Skip to content
Information Technology Services

Quick Links


Thor Ryan
DHSS Chief Security Officer

Department Security Office

The Department Security Office, managed by the DHSS Chief Security Officer, is responsible for establishing, implementing, monitoring, and improving the DHSS Information Security Management System (ISMS). Specific responsibilities include:

  • Developing, coordinating the approval of, and communicating information security policies and implementing standards and procedures in support of those policies;

  • Coordinating risk assessment activities for the ISMS;

  • Coordinating training and awareness activities for the ISMS;

  • Planning and implementing controls, evaluating and recommending the selection of solutions, and participating in the development of the information technology strategies of DHSS to ensure consistency with DHSS information security policies;

  • Coordinating the activities of the DHSS incident response team (IRT) and coordinating DHSS IRT participation with the State Security Office, State IRT, forensic team, and law enforcement;

  • Coordinating and supporting security-related activities of DHSS Network Services, Business Applications, and Customer Services staff, and security system liaisons;

  • Presenting information security issues, policy changes and exceptions, and recommendations to department management regarding their information security responsibilities;

  • Monitoring information security, performing audits of operation of the ISMS, and reporting on the state of information security to DHSS management; and

  • Coordinating improvements to the DHSS ISMS based on the results of management reviews, audits, and incident response analysis.

If you have an information security or compliance questions/concerns relevant to the Department of Health and Social Services, please contact the Department Security Office at You may also contact the DHSS Chief Security Officer directly at