General for Tax Administration (TIGTA) in Chicago at (312) 554-8751; and
  • NDNH: Administration for Children and Families, Office of Child Support Enforcement, FPLS Information Security officer by telephone at (202) 401-5410 or email at linda.boyer@acf.hhs.gov.

new manual materialThese agencies will be notified with the information listed below, by an encrypted electronic message with "Incident Response" on the subject line.

The following information must be provide when reporting FTI or NDNH breach:

  • Date & time of incident;
  • Date & time discovered;
  • How discovered;
  • Description of the incident;
  • Approximate number of FTI  new manual material or NDNH records involved;
  • Address where occurred; and
  • IT involved - (laptop, server, mainframe).