CSUSB Containment Guidelines CSUSB, Information Security Office
|
|
- Ferdinand Barber
- 8 years ago
- Views:
Transcription
1 CSUSB, Infrmatin Security Office Last Revised: 01/30/2013 Final
2 REVISION CONTROL Dcument Title: Authr: File Reference: CSUSB Cntainment Guidelines Javier Trner Date By Actin Pages 03/30/05 J Trner Created Guidelines All 07/25/05 J Trner Added Evidence Preservatin 08/11/05 J Trner Added Incident Handling 10/30/06 J Macdnell Added Incident Cntainment Prcedure 08/01/07 J Macdnell Added Incident Interview Review/Apprval Histry Date By Actin Pages All - 2 -
3 1.0 Incident Ntificatin... 4 Individual Ntificatin f Incidents... 4 Ntificatin f Incidents - Multiple systems... 4 Escalatin Security Event Ntificatin Template Evidence Preservatin Evidence Preservatin Template Incident Cntainment Prcedure Chain f Custdy Dcument
4 1.0 Incident Ntificatin The fllwing are general guidelines when sending ntificatin fr security incidents t the wners r custdians f cmputer r infrmatin systems. Hwever, when security incidents invlve vilatins f state r federal laws, CSU r CSUSB plicies, ntificatins must adhere t the prcedures utline in the crrespnding CSU r CSUSB plicy. If in dubt abut the nature f the incident cntact the University Infrmatin Security Officer. An template fr incident ntificatin can be fund in the IncidentNtificatinTemplate dcument. Individual Ntificatin f Incidents Individual ntificatins are t be used fr thse systems which belng t a department r are under the care f an identified grup n campus. The ntificatin must include the fllwing infrmatin: Identificatin f the system in questin, such as IP-address, MAC address, prt number, lcatin, etc verifiable evidence in the frm f an excerpt f a lg file actin taken, if any be sent t the technician f recrd must be cpied t the immediate supervisr/manager/department chair must include apprpriate instructins in case the system in questin cntains r is used t access persnal infrmatin must be cc t security@infsec.csusb.edu shuld include a digital signature Ntificatin f Incidents - Multiple systems Ntificatin f incidents when there are multiple systems under the care f different grups n campus can be sent t the technician listserv (techs@csusb.edu) fr prmpt actin. The ntificatin must include the fllwing infrmatin: Identificatin f the systems in questin, such as IP-addresses, MAC addresses, prt numbers, lcatins, etc verifiable evidence in the frm f an excerpt f a lg file actin taken, if any must be sent t techs@csusb.edu must be cpied t the help desk at helpdesk@csusb.edu must include apprpriate instructins in case the system in questin cntains r is used t access persnal infrmatin must be cc t security@infsec.csusb.edu shuld include a digital signature Escalatin In the event that n respnse is received within a reasnable amunt f time (typically ne business day) t an incident ntificatin then a secnd ntificatin must be sent and cpied t the supervisr's supervisr. A third ntice is sent directly t senir management with cpies t technicians and direct supervisrs
5 2.0 Security Event Ntificatin Template Belw is the recmmended template fr ntifying wners and administratrs f cmputer incidents invlving cmputer systems under their cntrl. This template is intended t help t preserve evidence shuld it becme necessary t cmply with CA Civil Cde 1798 (frmally SB1386). The must be sent accrding t the guidelines described in the IncidentNtificatin guidelines. Edit the text in brackets t fit the crrespnding infrmatin fr the incident. Subject: [SECURITY] Suspicius activity - << cmputer r IP >> Frm: James Macdnell <jmacdne@csusb.edu> CC: Infrmatin Security Office <security@infsec.csusb.edu> This is an incident ntificatin fr the fllwing cmputer: xxx.yyy << mac address >> << rm # >> This cmputer appears t be infected with ne r mre Malware: Latest Event Cunt Signature :15:08 2 Outdated Windws Flash Versin IE :15:41 1 pamdql/sweet Orange /in.php?q= Hstile landing :15:48 1 Redkit Explit Kit 3Char PDF Request :15:52 2 Vulnerable Java Versin 1.6.x Detected :15:53 2 RedKit Explit Kit Java Request t Recent jar :15:53 2 RedKit - Jar File Naming Algrithm :15:54 1 RedKit - Paylad Requested - /2Digit.html :15:55 7 RedKit - Ptential Java Explit Requested :15:58 1 Maxmind geip check t /app/geip.js :16:20 1 TROJAN Dwnlader HTTP Library seen with ZeuS :16:20 1 Windws 98 User-Agent Detected :18:13 2 TROJAN System Detectin FakeAV (INTEL) This cmputer shuld be examined and may need t be discnnected frm the netwrk. If any cmputer system suspected f cmprmise is knwn t cntain r access persnal infrmatin (such as a cmbinatin f full name and any f the fllwing: scial security number, date f birth, medical infrmatin, financial infrmatin) YOU MUST NOTIFY the Infrmatin Security Office and prevent any further access t the cmputer. A cncern f any cmputer attack is the cmpliance with Civil Cde Sectins and (frmally SB- 1386) which require ntifying individuals whse persnal infrmatin may have been cmprmised. Please keep us infrmed f the status f this system. If yu have any questins r cncerns, please d nt hesitate t reply t this . We lk frward t yur reply. Lgs available upn request
6 3.0 Evidence Preservatin The fllwing are the guidelines fllwed by the Infrmatin Security Office fr preserving evidence which may have been cllected r prvided as part f an investigatin. In all cases the physical evidence will be prtected t maintain its integrity during its cllectin, during the prcess t prduce a frensic image, and during its strage while it is under the custdy f the Infrmatin Security Office. Physical evidence as well as the results f a cmputer frensic analysis will nt be released t anyne withut the written authrizatin f the University Prvst r its designee, r the university legal cunsel, after the cnclusin f an investigatin. The physical evidence as well as the results f the cmputer frensic analysis will be preserved as fllws: In thse instances that an investigatin invlves CSUSB persnnel, r invlves any pssible legal actin, the physical evidence and cmputer frensic analysis results will be preserved fr n less than 7 years frm the date the evidence was cllected. Otherwise the physical evidence and assciated results f the cmputer frensic analysis will be preserved fr n less than ne year frm the date the evidence was cllected. The physical evidence may be released upn request at the cmpletin f an investigatin. The infrmatin Security Office will nt clean, delete, r destry any infrmatin residing n any cllected r prvided evidence, except in extreme circumstances by a written request and at the discretin f the Infrmatin Security Officer. 4.0 Evidence Preservatin Template An template t use in cases where cllectin f the hard drive (r cmputer itself) is anticipated r cmpulsry: T: Example Tech <example tech@csusb.edu> Cc: Example Supervisr <example supervisr@csusb.edu> Subject: [SECURITY] Preservatin f evidence (IRN: _01) This is an evidence cllectin request fr the fllwing cmputer: (hackedbx.csusb.edu) {{LOGS OR OTHER EVIDENCE}} This cmputer needs t be physically secured. Fllw the D.U.S.T. prcedure: D) Physically DISCONNECT the cmputer frm the netwrk. U) UNPLUG the pwer D nt use standard shutdwn prcedure D nt attempt t lgin - 6 -
7 D nt attempt t find any infrmatin. Any f these actins can destry valuable trace evidence. S) Mve the cmputer t a SECURE lcatin An ccupied/lcked manager's ffice An ccupied/lcked cmputer wrkshp T) TELL us and arrange fr evidence cllectin. When the Infrmatin Security Office receives infrmatin that a cmputer appears t be cmprmised (e.g. by a virus r wrm), ur standard prcedure is t cnfirm the infrmatin, ntify the technicians assigned t the VLAN, and als t ntify an apprpriate MPP. As with any cmputer cmprmise, there is a ptential liability t the University. This is why a manager is ntified in additin t a technician. Under Califrnia law (Califrnia Civil Cde 1798), the University is bligated t ntify anyne whse persnally identifiable infrmatin (such as scial security numbers and financial accunt infrmatin) is reasnably believed t have been disclsed t an unauthrized third party. As part f the University's incident handling prcedures, ur ffice will wrk t preserve evidence t prtect the liability f the University and t meet ur bligatins under state and federal law. The preservatin f evidence ften requires the cllectin f the cmprmised cmputer's hard drive. This makes the cmprmised cmputer unusable fr at least a few days (the time necessary t create a frensic image f the hard drive) and perhaps up t seven years. When the hard drive (r cmputer itself) is cllected, managers are respnsible fr crdinating their cllege/divisin/department disaster recvery and business resumptins plans s the cmputer's user can regain prductivity. Als, if during the curse f an investigatin, evidence is discvered that indicates that persnally identifiable infrmatin was indeed disclsed withut authrizatin, the manager will becme invlved in the decisin and prcess t send ntificatins as required by law. That said, mst virus and wrm infectins n campus d nt escalate t the pint where ntificatins are required. The cllectin f evidence is mst ften simply a preventive measure t prtect the University frm future liability r lawsuits. If yu have any questins, please let us knw. We lk frward t yur reply. Additinal lgs available upn request
8 5.0 Incident Cntainment Prcedure - 8 -
9 6.0 Chain f Custdy Dcument NOTICE: The Infrmatin Security Office des nt attempt t mdify r remve files frm a cmputer system since these systems may cntain infrmatin f imprtance t the wner. Fr this reasn, the respnsibility t repair r remve files is left t the respective cllege/department cmputer technician. IRN: System Name: Department: Lcatin: Item(s): Received frm: Name Signature Date/Time Received by: Name Signature Date/Time Reasn fr change f custdy: hld fr pssible litigatin - 9 -
Personal Data Security Breach Management Policy
Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner
More informationKey Steps for Organizations in Responding to Privacy Breaches
Key Steps fr Organizatins in Respnding t Privacy Breaches Purpse The purpse f this dcument is t prvide guidance t private sectr rganizatins, bth small and large, when a privacy breach ccurs. Organizatins
More informationBLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS
BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin
More informationData Protection Act Data security breach management
Data Prtectin Act Data security breach management The seventh data prtectin principle requires that rganisatins prcessing persnal data take apprpriate measures against unauthrised r unlawful prcessing
More informationSystems Support - Extended
1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets
More informationCloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013
Clud-based File Sharing: Privacy and Security Tutrial Institutinal Cmpliance Office July 2013 Patient Data in the Clud Prtecting patient privacy is ne f MD Andersn s greatest respnsibilities Technlgies
More informationWHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy
WHAT YOU NEED TO KNOW ABOUT Prtecting yur Privacy YOUR PRIVACY IS OUR PRIORITY Credit unins have a histry f respecting the privacy f ur members and custmers. Yur Bard f Directrs has adpted the Credit Unin
More informationProcess for Responding to Privacy Breaches
Prcess fr Respnding t Privacy Breaches 1. Purpse 1.1 This dcument sets ut the steps that ministries must fllw when respnding t a privacy breach. It must be read in cnjunctin with the Infrmatin Incident
More informationHIPAA HITECH ACT Compliance, Review and Training Services
Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical
More informationMerchant Processes and Procedures
Merchant Prcesses and Prcedures Table f Cntents EXHIBIT C 1. MERCHANT INTRODUCTION TO T-CHEK 3 1.1 Wh is T-Chek Systems? 3 1.2 Hw t Cntact T-Chek Systems 3 1.3 Hw t Recgnize T-Chek Frms f Payment 3 1.3.1
More informationUniversity of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments
University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department
More informationMaryland General Service (MGS) Area 29 Treatment Facilities Committee (TFC) TFC Instructions
Maryland General Service (MGS) Area 29 Treatment Facilities Cmmittee (TFC) TFC Instructins Lve And Service Facility Presentatin t Patients We are frm Alchlics Annymus (AA), fr AA, and ur service is fr
More informationMalpractice and Maladministration Policy
TR340 Malpractice and Maladministratin Plicy This plicy aims t: Define malpractice and maladministratin in the cntext f CIM/CAM studying members, Accredited study centres (ASCs), examinatin centres, invigilatrs
More informationFINANCIAL OPTIONS. 2. For non-insured patients, payment is due on the day of service.
FINANCIAL OPTIONS 1. Fr thse patients wh carry dental insurance, all c-payments are due n date f service. We will file yur claim as a service t yu, and will d ur very best t maximize yur benefits. We accept
More informationGUIDANCE FOR BUSINESS ASSOCIATES
GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.
More informationUBC Incident Response Plan V1.5
UBC Incident Respnse Plan V1.5 Cntents 1. Ratinale... 2 2. Objective... 2 3. Applicatin... 2 4. Reprting a Cmputer Security Incident... 2 5. Managing the Security Incident... 2 5.1. All Incidents... 2
More informationPrivacy Breach and Complaint Protocol
Privacy Breach and Cmplaint Prtcl Effective: December 31, 2012 Apprved by: Le McKenna, CFO 1.0 General Privacy breaches and privacy cmplaints will be handled in accrdance with this prtcl. This prtcl is
More informationCOPIES-F.Y.I., INC. Policies and Procedures Data Security Policy
COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus
More informationLetter of Engagement. as instructed from time to time in respect of your/the company/trusts affairs
We enclse material which sets ut: Letter f Engagement Infrmatin fr clients which lawyers are required by the New Zealand Law Sciety t prvide; and Our standard terms f engagement. Services t be prvided
More informationCORPORATE CREDIT CARD POLICY
TITLE: POLICY OWNERS: DATE INSTITUTED: May 1, 2008 CURRENT VERSION: Ver. 1.6 REVISION DATE: July 1, 2015 Crprate Credit Card Plicy Melissa Cluse, Vice President & Cntrller Cindy Klein, Accunts Payable
More informationInternet Banking Agreement and Disclosure Statement
Internet Banking Agreement and Disclsure Statement This agreement cntains the terms and cnditins that gvern accessing r using Internet Banking (NetTeller), Bill Payment Services, Mbile Banking and On Demand
More informationInformation Services Hosting Arrangements
Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based
More informationHow To Ensure Your Health Care Is Safe
Guidelines fr Custdians t assess cmpliance with the Persnal Health Infrmatin Privacy and Access Act (PHIPAA) This dcument is designed t help custdians evaluate readiness fr cmpliance with PHIPAA and t
More informationedoc Lite Recruitment Guidelines
edc Lite Recruitment Guidelines Intrductin OneStart & the Academic Psitin Search Channel edc Lite Ruting and Wrkgrups Ruting Actin List Ruting Cntrls Wrkgrups Dcument Search edc Lite Dcuments Vacancy Ntice
More informationInternet and E-Mail Policy User s Guide
Internet and E-Mail Plicy User s Guide Versin 2.2 supprting partnership in mental health Internet and E-Mail Plicy User s Guide Ver. 2.2-1/5 Intrductin Health and Scial Care requires a great deal f cmmunicatin
More informationSecurity Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview
Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the
More informationFrequently Asked Questions About I-9 Compliance
Frequently Asked Questins Abut I-9 Cmpliance What is required t verify wrk authrizatin? The basic requirement t verify wrk authrizatin is the Frm I-9. This frm is available n the HR website: http://www.fit.edu/hr/dcuments/frms/i-9.pdf
More informationNorwood Public Schools Internet & Cell Phone Use Agreement School Year 2015-16
Yu must read and agree t fllw the netwrk rules belw t use yur netwrk accunt r access the internet. Nrwd Public Schls makes available t students access t cmputers and the Internet. Students are expected
More informationVCU Payment Card Policy
VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this
More informationPrivacy and Security Training Policy (PS.Pol.051)
Privacy and Security Training Plicy (PS.Pl.051) Purpse T define the plicies and prcedures fr prviding privacy and security training in respect f the CnnectingGTA Slutin. Definitins Electrnic Service Prvider
More informationA.M. BEST RATING SERVICES, INC. RATING DIVISION INTERNAL POLICY AND PROCEDURE. Subject: Dissemination Number: CRPC Policy 5
A.M. BEST RATING SERVICES, INC. RATING DIVISION INTERNAL POLICY AND PROCEDURE Subject: Disseminatin Number: CRPC Plicy 5 Effective Date: Nvember 29, 2006 Revisin Date: January 04, 2016 Purpse: The purpse
More informationFORM ADV (Paper Version) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS
APPENDIX A FORM ADV (Paper Versin) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS Frm ADV: General Instructins Read these instructins carefully befre
More informationIMPORTANT INFORMATION ABOUT MEDICAL CARE FOR YOUR WORK-RELATED INJURY OR ILLNESS
IMPORTANT INFORMATION ABOUT MEDICAL CARE FOR YOUR WORK-RELATED INJURY OR ILLNESS MEDICAL PROVIDER NETWORK (MPN) NOTIFICATION If yu are injured at wrk, Califrnia Law requires yur emplyer t prvide and pay
More informationRemote Working (Policy & Procedure)
Remte Wrking (Plicy & Prcedure) Publicatin Scheme Y/N Department f Origin Plicy Hlder Authrs Can be published n Frce Website Prfessinal Standards Department (PSD) Ch Supt Head f PSD IT Security Officer
More informationDATA REQUEST GUIDELINES
DATA REQUEST GUIDELINES This dcument describes prcedures law enfrcement authrities and individuals invlved in civil litigatin shuld fllw t request data frm LinkedIn and its affiliated service prviders.
More informationPurpose Statement. Objectives
Apprved by Academic Affairs Cuncil, June 24, 2014 Faculty Handbk Part VI: Other Plicies and Prcedures Sectin R. Intellectual Prperty Classified Emplyee Handbk Part VI: Other Plicies and Prcedures Sectin
More informationFAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT
FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT If using US Pstal Service, please return t: Califrnia Student Aid Cmmissin Prgram Administratin & Services Divisin ATTN: Institutinal Supprt P.O. Bx 419028
More informationTHE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM
THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant
More informationRUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer
RUTGERS POLICY Sectin: 70.1.1 Sectin Title: Infrmatin Technlgy Plicy Name: Acceptable Use Plicy fr Infrmatin Technlgy Resurces Frmerly Bk: N/A Apprval Authrity: Senir Vice President fr Administratin Respnsible
More informationBRILL s Editorial Manager (EM) Manual for Authors Table of Contents
BRILL s Editrial Manager (EM) Manual fr Authrs Table f Cntents Intrductin... 2 1. Getting Started: Creating an Accunt... 2 2. Lgging int EM... 3 3. Changing Yur Access Cdes and Cntact Infrmatin... 3 3.1
More informationHartford Seminary s. Online Application Instructions
Hartfrd Seminary s Online Applicatin Instructins Hartfrd Seminary is pleased t annunce that nline applicatin is nw pssible fr mst f ur prgrams as fllws: Dctr f Ministry: Use nline applicatin Master f Arts:
More informationACTIVITY MONITOR Real Time Monitor Employee Activity Monitor
ACTIVITY MONITOR Real Time Mnitr Emplyee Activity Mnitr This pwerful tl allws yu t track any LAN, giving yu the mst detailed infrmatin n what, hw and when yur netwrk users perfrmed. Whether it is a library
More informationEnrollee Health Assessment Program Implementation Guide and Best Practices
Enrllee Health Assessment Prgram Implementatin Guide and Best Practices March 2015 033129 (03-2015) This guide will help yu answer these questins: What is the Enrllee Health Assessment (EHA) prgram and
More informationOnline Banking Agreement
Online Banking Agreement 1. General This Online Banking Agreement, which may be amended frm time t time by us (this "Agreement"), fr accessing yur Clrad Federal Savings Bank accunt(s) via the Internet
More informationHeythrop College Disciplinary Procedure for Support Staff
Heythrp Cllege Disciplinary Prcedure fr Supprt Staff Intrductin 1. This prcedural dcument des nt apply t thse academic-related staff wh are mentined in the Cllege s Ordinance, namely the Librarian and
More informationPENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK
Department f Health and Human Services OFFICE OF INSPECTOR GENERAL PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Inquiries abut this reprt may be addressed t the Office f Public Affairs
More informationINFORMATIONAL NOTICE MISCELLANEOUS TAX 2013-01. Issued: January 02, 2013
INFORMATIONAL NOTICE MISCELLANEOUS TAX 2013-01 Issued: January 02, 2013 Pennsylvania Department f Revenue Guidelines fr Cllectin and Administrative Bank Attachment Required by Act 85 f 2012 Per the Tax
More informationEmployees - recruitment, records and monitoring
Emplyees - recruitment, recrds and mnitring This guidance has been prduced t help rganisatins cmply with the Data Prtectin Act (DPA) when recruiting and emplying wrkers. It is relevant t public sectr emplyers,
More informationShelby County Schools Online Employee Accident Reporting User Manual
Shelby Cunty Schls Online Emplyee Accident Reprting User Manual Department f Risk Management Nvember, 2013 Overview In accrdance with SCS bard plicy 4014, Accidents n the Jb (als referred t as On the Jb
More informationGETTING STARTED With the Control Panel Table of Contents
With the Cntrl Panel Table f Cntents Cntrl Panel Desktp... 2 Left Menu... 3 Infrmatin... 3 Plan Change... 3 Dmains... 3 Statistics... 4 Ttal Traffic... 4 Disk Quta... 4 Quick Access Desktp... 4 MAIN...
More informationnbn is committed to identifying hazards, preventing workplace accidents and minimising dangerous health safety and environment incidents.
Incident & Hazard Reprting Overview At nbn we are safe, disciplined and reliable. nbn is cmmitted t preventing injury, illness and envirnmental harm by prviding a safe and healthy wrking envirnment fr
More informationCONSTRUCTION INDUSTRIES & MANUFACTURED HOUSING DIVISION
New Mexic Regulatin and Licensing Department 2550 Cerrills Rad Santa Fe, NM 87505 Ph (505) 476-4700 Fax (505) 476-4685 INSTRUCTIONS FOR FILING A COMPLAINT Thank yu fr cntacting The New Mexic Regulatin
More informationFAYETTEVILLE STATE UNIVERSITY
FAYETTEVILLE STATE UNIVERSITY IDENTITY THEFT PREVENTION (RED FLAGS RULE) Authrity: Categry: Issued by the Fayetteville State University Bard f Trustees. University-Wide Applies t: Administratrs Faculty
More informationIf the CAP is acceptable, the serious deficiency determination for the provider is temporarily deferred.
Pat McCrry Gvernr Sent Via Email TO: FROM: Nrth Carlina Department f Health and Human Services Divisin f Public Health May 12.2014 Spnsring Organizatins f Day Care Hmes Arnette Cwan, MS, RD, LDN Supervisr,
More informationInvestment Adviser Switch Workshop
Investment Adviser Switch Wrkshp Investment Adviser Registratin, Renewal, Amendment And Pst-Registratin Requirements Presented by Office f the Attrney General Maryland Divisin f Securities 1 Registratin
More informationFirst Global Data Corp.
First Glbal Data Crp. Privacy Plicy As f February 23, 2015 Ding business with First Glbal Data Crp. ("First Glbal", First Glbal Mney, "we" r "us", which includes First Glbal Data Crp. s subsidiary, First
More informationThe Relativity Appliance Installation Guide
The Relativity Appliance Installatin Guide February 4, 2016 - Versin 9 & 9.1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
More informationProject Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES
Prject Open Hand Atlanta Effective Date: April 14, 2003 Health Insurance Prtability and Accuntability Act (HIPAA) The Health Insurance Prtability and Accuntability Act f 1996 (HIPAA) directs health care
More informationHIPAA Notice of Privacy Practices. Central Ohio Surgical Associates, Inc.
HIPAA Ntice f Privacy Practices Central Ohi Surgical Assciates, Inc. THIS NOTICE OF PRIVACY PRACTICES (THE NOTICE ) DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN
More information0820.02 Workers Disability Compensation Claims Procedures Issued: January 1, 1994 Revised: March 29, 2012
State f Michigan Administrative Guide t State Gvernment 0820.02 Wrkers Disability Cmpensatin Claims Prcedures Issued: January 1, 1994 Revised: March 29, 2012 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY:
More informationPrivacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.
Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive
More informationA. Early Case Assessment
Electrnic Discvery Reference Mdel Standards fr the identificatin f electrnically stred infrmatin in discvery http://www.edrm.net/resurces/standards/identificatin A. Early Case Assessment Once a triggering
More informationPlus500CY Ltd. Statement on Privacy and Cookie Policy
Plus500CY Ltd. Statement n Privacy and Ckie Plicy Statement n Privacy and Ckie Plicy This website is perated by Plus500CY Ltd. ("we, us r ur"). It is ur plicy t respect the cnfidentiality f infrmatin and
More informationDisplayNote Technologies Limited Data Protection Policy July 2014
DisplayNte Technlgies Limited Data Prtectin Plicy July 2014 1. Intrductin This dcument sets ut the bligatins f DisplayNte Technlgies Limited ( the Cmpany ) with regard t data prtectin and the rights f
More informationState Fleet Card Oversight Usage and Responsibilities
State Fleet Card Oversight Usage and Respnsibilities Intrductin The Department f General Services (DGS), Office f Fleet and Asset Management (OFAM) administers a statewide ne-prvider payment system cntract
More informationHow To Write A Disaster Recovery Plan
Dcument Preview This is nly a prtin f the entire, custmizable dcument. KEEP IN DISASTER RECOVERY PLAN and a cpy ff-site Disaster Recvery and Business Cntinuity Plan Fr Name f Cmpany Name Lcatin f Date
More informationInformation Security Incident Response Plan
Infrmatin Security Incident Respnse Plan Agency: Date: Cntact: 1 TABLE OF CONTENTS Intrductin... 3 Authrity... 4 Terms and Definitins... 4 Rles and Respnsibilities... 5 Prgram... 6 Educatin and Awareness...
More informationVolume THURSTON COUNTY CLERK S OFFICE. e-file SECURE FTP Site (January 2011) User Guide
Vlume 1 THURSTON COUNTY CLERK S OFFICE e-file SECURE FTP Site (January 2011) User Guide Table f Cntents C H A P T E R 1 FTP e-filing SERVICE 1 Dcument Requirements 1 Scanners 2 File naming cnventin 2 e-file
More informationCROPREDY SURGERY Dr J Wright & Dr B Tucker
CROPREDY SURGERY Dr J Wright & Dr B Tucker POLICY - COMPLAINTS Intrductin The bjectives f the cmplaints plicy are as fllws. Any cmplaint is dealt with in an effective and timely manner The cmplainant is
More informationCOMPREHENSIVE SAFETY ASSESSMENT INSTRUCTIONS for STUDY ABROAD PROGRAMS
COMPREHENSIVE SAFETY ASSESSMENT INSTRUCTIONS fr STUDY ABROAD PROGRAMS Belw is a list f items t address and questins that need t be addressed in the cmprehensive safety assessment. In additin t the safety
More informationMunising Memorial Hospital. Administrative/Financial Policy
Munising Memrial Hspital Administrative/Financial Plicy SUBJECT: Credit and Cllectins & Financial Assistance POLICY NO. 100-072 REVISED: March 26, 2014 Authrized By: The credit and cllectin plicy f Munising
More informationDatabase Services - Extended
1 General Overview This is a Service Level Agreement ( SLA ) between and Database Services t dcument: The technlgy services Database Services prvides t the custmer. The targets fr respnse times, service
More informationExercise 5 Server Configuration, Web and FTP Instructions and preparatory questions Administration of Computer Systems, Fall 2008
Exercise 5 Server Cnfiguratin, Web and FTP Instructins and preparatry questins Administratin f Cmputer Systems, Fall 2008 This dcument is available nline at: http://www.hh.se/te2003 Exercise 5 Server Cnfiguratin,
More informationNHS WEST NORFOLK CLINICAL COMMISSIONING GROUP SAFEHAVEN POLICY
NHS WEST NORFOLK CLINICAL COMMISSIONING GROUP SAFEHAVEN POLICY 1 DOCUMENT CONTROL SHEET Name f Dcument: Safehaven Plicy Versin: 1 File Lcatin / Dcument Name: Held by Senir Infrmatin Risk Owner (SIRO):
More informationInternet and Social Media Solicitations: Wise Giving Tips
Internet and Scial Media Slicitatins: Wise Giving Tips Charities use a wide variety f methds t slicit charitable dnatins. New and pwerful technlgies utilize nt just the internet and email, but als scial
More informationBill Payment Agreement & Disclosures
Bill Payment Agreement & Disclsures Welcme t Online Banking Bill Payment Service. Use f the Bill Payment Service indicates acceptance f terms and cnditins set frth in the Online Banking Agreement & Disclsures
More informationAccount Switch Kit. Locations. HACKLEBURG PO DRAWER A 34888 US HWY 43 HACKLEBURG, AL 35564 Phone: (205)395-1944 Fax: (205)935-3349
Member FDIC "Hmetwn Banking... Accunt Switch Kit... Mving Made Easy" Lcatins HAMILTON PO BO 189 1281 MILITARY ST S HAMILTON, AL 35570 Phne: (205)921-9400 Fax: (205)921-9708 HACKLEBURG PO DRAWER A 34888
More informationExercise 5 Server Configuration, Web and FTP Instructions and preparatory questions Administration of Computer Systems, Fall 2008
Exercise 5 Server Cnfiguratin, Web and FTP Instructins and preparatry questins Administratin f Cmputer Systems, Fall 2008 This dcument is available nline at: http://www.hh.se/te2003 Exercise 5 Server Cnfiguratin,
More informationNAIC Replacement Requirements For Certain Life Insurance Policies And Annuity Contracts
NAIC Replacement Requirements Fr Certain Life Insurance Plicies And Annuity Cntracts Duties f Prducers If a transactin invlves a replacement, the prducer must leave with the applicant, at the time an applicatin
More informationAccident Investigation
Accident Investigatin APPLICABLE STANDARD: 1960.29 EMPLOYEES AFFECTED: All emplyees WHAT IS IT? Accident investigatin is the prcess f determining the rt causes f accidents, n-the-jb injuries, prperty damage,
More informationData Protection Policy & Procedure
Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015
More informationEvacuation Procedures. In a senior boarding school operating 24 hours a day during term time:
Evacuatin Prcedures Intrductin In a senir barding schl perating 24 hurs a day during term time: The alarm culd sund during lessns, break/lunch, befre schl, during after schl clubs, barders tea, public
More informationFelician College. Computer Use Policy. Office of Information Technology 262 South Main St Lodi, NJ 07644-2117
Felician Cllege Office f Infrmatin Technlgy 262 Suth Main St Ldi, NJ 07644-2117 Cmputer Use Plicy Intrductin - In supprt f Felician Cllege's missin f teaching and public service, the Infrmatin Technlgy
More informationTemplate on written coordination and cooperation arrangements of the supervisory college established for the <XY> Group/<A> Institution
COORDINATION AND COOPERATION ARRANGEMENTS EBA/RTS/2014/16 EBA/ITS/2014/07 Annex II Template n written crdinatin and cperatin arrangements f the supervisry cllege established fr the Grup/ Institutin
More informationCOMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE
COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE Mst dealers are familiar with the requirements f the Gramm-Leach-Bliley Act
More informationACCREDITATION. Policy 60150: Substantive Change
ACCREDITATION Plicy 60150: Substantive Change 1. Purpse 2. Plicy The purpse f this plicy is t assist the Cllege with maintaining cmpliance with Cmprehensive Standard 3.12.1 f the Principles f Accreditatin
More informationPeratr Accreditatin and Services in Queensland
Infrmatin Bulletin PT 204/09.15 Operatr Accreditatin fr Limusine Services What is peratr accreditatin? The Transprt Operatins (Passenger Transprt) Act 1994 requires peratrs f public passenger services
More informationTrustED Briefing Series:
TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers
More informationThe information contained in this site is for INFORMATIONAL purposes only and is protected by copyright. We are not providing legal advice.
Privacy Plicy Terms f Service: The fllwing terms and cnditins gvern all use f the Rightwaywebhsting.cm website and all cntent, services and prducts available at r thrugh the website (taken tgether, the
More informationOUR DISCIPLINARY POLICY
OUR DISCIPLINARY POLICY WHO is this plicy fr? Channel 4 emplyees wh ve passed their prbatinary perid Channel 4 managers This plicy des nt frm part f any emplyee s cntract f emplyment and we may amend it
More informationNew York Institute of Technology Faculty and Staff Email Retention Policy
New Yrk Institute f Technlgy Faculty and Staff Email Retentin Plicy Nvember 2013 I. PURPOSE As electrnic mail (email) has becme the primary frm f cmmunicatin at NYIT and thrughut the wrld, the vlume f
More informationOBJECTIVE 10: ALERT AND NOTIFICATION OBJECTIVE 10: ALERT AND NOTIFICATION OBJECTIVE
OBJECTIVE 10: ALERT AND NOTIFICATION OBJECTIVE Demnstrate the capability t prmptly alert and ntify the public within the 10-mile plume pathway emergency planning zne (EPZ) and disseminate instructinal
More information990 e-postcard FAQ. Is there a charge to file form 990-N (e-postcard)? No, the e-postcard system is completely free.
990 e-pstcard FAQ Fr frequently asked questins abut filing the e-pstcard that are nt listed belw, brwse the FAQ at http://epstcard.frm990.rg/frmtsfaq.asp# (cpy and paste this link t yur brwser). General
More informationImproved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1
Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues
More informationHigh Speed Internet Services
Cnventin Center High Speed Internet Services Wired high-speed Internet access inside a meeting rm, fyer r ther cmmn area: $550 fr the first IP address/device per meeting rm/lcatin, ONE TIME charge fr the
More informationNewborn Blood Spot Failsafe Solution (NBSFS) Operational Level Agreements. Part B: Child Health Record Department (CHRD) Users
Newbrn Bld Spt Newbrn Bld Spt Failsafe Slutin (NBSFS) Operatinal Level Agreements Part B: Child Health Recrd Department (CHRD) Users Versin 1.2 / May 2015 Uncntrlled when printed. T ensure yu have the
More informationMAYFAIR INSURANCE & MORTGAGE CONSULTANTS LTD 11 Lurke Street, Bedford MK40 3HZ Telephone: 01234 242900
MAYFAIR INSURANCE & MORTGAGE CONSULTANTS LTD 11 Lurke Street, Bedfrd MK40 3HZ Telephne: 01234 242900 Please read this dcument carefully as it sets ut the terms n which we agree t act fr ur clients and
More informationHow To Ensure That The Internet Is Safe For A Health Care Worker
POLICY Dc. Cde: IS I5 INTERNET - ACCEPTABLE USE Applicable t: MidCentral DHB Including MidCentral Health & Enable NZ Issued by: Infrmatin Systems Cntact: Manager Service Delivery 1. PURPOSE This plicy
More informationKIK s GUIDE FOR LAW ENFORCEMENT
Thanks fr checking ut ur law enfrcement guide. Kik takes the safety f ur users very seriusly, and we hpe this guide will be a useful tl fr yu. It includes infrmatin abut ur app; the features and functins
More information