"Think Security First"

Information Security is in the forefront of everyone’s mind today, and the NIH Office of Human Resources (OHR) Information Security Committee is working hard to keep you well informed.

OHR Information Security Committee

The OHR Information Security Committee led by Tim Newman, Chief of the Core Systems and Business Analytics Branch (CSBAB) in the HR Systems, Analytics and Information Division, consists of staff from all OHR divisions and NIH Privacy office. This committee was created in September 2007 to ensure that the OHR serves as a model of excellence in information security practices. The NIH OHR manages volumes of very sensitive and private employee and organizational information, so how this information is handled is of critical importance to both the OHR and the NIH community. As part of its charge, the Committee is developing policy, SOPs and related educational information for employees and managers.

Secure E-mail and File Transfer Service - Now Available

In an effort to comply with the Federal Information and Security Management Act (FISMA) and continuously improve the security practices used at NIH, we have added an alternative method to the existing Public Key Infrastructure (PKI) encryption methods called the Secure E-mail & File Transfer Service (SEFT). This service allows NIH users to send and its customers to receive emails securely on a secure socket layer (SSL)/encrypted connection with or without large documents. Using the Secure E-mail and File Transfer Service ensures the protection of personally identifiable information (PII) such as social security numbers, birth dates, and thoroughly secures all data and information being sent via email. SEFT also offers a level of non-repudiation and tracks correspondence history. This new service is being hosted and managed by the Center for Information Technology.

See helpful links at the top right to access this application. All NIH employees and contractors are pre-registered to RECEIVE e-mails from this application. In order to have SEND capabilities you will need to register. To SEND a delivery using this service, please request permission by contacting the NIH Help Desk. For more information on how to use this service, please utilize the SEFT User Guide or contact your Super User.

Information Security - Topics of Interest

• OHR Information Security Policy Memorandum (NIH Only)
• Securing Personal Information on Printed Material
• Virtual Private Network (VPN)

User Guides and Quick Reference Guides

• Secure Email and File Transfer Service (SEFT)
  • User Guide
  • Quick Reference Guide

OHR Information Security SOPs

The OHR Information Security Committee’s Policy Sub-Committee has diligently worked to update the Information Security Standard Operating Procedures (SOPs) for CSD, WRD, SAID, WSDD, OD, and CSSED. The purpose of these SOPs are to provide direction, improve communication, reduce training time, and improve work consistency as it relates to Information Security and protecting personally identifiable information (PII). SOPs are now available for your viewing.

Contact the OHR Information Security Committee

For questions, email the Committee at OHRinfosecurity@mail.nih.gov.