Launch of Security Awareness Training


March 11, 2014

Columbia University values the importance of openly communicating and sharing information, while protecting sensitive data and computer systems. Each member of the Columbia community plays an integral role in helping secure information to which he or she has access. To assist you in doing your part to protect our information, users and systems, the University is offering the following resources: 

  1. Online Security Awareness Training is now available. The launch of Security Awareness Training is an important step in educating faculty, staff and students on how to secure the University’s data and systems. Below is a summary of each Security Awareness Training module.

Security Essentials

Describes information security breaches; provides examples, root causes and how to prevent them. Explains how to create strong passwords and how to protect information when traveling or working remotely

Social Engineering

Focuses on less technical, but potentially sophisticated attacks, including email “phishing,” fraudulent web pages, Internet attacks and attacks via phone

Protecting Sensitive Information

Describes how to mitigate risks of information loss by explaining what information needs to be protected, the consequences of information exposure, how information can be lost or stolen and how to protect sensitive information

FERPA (Family Education Rights and Privacy Act)

Explains what is included in an educational record, types of information that can be disclosed, and the rights of both students and parents regarding educational records

PCI Basics (Payment Card Industry Data Security Standards)

Describes standards which help to prevent credit card fraud and breaches of cardholder information. Describes PCI’s 12 requirements for organizations to observe when handling credit card transactions

HIPAA Privacy

Explains electronic protected health information (PHI), HIPAA regulations and impact on health care providers. Explains how the HIPAA Security rule addresses the confidentiality, integrity and availability of PHI in an electronic form


To get started, go to and log in with your UNI and password. Most training modules will take approximately 15 minutes to complete. For more information, visit the Security Awareness Training page at

Columbia University Medical Center (CUMC) is currently focusing on HIPAA Privacy and has already identified required training modules. CUMC has also communicated with faculty and staff on CUMC and Morningside campuses who deal with protected health information (“PHI”). Optional security training modules will be made available to these faculty and staff at a later date.

  1. The University has updated and consolidated all of Columbia University’s IT and security policies. The new policies apply to the entire Columbia community, including students, faculty and staff.

Please familiarize yourself with the Information Security Charter and IT policies at: or on the CUIT home page at

Thank you in advance for partnering with us to keep Columbia secure.



Candace C. Fleming, Vice President and Chief Information Officer

Columbia University Information Technology


Medha Bhalodkar, AVP and Chief Information Security Officer

Columbia University Information Technology