Transform Workforce Data into Insight with Cloud Workforce Analytics
Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to...
-
Upload
phungthuan -
Category
Documents
-
view
220 -
download
4
Transcript of Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to...
![Page 1: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/1.jpg)
Workforce Data Task ForceNovember 30, 2017
![Page 2: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/2.jpg)
Agenda
A. Call to order
B. Update on development of Arizona Workforce Evaluation Data System (AWEDS)
C. Presentation by contractor on development and security plan
D. Presentation by Arizona Strategic Enterprise Technology Office (ASET) on ongoing monitoring, security compliance & best practice reviews
E. Adjournment
![Page 3: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/3.jpg)
Update on Development of AWEDS
Primary design goals:
• No long-term storage of data
• Strong privacy protections during operations and data use
![Page 4: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/4.jpg)
Update on Development of AWEDS
RFP:
• RFP was posted on April 14th, 2017
• Evaluation panel with representation from OEO, DES & MCCCD
• Bids were opened on May 17th, 2017
• Received 5 offers from:• Andrew J Wong• Accenture• CenturyLink• Deloitte• The Nerdery
• Awarded contract to The Nerdery on October 26th, 2017
![Page 5: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/5.jpg)
Update on Development of AWEDS
Current work by OEO:
• Project Investment Justification (PIJ)• Submitted, awaiting approval
• Information Technology Authorization Committee (ITAC)• Plan on getting approval in December
• Initial development will use data from 3 programs
• Intergovernmental Agreement between 3 agencies
![Page 6: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/6.jpg)
Proprietary and Confidential
+WORKFORCE DATATASK FORCE
![Page 7: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/7.jpg)
Proprietary and Confidential 2
OUR HISTORY
Founded in 2003, The Nerdery has helped thousands of clients leverage technology to achieve their business goals.
Delivering complex solutions at enterprise scale is what we do.
![Page 8: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/8.jpg)
Proprietary and Confidential
OFFERING THE BEST
3
With over 400 people representing deep expertise in architecture, engineering, strategy, and design, The Nerdery works with our clients on-site and from our offices in Phoenix, Chicago, Minneapolis, and Kansas City.
![Page 9: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/9.jpg)
Proprietary and Confidential
WHERE WE’RE POSITIONED
SOFTWAREINTEGRATORS
BUSINESSADVISORS
TRADITIONALAGENCIES
4
![Page 10: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/10.jpg)
Proprietary and Confidential 5
INDUSTRY RECOGNITION
![Page 11: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/11.jpg)
THE SOLUTION
6
![Page 12: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/12.jpg)
Proprietary and Confidential 7
The Ask: Create a secure and flexible computing system that anonymizes, matches, and analyzes administrative data to enable
useful insights in employment and state services across Arizona.
OUR MISSION
![Page 13: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/13.jpg)
Proprietary and Confidential
IDEAL SOLUTION
8
Secure, fully extensible, and built with purpose
• Architected from a “Security and Compliance First” perspective
• Fully Custom longitudinal data system derived from best in class tools.
• User-Centric Design to provide the State of Arizona with useable data
• Applies cutting edge data science methodologies to drive precision, ensure anonymity and eliminate the need for long-term data storage
![Page 14: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/14.jpg)
Proprietary and Confidential
SECURE
‣ Immutable infrastructure and zero trust networks
‣ 2-factor authentication
‣ No OS-level root access
AUTHORIZE
‣ Full-team sign off before moving to production
‣ DevOps as change management
‣ “Day 1” dry-runs for incidents
ASSESS
‣ Source code analysis and automated penetration testing
‣ Architecture review
‣ Incident response simulation
MONITOR
‣ Tamper-resistant & centralized logging
‣ Automatic alerts
‣ Re-scan code for analysis on every push
SECURITY & COMPLIANCE
9
![Page 15: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/15.jpg)
Proprietary and Confidential 10
SECURITY & COMPLIANCE
Presto
AWS EMR (database) AWS EC2 (compute)
AWS S3 (storage)AWS IaaS
Apache SparkApache Solr
Java Virtual Machine (JVM)
Jupyter NotebookAlteryx
Red Hat Enterprise Linux (RHEL)
cloud.gov (ElasticSearch) +
industry implementations
Java DISASTIGs
RHEL DISASTIGs
FedRAMP Customer
Responsibility Matrix
Design a solution that aligns with key regulatory compliance packages
![Page 16: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/16.jpg)
Proprietary and Confidential 11
DATA SECURELY DELETED ON A
REGULAR BASIS
ONE-WAY ANONYMIZATION
( Hashing )
TRANSPORT LEVEL
ENCRYPTION TO THE CLOUD
( HTTPS )
ACCESS CONTROLS AND ENCRYPTION AT
REST IN THE CLOUD
The Nerdery provides privacy measures at every step of the process.
SECURITY & COMPLIANCE
![Page 17: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/17.jpg)
Proprietary and Confidential 12
DATA ENGINEERING
![Page 18: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/18.jpg)
Proprietary and Confidential 13
DATA SCIENCE
COMPARE DECIDE
Perform a more computationally intensive
method for comparing possible record pairs.
Using string comparison features, train a machine
learning model in order to precisely predict true
record pairs.
SEARCH
Narrow down all possible / theoretical record
pairings to something more manageable.
![Page 19: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/19.jpg)
PROJECT LEADERSHIP
Proprietary and Confidential14
![Page 20: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/20.jpg)
Proprietary and Confidential
DANNY ESTAVILLO Regional Director
15
• 15 years of experience in client relationship management and digital strategy for enterprise initiatives
• Leads The Nerdery’s expansion into the western United States and the development of robust customer relationships throughout the region
• United States Marine Corps veteran
• Master of Business Administration from Arizona State University
• Key Stakeholder in projects for: American Express, Wells Fargo, Wachovia, Apriva, and VeriFone
• Communications Management• Stakeholder Management• Contract Management• Digital Strategy• ITIL Implementation
Skills
Client Relationship Leader
![Page 21: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/21.jpg)
Proprietary and Confidential
CHRIS LOCHER Vice President of Delivery Operations
16
• 20 years of experience in product development and delivery for enterprise initiatives.
• 11 years as an officer in the U.S. Navy
• Leads Nerdery’s efforts across product development, design/UI, engineering, and technology operations.
• United States Naval Academy graduate
• Master’s Degree in Environment Science and Management from the University of Rhode Island
• Key Stakeholder in projects for: State of Minnesota, Verizon, United Health Group, The Department of the Navy, Medtronic, 3M, Google, and Boston Scientific.
• Service Design, Transition, and Operation• Multi-Partner & High Risk Engagements• Digital Change Management• Product Management• Agile Methodology
Skills
Delivery Leader
![Page 22: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/22.jpg)
Proprietary and Confidential
NOAH KUNIN Business Consultant
17
• Over 15 years as a technologist, including 8 years with the US Government, where his work included the development of cloud.gov
• Significant contributor to FedRAMP initiatives and implementing the Trusted Internet Connection (TIC) policy in the cloud
• Founding Member of the Consumer Financial Protection Bureau’s (CFPB) Technology Team, serving as a Technology Portfolio Manager
• Founding Member of 18F, the General Services Administration’s (GSA) government-wide digital agency, serving as the Infrastructure Director
• Regulatory Compliance• Information Security Best Practice Implementation• Risk Management• Government Procurement• Cloud Data Management
Skills
Compliance & Security Leader
![Page 23: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/23.jpg)
Proprietary and Confidential
CHAD DVORACEK Data Architect
18
• Domain lead for Data Services at The Nerdery
• Directed the evolution and growth of the data services best practices for clients 3M and Infor.
• Domain expert providing thought leadership for industry growth as a key presenter at MinneAnalytics and Device Talks Minnesota
• Master of Science in Data Science from the University of St. Thomas
• Graduate Certificate in Big Data
Data Services Leader
• Cloud Architecture• Big Data & Distributed Systems• Data Warehouse• Data Analysis & Visualization• Data Mining & Machine Learning
Skills
![Page 24: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/24.jpg)
Proprietary and Confidential
BRANDON VEBER Data Scientist
19
• Leads Data Science practice focusing on enhancing The Nerdery’s capabilities in record linkage, algorithmic transparency, recorded masking, predictive modeling, etc.
• Lead on many customer projects aimed at reducing manufacturing waste through the evaluation and implementation of machine learning.
• Published numerous data science publications
• Master of Electrical Engineering with a specialization inMachine Learning
• Data De-identification & Masking • Data Evaluation & Visualization• Data Transformation & Record Linkage• Signal Processing & Relational Database• Predictive Modeling & Trend Analysis
Skills
Data Science Leader
• Minnesota Neuromodulations Symposium 2015 Best Poster Award “Reliable Seizure Prediction Using EEG Data”
• BICB Symposium 2014 Best Poster Award - “A new method for prediction of epileptic seizures from EEG data”
Awards
![Page 25: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/25.jpg)
Proprietary and Confidential
ADRIAN SLOBIN Chief Strategy & Operations Officer
20
• 17 years at SapientNitro (now Sapient Razorfish) leading strategy and most recently, as North American head of business transformation services.
• Worked with Fortune 100 clients in retail, CPG, healthcare, automotive, financial services, restaurants and telecommunications
• Adrian has spoken publicly about the future of retail banking, marketing and analytics, and has been quoted by a number of publications, including Ad Age and NPR Marketplace
• Master’s Degree in Philosophy from Northwestern University
• Business and Digital Strategy• Complex Delivery• Qualitative Research• Organizational Change
Skills
Delivery Leader
![Page 26: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/26.jpg)
Proprietary and Confidential 21
STRATEGIC ADVANTAGES
NATIONALLY RECOGNISED (CEDS) DATA
SCHEMA
HOLISTIC SECURITY
ARCHITECTURE
EXTENSIBLE SOLUTION
BEST OF BREED TOOLS TODAY
AND IN THE FUTURE
LEADERSHIP, EXPERTISE, AND
CAPABILITY
Purpose-built for the State of Arizona's Office of Economic Opportunity.
![Page 27: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/27.jpg)
Proprietary and Confidential
![Page 28: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/28.jpg)
AZRamp – Cloud Assurance Program
Owen Zorge State Compliance and Privacy Officer
![Page 29: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/29.jpg)
Equifax Breach
• 145.5 Million consumers affected
• $200 - $300 Million cost estimate after insurance
• Total $4 Billion company value loss
• Preventable – Apache Struts patch available 2 months prior to breach.
– Encryption of sensitive data • Personally Identifiable Information
• Protected Health Information
![Page 30: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/30.jpg)
Equifax CEO
![Page 31: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/31.jpg)
State of Arizona IT Security Policies
• 17 policies – Based on National Institute of Standards and Technology
(NIST) Publication 800-53 Revision 4
• Data Classification
• System Security Acquisition and Development
• Incident Response Planning
• Media Protection
• Personnel Security Controls
• System Security Audit
• System Privacy
![Page 32: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/32.jpg)
Data Classification
Data Classification - Data created, stored, processed or transmitted on agency information systems shall be classified according to the impact to the state or citizens resulting from the disclosure, modification, breach or destruction of the data. Identification - All data shall be identified as one of the following data classifications: a. Confidential; or b. Public (data that is not identified is assumed to be Public).
![Page 33: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/33.jpg)
Confidential Classification
• Confidential Data - Data that shall be protected from unauthorized disclosure based on laws, regulations, and other legal agreements. Examples are included in the policy. – Protected Health Information (PHI)
• All vendors required to sign Business Associate Agreement (BAA) for processing, transmitting and storing PHI
– Personally Identifiable Information (PII) • Names, Social Security Numbers, Dates of Birth, etc.
– Individual Financial Account Data • Payment Card Industry (PCI)
• (P) Policy statements preceded by “(P)” are required for agency information systems categorized as Protected.
![Page 34: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/34.jpg)
Public Classification
• Public Data - In accordance with Arizona public record’s law, data that may be released to the public and requires no additional levels of protection from unauthorized disclosure.
![Page 35: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/35.jpg)
AZRamp - Cloud Baseline Security Controls
• Based on NIST 800-53 Rev 4 controls.
• Used to evaluate Infrastructure as a Service (IaaS) and Platform as a Service (PaaS).
• Three levels of control assessment:
• AZ Mandatory Control Baseline: 35 Controls • For RFP and other processes to assess multiple vendors
• For public facing data and websites
• NIST Low Control Baseline: 125 Controls • For Data Classification Category: Public
• NIST Medium Control Baseline: 325 Controls • For Data Classification Category: Confidential
![Page 36: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/36.jpg)
Federal Risk and Authorization Management Program (FedRAMP)
• FedRAMP Marketplace – Vendors with Authority to Operate
• IaaS, PaaS, SaaS
• Low, Moderate, High
• ASET Enterprise Security reviews System Security Plan of vendors who have FedRAMP Authority to Operate
• Vendors using an already approved AZRamp IaaS – Signed letter on letterhead from the approved IaaS/PaaS/SaaS stating
vendor is customer
– Signed letter on letterhead from vendor stating State data and services will be hosted in the approved IaaS environment
![Page 37: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/37.jpg)
Credit: Albert Barron, IBM
![Page 38: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/38.jpg)
Administrative Controls
• State Procurement Office (SPO) – Mandatory Baseline Controls (35) for all multi vendor procurement
actions
– AZRamp Low or Moderate review required based on Data Classification
– IT Security Contract Language • Required to comply with AZ IT Security Policies & Standards
• Requirement to allow assessment (penetration testing and vulnerability assessment)
• ASET Oversight – Project Investment Justification (PIJ) – All IT projects exceeding $25,000 must be approved through the PIJ
process.
• Statewide Information Security Officers (ISO) and Privacy Officers
![Page 39: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/39.jpg)
Information Privacy
• Health Insurance Portability and Accountability Act (HIPAA) – www.hhs.gov/hipaa/index.html
– Do you process or store Protected Health Information (PHI)?
• Payment Card Industry Data Security Standard (PCI DSS) – www.pcisecuritystandards.org
– Do you process or store any Payment Card information?
• Personally Identifiable Information (PII) – NIST SP 800-122
• www.nist.gov/publications/guide-protecting-confidentiality-personally-identifiable-information-pii
– Do you process or store names, addresses, SSNs, Date of Birth, etc.?
![Page 40: Workforce Data Task Force - OEO · Workforce Data Task Force November 30, 2017. Agenda A. Call to order B. Update on development of Arizona Workforce Evaluation Data …](https://reader034.fdocuments.us/reader034/viewer/2022051601/5ad0fd7f7f8b9ac1478e9426/html5/thumbnails/40.jpg)
Owen Zorge
State Compliance and Privacy Officer
Arizona Department of Administration (ADOA)
Arizona Strategic Enterprise Technology (ASET)
Office: (602) 542-0742
Cell: (602) 620-2932
aset.az.gov
Questions