– Wes Rhea, Chief Compliance Officer and HIPAA Privacy and Security Officer, BioIQ
I recently had the opportunity to speak at the Georgia Independent College Association’s information technology retreat, an annual gathering of professionals from independent universities in Georgia. This time the event was held on the beautiful campus of Oglethorpe University in Atlanta and featured IT leaders from several colleges including Oglethorpe, Rienhardt, Mercer, Wesleyan, LaGrange, Agnes Scott, Life, Piedmont, Spelman, Emmanuel and Toccoa Falls.
As the keynote speaker, I presented a session titled “Information Security Awareness and User Training,” which focused on the importance of establishing a solid information security and cybersecurity awareness program. When colleges prioritize security issues and create awareness among students, faculty and employees, they invariably save time, reduce costs and alleviate headaches for the IT department. I also explained how all universities can promote security awareness. Often, these programs begin with non-technical, inexpensive methods of communicating each institution’s security strategy and messaging.
The session concluded with a discussion about the rise in phishing attempts against individuals and organizations – including universities. This topic spawned a great conversation about the types of scams that are most prevalent and how colleges can make their employees and students aware of them. You’re probably familiar with the one where you learn you’ve just inherited huge sums of money from a generous relative, who you’ve never met. I never knew I had so many royal relatives who wanted to leave me millions of dollars in return for a few hundred (and my bank account information)!
At BioIQ, establishing a solid security awareness program has always been a high priority. Our program is the foundation to our compliance plan. We began by implementing industry-standard policies, sending monthly email reminders and quarterly newsletters to the staff, and displaying posters in the office to raise awareness about common issues. Our security officers continue to send regular warnings, advice, and admonishments by email, as warranted.
Thank you to the GICA, Oglethorpe University and the IT professionals from some great Georgia colleges for a morning of engaging conversation, productive networking, and the opportunity to promote best practices for security awareness. Remember, good security practices benefit everyone.
Wes Rhea provides executive leadership to help BioIQ meet growth challenges through centralization of all privacy and information security. His objective is to protect client data while enabling the business to succeed. He is responsible for developing, maintaining and reviewing the company’s privacy and information security policies and procedures.