SMPH Informatics and Information Technology (IIT) provides cybersecurity services to safeguard information, systems, and research data. Our Cybersecurity Team offers consulting, risk management, vulnerability scans, and guidance to the SMPH community.
On This Page:
➤ Request Cybersecurity Help
➤ Policies and Best Practices
➤ News and Updates
Request Cybersecurity Help
All cybersecurity-related support must now be requested through the Cybersecurity Portal. The Cybersecurity Portal, part of SMPH Navigator, streamlines how cybersecurity requests are submitted, tracked, and resolved. It improves response times, enhances communication, and provides better visibility into the status of your requests.
Please Note:
You will receive email notifications when your request is updated.
To view or respond to updates, you must log into the SMPH Navigator portal.
You can submit and track requests for:
Audit Questionnaires
Completion of a cybersecurity audit form.
Policy & Procedures
Request an Exception, Guidance, or Feedback.
Contract Reviews
Review contracts for Cybersecurity Requirements.
Regulatory Compliance
Get help understanding compliance requirements.
Vulnerability Scans
Assess security vulnerabilities.
Consultations
Request expert guidance on Cybersecurity systems or risks.
Risk Assessments
Evaluate security risks before using new tools.
Cybersecurity Policies and Best Practices
Access SMPH and UW-Madison cybersecurity policies, standards, and resources to protect sensitive information and ensure compliance.
Cybersecurity & HIPAA Security Training and Awareness
- All UW faculty and staff are required to complete annual Information Security Awareness Training. Complete your training at wisc.edu/security-training
- All UW faculty, staff, students, and volunteers who work in areas that have access to Protected Health Information, or support areas that have access to this information, are required to complete annual HIPAA training. Complete your training at wisc.edu/hipaatraining
Policies, Standards & Guidance Documents
- SMPH Cybersecurity is committed to protecting the privacy and security of our patients, research participants, faculty, staff, and students. Please reach out if you have any questions on adhering to the HIPAA Security Rule or being in compliance with policies and standards to ensure good stewardship of data. For questions, visit the SMPH Cybersecurity Portal: https://smph-navigator.atlassian.net/servicedesk/customer/portal/2
- Universities of Wisconsin, UW-Madison, and SMPH Policies, Standards, and Guidance Documents: https://kb.wisc.edu/smph/internal/142446
Report an Incident
- It is important to report any cybersecurity incident, no matter how large or small it may seem, to ensure DoIT and SMPH Cybersecurity can take action to protect you and your data.
- SMPH Cybersecurity Portal: https://smph-navigator.atlassian.net/servicedesk/customer/portal/2
- Call the DoIT Help Desk: 608-264-4356 (for off hours select option 0)
- Report a HIPAA Incident: wisc.edu/hipaareport
Cybersecurity Best Practices
- Be cautious with emails: Avoid clicking on suspicious links or attachments. Look for signs like typos, odd URLs, and a sense of urgency to identify phishing: https://it.wisc.edu/learn/learn-how-to-recognize-and-report-phishing/
- Use SMPH VPN: Use the SMPH Virtual Private Network (VPN) to ensure secure remote access
- Use a strong passphrase: create a unique, complex passphrase and change it if you think your account or passphrase has been compromised
- Use UW Madison’s password manager: create random passphrases and store passphrases securely: https://it.wisc.edu/services/1password/
- Use multi-factor authentication: Add an extra layer of security to your accounts by enabling an additional verification method: https://it.wisc.edu/services/duo-multi-factor-authentication-mfa/
- Lock devices: Lock your devices when not in use or you step away
Cybersecurity Resources
- SMPH Cybersecurity KnowledgeBase: https://kb.wisc.edu/smph/internal/search.php?cat=13913
- SMPH Endpoint Standards: https://kb.wisc.edu/smph/internal/smph-endpoint-device-standards
- UW-Madison and SMPH Storage Options: https://kb.wisc.edu/smph/internal/144445
- Cybersecurity for International Remote Work: https://kb.wisc.edu/smph/internal/141655
- SMPH Cybersecurity’s Guide on Navigating Generative AI: https://kb.wisc.edu/smph/internal/148147
- Guidance on Cybersecurity Risk Assessment Process for Researchers: https://kb.wisc.edu/smph/internal/137178
- SMPH Cybersecurity Incident Response Plan: https://kb.wisc.edu/smph/internal/142370
Cybersecurity News and Updates
Cybersecurity Support Has a New Home
Cybersecurity support at SMPH now runs through a streamlined online portal. As of May 12, all cybersecurity-related requests must be submitted via the Cybersecurity Portal.
New HIPAA Guidance for Research Teams
The Office of Compliance has published updated guidance to support research teams working with protected health information (PHI), especially those with members both inside and outside of the UW-Madison Health Care Component (HCC). Guidance for …
Phishing Alert – Key Reminders to Stay Secure
Phishing scams targeting UW–Madison and SMPH are increasing. Stay secure by never sharing your credentials, avoiding public computers, and verifying suspicious emails. Check recent scam subject lines in the scam alert table. Report suspicious emails to security@med.wisc.edu.
- More Cybersecurity posts