COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE"

Transcription

1 COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE

2 COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE Mst dealers are familiar with the requirements f the Gramm-Leach-Bliley Act and the Federal Trade Cmmissin s (FTC) Privacy Rule, which bligate them t create and distribute Privacy Ntices t their custmers. What they may nt knw is that the FTC s Standards fr Safeguarding Custmer Infrmatin, mre cmmnly knwn as the Safeguards Rule, becmes effective n May 23, The bjectives f the Safeguards Rule are t insure the security and cnfidentiality f custmer infrmatin, prtect against any anticipated threats r hazards t the security and integrity f custmer infrmatin, and prtect against unauthrized access t r use f custmer infrmatin that culd result in substantial harm r incnvenience t a custmer. The FTC s Safeguards Rule des nt change the dealership s bligatins under the FTC s Privacy Rule. The Privacy Rule deals with hw financial institutins cllect and share infrmatin. Mtr vehicle dealerships are still required t prvide their custmers with a Privacy Ntice that advises the custmer abut the types f infrmatin the dealership cllects, the surces frm which the infrmatin may be btained and the dealership s plicies with respect t sharing that infrmatin. As yu may recall, in rder t fully cmply with the Gramm-Leach-Bliley Act and the FTC s Privacy Rule, mtr vehicle dealers were als required t make a statement abut their infrmatin safeguarding practices in their Privacy Ntices. As a result, mst dealership Privacy Ntices state we maintain physical, electrnic and prcedural safeguards t prtect the cnfidentiality and security f the infrmatin we cllect. Nw the Safeguards Rule mandates that dealers have a written dcument that specifies the steps they have taken t assess the types f risks that exist with respect t the infrmatin being btained by unauthrized individuals and t prtect the cnfidentiality and security f such infrmatin. Like the Privacy Rule, the Safeguards Rule applies nly t transactins invlving persns wh btain a financial prduct r service frm the dealership primarily fr persnal, family r husehld purpses. Althugh it is a gd idea t apply the same privacy plicies and infrmatin security standards t all f the infrmatin cllected by the dealership, it is nt required fr infrmatin abut cmpanies r individuals wh btain financial prducts r services fr business, cmmercial r agricultural purpses, unless the dealership s Privacy Ntice states therwise. Persnal infrmatin typically cllected frm custmers at the dealership includes their names, addresses, telephne numbers, birth dates and scial security numbers, infrmatin cntained in credit applicatins and credit reprts, infrmatin dealerships receive frm lenders, and even lists f the dealership s finance custmers. The FTC s Safeguards Rule specifically requires every dealer, regardless f the size f his dealership, t develp, implement and maintain a cmprehensive written infrmatin security plan that describes the dealership s prgram t prtect custmer infrmatin. It als requires them t ensure that affiliates f the dealership maintain apprpriate safeguards and that their service prviders are capable f maintaining apprpriate safeguards fr the custmer infrmatin the dealership shares. The Dealership s written infrmatin security plan must: (1) Designate an emplyee r emplyees t crdinate the safeguards; (2) Identify and assess the risks t custmer infrmatin in each relevant area f the dealership s peratin, and evaluate the effectiveness f the current safeguards fr cntrlling these risks; (3) Design and implement a safeguards prgram, and regularly mnitr and test it; (4) Select apprpriate service prviders and cntract with them t implement safeguards; and (5) Evaluate and adjust the prgram in light f relevant circumstances, including changes in business arrangements r peratins, r the results f testing and mnitring f safeguards. When we filed cmments regarding the Safeguards Rule n behalf f NIADA, we requested that the FTC adpt flexible requirements, and the FTC did just that. The dealership s privacy plicies and infrmatin security standards must be develped taking int cnsideratin the dealership s size and cmplexity, the nature and scpe f its activities, the sensitivity f the infrmatin it cllects, and theses plicies and standards must be regularly mnitred. When implementing the Safeguards Rule, the dealership must cnsider all areas f its peratin, including three that are particularly imprtant t infrmatin security: Emplyee management and training; infrmatin systems, and managing system failures. In an effrt t help businesses understand and cmply with the FTC s Financial Infrmatin Safeguards Rule, the FTC issued a new Facts fr Business Publicatin titled Financial Institutins and Custmer Data: Cmplying with the Safeguards Rule.

3 While cmpliance with the FTC s Safeguards Rule is just arund the crner and, therefre, n the tp f everyne s agenda, dealers are well advised t cnsider ther Federal Privacy and Anti-Terrrism Laws that have recently been enacted r are under cnsideratin. Fr example, n Octber 26, 2001, the President signed int law the Uniting and Strengthening America by Prviding Apprpriate Tls Required t Intercept and Obstruct Terrrism Act f 2001 (USA Patrit Act). Title III f the USA Patrit Act makes a number f amendments t the anti-mney laundering prvisins f the Bank Secrecy Act (BSA) that are intended t prmte the preventin, detectin, and prsecutin f internatinal mney laundering and the financing f terrrism. Under the USA Patrit Act, the term financial institutin is defined t include a business engaged in vehicle sales, including autmbile, airplane, and bat sales. The Treasury Department has already issued a Final Rule implementing Sectin 314 f the USA Patrit Act, which establishes prcedures that encurage infrmatin sharing between gvernmental authrities and financial institutins, and amng financial institutins themselves. The first part f the Rule establishes a mechanism fr law enfrcement agencies t cmmunicate the names f suspected terrrists and mney launders t financial institutins in an effrt t lcate and secure accunts and transactins invlving thse suspects. Effective as f September 26, 2002, any mtr vehicle dealerships that receive the name f a suspect must designate ne persn at the dealership t be the cntact persn regarding the request and any future requests that it receives. They must als establish adequate prcedures t prtect the security and cnfidentiality f the requests received frm FinCEN and their respnses t these requests. The requirement t maintain adequate security and cnfidentiality prcedures t prtect the infrmatin is met if the dealership applies the same prcedures it has established t cmply with the Gramm-Leach-Bliley Act and the FTC s Safeguards Rule. The USA Patrit Act als requires every financial institutin t establish an anti-mney laundering prgram. Pursuant t Sectin 352 f the Act, the anti-mney laundering prgram must include, at a minimum: (1) The develpment f internal plicies, prcedures, and cntrls; (2) The designatin f a cmpliance fficer; (3) An nging emplyee-training prgram; and (4) An independent audit functin t test prgrams. Sectin 326 f the Act further requires the Treasury t prescribe Regulatins setting frth minimum standards fr financial institutins t identify custmers applying t pen accunts, including: (1) Adpting reasnable prcedures fr verifying the identity f any persn seeking t pen an accunt; (2) Maintaining recrds f the infrmatin used t verify the persn s identity, including the persn s name, address, and ther identifying infrmatin; and (3) Determining whether the persn appears n any lists f knwn r suspected terrrists r terrrist rganizatins prvided t the financial institutin by a Gvernment Agency. Althugh mtr vehicle dealers have been temprarily exempted frm the requirement t establish an anti-mney laundering cmpliance prgram, n February 24, 2003, FinCEN published an Advance Ntice f Prpsed Rulemaking t slicit public cmments as t hw these requirements shuld apply t mtr vehicle dealers. T eliminate the need fr NIADA Members t draft new r mdified privacy plicies and infrmatin security standards in the future, we have develped the enclsed materials t assist them in cmplying nt nly with the FTC s Safeguards Rule, but als with the USA Patrit Act and emerging implementing regulatins that will impact every dealership s plicies, practices and verall peratins. These materials are being prvided t yu fr distributin t NIADA Members free f charge. We are als prviding them t yu in electrnic frmat t make it easy fr dealers t custmize them fr their wn use. Enclsed yu will find the: FTC Guidelines titled Financial Institutins and Custmer Data: Cmplying with the Safeguards Rule, which summarize the purpse fr the Safeguards Rule and include suggested plicies and prcedures fr cmplying with the Rule. Prgram Crdinatr s Audit f Dealership Privacy Plicies and Infrmatin Security Standards Checklist Dealership Privacy Plicies and Infrmatin Security Standards Emplyee Agreement t Cmply with Privacy Plicies and Infrmatin Security Standards Statement f Privacy Plicies and Infrmatin Security Standards

4 Addendum t Service Prvider Agreements and Letter t Service Prviders Regarding Safeguarding Infrmatin Please keep in mind that these materials are designed t assist dealers t identify and implement apprpriate plicies and standards fr prtecting custmer infrmatin. They are intended as a guide fr mtr vehicle dealers t develp their privacy plicies and infrmatin security standards. While nt intended as a universal slutin that every dealership can adpt, since they are drafted frm a used mtr vehicle dealer s perspective, NIADA Members shuld find that they are easy t use and custmize fr their dealerships. It is imprtant that dealers be instructed t familiarize themselves will all f the infrmatin cntained in the dcuments prvided and include nly thse privacy plicies and infrmatin security standards that are feasible fr the dealership t implement and maintain. In additin, there may be state specific data prtectin r safeguards rules with which dealers must cmply and, therefre, they may wish t cnsult with their legal cunsel r ther prfessinal cnsultants t ensure that their privacy plicies and infrmatin security standards are apprpriate fr the dealership and in cmpliance with applicable federal and state laws, rules and regulatins. The infrmatin cntained in this dcument and the additinal materials prvided are fr general infrmatin purpses nly and shuld nt be cnsidered as legal advice.

5

6

7

8

9 PROGRAM COORDINATOR S AUDIT OF DEALERSHIP PRIVACY POLICIES AND INFORMATION SECURITY STANDARDS CHECKLIST Emplyee Management and Training Are current emplyees, new hirees and independent cntractrs wh perfrm services n behalf f the Dealership subject t satisfactry reference and, where apprpriate, cnsumer/criminal reprt investigatins? Have yu develped prcesses that limit access t custmer infrmatin and ther cnfidential recrds t authrized emplyees? D yu have a written dcument utlining the plicies and prcedures fr handling cnfidential infrmatin? Have yu cnsidered having emplyees frmally acknwledge their understanding f infrmatin security plicies and practices? What steps has the Dealership taken t train emplyees n its privacy plicies and infrmatin security standards? Des the Dealership emply passwrd-prtectin sftware and encryptin prgrams as apprpriate and have emplyees been advised nt t pst passwrds near their cmputers r share passwrds with any ther persn? D yu have apprpriate disciplinary plicies? When an emplyee ceases t be emplyed by the Dealership, d yu delete utdated user names and passwrds frm electrnic databases and netwrks and btain all keys t the Dealership and file cabinets, desks, and ffices in the Dealership frm the emplyee? Have yu cntacted yur Dealer Assciatin, Legal Prfessinals r ther cnsultants t assist yu with cmpliance as necessary? Obtaining Custmer Infrmatin and Verifying Custmer Identities D yur frms request adequate custmer infrmatin t verify the identity f the Dealership s custmers? D emplyees request t see the custmer s driver s license r ther frm f gvernment-issued identificatin with a phtgraph t verify the custmer s identity? What plicies des the Dealership have in place t address situatins when custmer infrmatin is cnflicting r cannt be verified? D yu have prcedures fr ensuring that the Dealership des nt enter int transactins with individuals r entities that appear n the list f Specially Designated Natinals and Blcked Persns maintained by the Office f Freign Asset Cntrl (OFAC)? D yu have recrd retentin plicies fr files that cntain custmer infrmatin and identity verificatin? Infrmatin Systems Hw d yu secure recrds? Are recrds that cntain custmer infrmatin stred where they can be lcked when unattended? Are file cabinets, desk drawers and ffices lcked securely?

10 Are strage areas secure frm unauthrized access and prtected against physical hazards like fire r flds? What is the prcess fr cllecting and filing written recrds? Are yur electrnic recrds stred securely? D the passwrds yu assign cntain enugh characters and cnsist f bth letters and numbers? Is n-screen infrmatin prtected? D yu change passwrds peridically and require emplyees t keep them private? Hw d yu transmit and receive sensitive custmer infrmatin? What measures are taken when dispsing f custmer infrmatin? D yu shred dcuments cntaining custmer infrmatin and stre it in a secure area until an authrized dispsal/recycling service picks it up? Hw d yu ensure data is eliminated when dispsing f cmputers, disks, hard drives r any ther electrnic media that cntains custmer infrmatin? Is there a need fr a designated recrds retentin manager? Is it necessary t establish retentin perids fr written custmer files? Are emplyees prhibited frm taking custmer infrmatin ut f the Dealership? Hw d yu make sure yur anti-virus and firewall sftware is up-t-date? D yu have a system fr backing up infrmatin n cmputers and/r servers? Are emplyees instructed t lg ff f all Internet, and ther accunts when they are nt being used? Wh is respnsible fr dwnlading sftware r applicatins t the Dealership s cmputers? Have yu taken steps t prevent and prepare fr a systems failure? Selectin and Oversight f Service Prviders Have yu established criteria fr evaluating, selecting and auditing service prviders? Des the Dealership have cntractual agreements with all f its service prviders? Are service prviders required t agree t be respnsible fr securing and maintaining the cnfidentiality f custmer infrmatin? Is the Dealership advised when a security breach ccurs and des the Dealership have plicies f advising it s service prviders f security breaches?

11 Managing System Failures D yu have a system fr auditing and verseeing the Dealership s privacy plicies and infrmatin security standards? Des the Dealership take immediate crrective actin when a security breach ccurs?

12 DEALERSHIP PRIVACY POLICIES AND INFORMATION SECURITY STANDARDS Our Prgram Crdinatr We have appinted as the Prgram Crdinatr f ur Dealership s Infrmatin Security Prgram. The Prgram Crdinatr will reprt directly t, the f the Dealership. In the event the Prgram Crdinatr ceases t be emplyed by the Dealership r is unable t perfrm his/her respnsibilities, shall take ver the respnsibilities f the Prgram Crdinatr until a new permanent Prgram Crdinatr is appinted. The Prgram Crdinatr s Respnsibilities It is the Prgram Crdinatr s respnsibility t design, implement and maintain privacy plicies and infrmatin safeguard standards as he/he determines t be necessary frm time t time. Specific respnsibilities that have been delegated t the Prgram Crdinatr include: Identifying and assessing the risks t custmer infrmatin in each relevant area f the Dealership s peratin, and evaluating the effectiveness f current safeguards that have been implemented t cntrl these risks. Designing and implementing privacy plicies and infrmatin security standards that are apprpriate fr the size and cmplexity f ur Dealership and its peratins, the nature and scpe f ur activities and the sensitivity f the custmer infrmatin we cllect, stre and share with thers. Regularly mnitring and testing the privacy plicies and infrmatin security standards. Assisting with the selectin f apprpriate service prviders that are capable f maintaining safeguards t prtect the relevant custmer infrmatin and reviewing service prvider cntracts t ensure that each cntracts cntain apprpriate bligatins with respect t the use f custmer infrmatin and the implementatin f safeguards. Evaluating and adjusting the Dealership s Privacy Plicies and Infrmatin Security Standards in light f relevant circumstances, including changes t the Dealership s peratins, business relatinships, technlgical develpments and/r ther matters that may impact the security r integrity f the Dealership s custmer infrmatin. Pursuant t the USA Patrit Act and the Rules adpted by the Financial Crimes Enfrcement Netwrk (FinCEN), a Bureau under the Department f Treasury, the Prgram Crdinatr will als be the cntact persn fr Law Enfrcement Agencies t cmmunicate the names f suspected terrrists and mney launders in an effrt t lcate and secure accunts and transactins invlving thse suspects. Upn receiving a request fr infrmatin frm FinCEN, the Prgram Crdinatr will: Prvide FinCEN with his/her name, title, and apprpriate cntact infrmatin, such as a mailing address, e- mail address, telephne number and facsimile number, and ntify FinCEN prmptly f any mdificatins with respect t cntact infrmatin. Ensure that current accunts maintained by the Dealership, any accunts maintained by the Dealership during the past 12 mnths, and any transactins cnducted during the past 6 mnths that the Dealership is required by law r regulatin t recrd r that the Dealership has recrded and maintained are searched fr the names prvided by FinCEN. If the Dealership has entered int a transactin with an individual r entity n the list, send a Reprt t FinCEN that cntains: (1) The name f the individual, entity r rganizatin; (2) The accunt numbers r,

13 in the case f transactins, the date and type f each transactin; and (3) The scial security number, taxpayer identificatin number, passprt number, date f birth, address, r ther persnal identifying infrmatin prvided by the individual r entity at the time f the transactin. Questins abut the scpe r terms f a request will be directed t the Law Enfrcement Agency that sent the request fr infrmatin t FinCEN, but the Reprt will be sent t FinCEN, nt the Law Enfrcement Agency that requested the search, unless the Prgram Crdinatr is instructed therwise. Emplyee Management and Training All current emplyees and new hirees, as well as independent cntractrs wh perfrm services n behalf f the Dealership, will: Be subject t satisfactry reference and cnsumer/criminal reprt investigatins, where apprpriate. Only have access t custmer infrmatin if they have a business reasn fr seeing it. Participate in the Dealership s privacy plicies and infrmatin security standards training prgram and attend educatinal and training seminars n a regular basis. Sign and acknwledge his/her agreement t ur Dealership s Statement f Privacy Plicies and Infrmatin Security Standards. Be respnsible fr prtecting the cnfidentiality and security f the custmer infrmatin ur Dealership cllects and fr using the infrmatin in accrdance with ur Privacy Plicies. Nt be permitted t pst passwrds near their cmputers r share passwrds with any ther persn. Refer telephne calls r ther requests fr custmer infrmatin t the Prgram Crdinatr r apprpriate manager when such requests are nt received within the rdinary curse f the Dealership s business r are fr infrmatin that the emplyee is nt authrized t prvide. Disclse t service prviders, marketers r any ther parties nly that custmer infrmatin which is necessary t cmplete a transactin initiated by the custmer and/r as permitted by law. If an emplyee is unsure as t whether a specific disclsure is permitted, he r she will be instructed t check with the Prgram Crdinatr r apprpriate manager t verify that it is acceptable t release the infrmatin befre ding s. Be required t ntify the Prgram Crdinatr r apprpriate manager immediately f any attempts by unauthrized persns t btain access t custmer infrmatin and/r if any passwrd r custmer infrmatin is subject t unauthrized access. Any emplyee that fails t abide by ur Statement f Privacy Plicies and Infrmatin Security Standards, whether such failure is intentinal r unintentinal, will be subject t apprpriate disciplinary actin, which may include terminatin f emplyment. When an emplyee ceases t be emplyed by the Dealership, he/she will be required t turn in any keys in his/her pssessin that prvide access t the Dealership and file cabinets, desks, and ffices in the Dealership; passwrds and security cdes, if applicable, will be deleted; and emplyees will nt be permitted t take any custmer infrmatin frm the Dealership.

14 Obtaining Custmer Infrmatin and Verifying Custmer Identities The fllwing prcedures will be implemented with respect t btaining custmer infrmatin and verifying custmer identities: Frms utilized by the Dealership request custmer infrmatin, such as names, addresses, telephne numbers, birth dates, scial security numbers, tax identificatin numbers, and driver s license and insurance infrmatin, t enable the Dealership t verify the identificatin f its custmers. In additin, custmers must sign dcumentatin, including swrn statements in sme cases, wherein the custmer represents and warrants that he/she is the persn identified in the dcumentatin. Emplyees will request t see the custmer s driver s license r ther frm f gvernment-issued identificatin bearing a phtgraph t verify the custmer s identity and will make a cpy f the same t retain in the custmer s file. If a custmer requests financing in cnnectin with a transactin, the custmer will be required t prvide emplyment infrmatin and references and must authrize the Dealership t btain a credit reprt, all f which may be utilized t verify the identity f the custmer. Emplyees may als request cpies f the custmer s utility bills, bank r credit card statements and paycheck stubs. In the event that custmer infrmatin prvided in dcumentatin is cnflicting r cannt be verified upn further inquiry, emplyees shall request additinal gvernment-issued dcumentatin evidencing the custmer s residence and bearing a phtgraph r ther safeguard (i.e. a scial security card, alien identificatin card, r passprt) t enable emplyees t frm a reasnable belief that they knw a custmer s true identity. When apprpriate, emplyees shall write a summary f the means and results f any measures taken t identify a custmer, including the reslutin f any discrepancy in the identifying infrmatin btained. Emplyees will be instructed t ntify the Prgram Crdinatr if custmer infrmatin still cannt be verified. The Dealership has access t updated versins f the alphabetical master list f Specially Designated Natinals and Blcked Persns maintained by the Office f Freign Asset Cntrl (OFAC), which will be checked t ensure that ptential custmers d nt appear n the same. Paper and electrnic recrds cntaining custmer infrmatin and relevant t the Dealership s identity verificatin prcess will be retained by the Dealership in accrdance with federal and state recrd retentin requirements. Upn the expiratin f the apprpriate retentin perid, any such recrds will be dispsed f in a secure manner in accrdance with the Dealership s infrmatin security standards. Infrmatin Systems The fllwing infrmatin security standards will be implemented in rder t prtect custmer infrmatin cllected and maintained by ur Dealership: Emplyees will have access nly t that custmer infrmatin which is necessary t cmplete their designated respnsibilities. Emplyees shall nt access r prvide any ther unauthrized persn access t custmer infrmatin that is btained during the curse f emplyment. Requests fr custmer infrmatin that are utside the scpe f the Dealership s rdinary business r the scpe f an emplyee s authrizatin must be directed t the Prgram Crdinatr r designated individuals. Access t electrnic custmer infrmatin will be passwrd cntrlled. Every emplyee with access t the Dealership s cmputer system and electrnic recrds will have a unique passwrd cnsisting f at least characters, including numbers and letters. Only emplyees that need t access electrnic recrds will be prvided with passwrds.

15 All paper and electrnic recrds will be stred in secure lcatins t which nly authrized emplyees will have access. Any paper recrds cntaining custmer infrmatin must be stred in a deal jacket r flder. Paper recrds must be stred in an ffice, desk, r file cabinet that is lcked when unattended. Electrnic recrds will be stred n a secure server that is lcated in a lcked rm and is accessible nly with a passwrd. Where apprpriate, recrds will be maintained in a fireprf file cabinet and/r at an ffsite lcatin. Custmers, vendrs and service prviders shall nt be left in an area with insecure custmer recrds. Backups f the cmputers and/r server will be made at least nce each day, r at mre frequent intervals as deemed necessary. At least nce each mnth the backup infrmatin will be verified. Backup disks will be stred in a lcked file cabinet. Virus prtectin sftware has been installed n the cmputers and new virus updates will be checked at regular intervals. All cmputer files will be scanned at least nce each mnth, r at mre frequent intervals as deemed necessary. Firewalls and security patches frm sftware vendrs will be dwnladed n a regular basis. All data will be erased frm cmputers, disks, hard drives r any ther electrnic media that cntain custmer infrmatin befre dispsing f them and, where apprpriate, hard drives will be remved and destryed. Any paper recrds will be shredded and stred in a secure area until an authrized dispsal/recycling service picks it up. Emplyees will be instructed t lg ff f all Internet, and ther accunts when they are nt being used. Emplyees will nt be permitted t dwnlad any sftware r applicatins t Dealership cmputers r pen attachments frm unknwn surces. Electrnic recrds may nt be dwnladed t a disk r individual cmputer withut explicit authrizatin frm the Prgram Crdinatr. Electrnic recrds will nt be stred nline and are nt accessible frm the Internet. If custmer infrmatin is transmitted electrnically ver external netwrks, emplyees will be instructed t encrypt the infrmatin at the time f transmittal. Neither current nr frmer emplyees will be permitted t remve any custmer infrmatin frm the Dealership, whether cntained in paper recrds r electrnic recrds, r t disclse ur infrmatin security standards t any persn withut authrizatin frm the Prgram Crdinatr. Selectin and Oversight f Service Prviders In rder t prtect the custmer infrmatin ur Dealership cllects, we will take steps t evaluate and versee ur service prviders. The fllwing evaluatin criteria will be utilized in selecting service prviders: Cmpatibility and willingness t cmply with the Dealership s privacy plicies and infrmatin security standards and the adequacy f the service prvider s wn privacy plicies and infrmatin security standards. Recrds t be maintained by the service prvider and whether the Dealership will have access t infrmatin maintained by the service prvider. The service prvider s knwledge f regulatins that are relevant t the services being prvided, including privacy and ther cnsumer prtectin regulatins.

16 Experience and ability t prvide the necessary services and supprting technlgy fr current and anticipated needs. Functinality f any service r system prpsed and plicies cncerning maintaining secure systems, intrusin detectin and reprting systems, custmer authenticatin, verificatin, and authrizatin, and ability t respnd t service disruptins. Service and supprt that will be prvided in terms f maintenance, security, and ther service levels. Financial stability f the service prvider and reputatin with industry grups, trade assciatins and ther dealerships. Cntractual bligatins and requirements, such as the term f the cntract; prices; sftware supprt and maintenance; training f emplyees; custmer service; rights t mdify existing services perfrmed under the cntract; warranty, cnfidentiality, indemnificatin, limitatin f liability and exit clauses; guidelines fr adding new r different services and fr cntract re-negtiatin; cmpliance with applicable regulatry requirements; recrds t be maintained by the service prvider; ntificatin f material changes t services, systems, cntrls and new service lcatins; insurance cverage t be maintained by the service prvider; and use f the Dealership s data, equipment, and system and applicatin sftware. The right f the Dealership t audit the service prvider s recrds, t btain dcumentatin regarding the reslutin f disclsed deficiencies, and t inspect the service prvider s facilities. Service Prviders will be required t agree cntractually t be respnsible fr securing and maintaining the cnfidentiality f custmer infrmatin, including agreement t refrain frm using r disclsing the Dealership s infrmatin, except as necessary t r cnsistent with prviding the cntracted services, t prtect against unauthrized use r disclsure f custmer and Dealership infrmatin, t cmply with applicable privacy regulatins, and t fully disclse breaches in security resulting in unauthrized access t infrmatin that may materially affect the Dealership r its custmers and t ntify the Dealership f the services prvider s crrective actin. Service prviders will be subject t nging assessment t evaluate their cnsistency with selectin criteria, perfrmance and financial cnditins, and cntract cmpliance. Managing System Failures The Prgram Crdinatr will implement audit and versight prcedures as he/she deems necessary t detect the imprper disclsure r theft f custmer infrmatin and t ensure that emplyees, independent cntractrs and service prviders are cmplying with ur Dealership s Privacy Plicies and Infrmatin Security Standards. If the Dealership s Privacy Plicies and Infrmatin Security Standards are breached, the Prgram Crdinatr will infrm, the f the Dealership. The Prgram Crdinatr and will take apprpriate steps t ntify cunsel, service prviders and custmers f any breach, damage r lss f infrmatin and the risks assciated with the same and will immediately take measures t limit the effect f the breach, identify the reasn fr the breach and implement prcedures t prevent further breaches. In the event f a breach, r at any ther time as the Prgram Crdinatr deems apprpriate, the Prgram Crdinatr may mdify r supplement ur Dealership s Privacy Plicies and Infrmatin Security Standards.

17 EMPLOYEE AGREEMENT TO COMPLY WITH PRIVACY POLICIES AND INFORMATION SECURITY STANDARDS Effective July 1, 2001, the Financial Services Mdernizatin Act f 1999, mre cmmnly knw as the Gramm- Leach-Bliley Act, requires financial institutins that cllect nnpublic persnal infrmatin abut custmers wh btain a financial prduct r service t: (1) Implement privacy plicies and prcedures t prtect the infrmatin they cllect; and (2) Prvide their custmers with certain ntices, including an Initial Privacy Plicy Ntice and, if applicable, an Annual Ntice. In additin, as f May 23, 2003, any financial institutin that cllects persnal infrmatin frm their custmers must cmply with the Federal Trade Cmmissin s Safeguards Rule, which requires financial institutins t develp a written infrmatin security plan that describes their prgram t prtect custmer infrmatin. In certain circumstances, ur Dealership is deemed t be a financial institutin fr purpses f the Gramm-Leach-Bliley Act and the Federal Trade Cmmissin s Implementing Rules. As a cnditin f yur emplyment with ur Dealership, yu agree t: 1. Read the Statement f Privacy Plicies and Infrmatin Security Standards and familiarize yurself with the infrmatin cntained therein. 2. Fllw ur prcedures fr prviding a cpy f ur Privacy Plicy t each custmer. 3. Fllw ur prcedures fr safeguarding and prtecting custmer infrmatin in accrdance with ur Statement f Privacy Plicies and Infrmatin Security Standards. BY SIGNING BELOW, I ACKNOWLEDGE THAT I HAVE RECEIVED AND READ THE STATEMENT OF PRIVACY POLICIES AND INFORMATION SECURITY STANDARDS AND AGREE TO COMPLY WITH THE PRIVACY POLICIES AND INFORMATION SECURITY STANDARDS AS SET FORTH THEREIN AS A CONDITION OF MY EMPLOYMENT. I FURTHER UNDERSTAND THAT THE FAILURE TO FOLLOW THE DEALERSHIP S PRIVACY POLICIES AND INFROMATION SECURITY STANDARDS MAY RESULT IN DISCIPLINARY ACTION, INCLUDING THE TERMINATION OF MY EMPLOYMENT. EMPLOYEE WITNESS DATE DATE

18 STATEMENT OF PRIVACY POLICIES AND INFORMATION SECURITY STANDARDS Effective July 1, 2001, the Financial Services Mdernizatin Act f 1999, mre cmmnly knw as the Gramm- Leach-Bliley Act, requires financial institutins that cllect nnpublic persnal infrmatin abut custmers wh btain a financial prduct r service t: (1) Implement privacy plicies and prcedures t prtect the infrmatin they cllect; and (2) Prvide the custmers with certain ntices, including an Initial Privacy Plicy Ntice and, if applicable, an Annual Ntice. In additin, as f May 23, 2003, any financial institutin that cllects persnal infrmatin frm their custmers must cmply with the Federal Trade Cmmissin s Safeguards Rule, which requires financial institutins t develp a written infrmatin security plan that describes their prgram t prtect custmer infrmatin. In certain circumstances, ur Dealership is deemed t be a financial institutin fr purpses f the Gramm-Leach-Bliley Act and the Federal Trade Cmmissin s Implementing Rules. The purpse f this Statement is t advise yu f yur respnsibilities as an Emplyee f ur Cmpany. As a cnditin f yur emplyment with ur Dealership, yu agree t: 1. Read this Statement f Privacy Plicies and Infrmatin Security Standards and familiarize yurself with the infrmatin cntained herein. 2. Fllw ur prcedures fr prviding a cpy f ur Privacy Plicy t each custmer. 3. Fllw ur prcedures fr safeguarding and prtecting custmer infrmatin in accrdance with ur Infrmatin Security Standards. OUR PRIVACY POLICY Emplyee are respnsible fr prviding a cpy f ur Privacy Plicy t each custmer: 1. That enters int an agreement r understanding fr assistance t btain a lan r financing, regardless f whether r nt financing is ever btained, as fllws: a. In persn when the custmer cmpletes a Credit Applicatin; b. By mail within day(s) f receipt f the infrmatin t cmplete a Credit Applicatin via the telephne; 2. When infrmatin is cllected in rder t assist the custmer t btain payff infrmatin n a trade-in vehicle; and 3. That purchases ther prducts r services (i.e. service cntracts, guaranteed autmbile prtectin (GAP) agreements r insurance) prir t cmpletin f the sale r lease transactin. OUR INFORMATION SECURITY STANDARDS Our Prgram Crdinatr We have appinted as the Prgram Crdinatr f ur Dealership s Infrmatin Security Prgram. It is the Prgram Crdinatr s respnsibility t design, implement and maintain privacy plicies and infrmatin safeguard standards as he/he determines t be necessary frm time t time. The Prgram Crdinatr will reprt directly t, the f the Dealership. In the event the Prgram Crdinatr ceases t be emplyed by the Dealership r is unable t perfrm his/her respnsibilities, shall take ver the respnsibilities f the Prgram Crdinatr until a new permanent Prgram Crdinatr is appinted.

19 Based upn the Prgram Crdinatr s risk assessment f ur Dealership s peratins, including emplyee management and training and ur infrmatin systems (i.e. infrmatin cllectin, prcessing, strage, transmissin and dispsal, and ptential system failures), the fllwing privacy plicies and infrmatin security standards have been adpted fr all f ur emplyees and any independent cntractrs. Individual emplyees may be given additinal respnsibilities as well. Cmpliance with ur Dealership s privacy plicies and infrmatin security standards is a cnditin f yur emplyment with us. Emplyee Interviewing, Hiring and Training All current and new emplyees, as well as independent cntractrs wh perfrm services n behalf f the Dealership, will: 1. Be subject t satisfactry reference and cnsumer/criminal reprt investigatins. 2. Participate in the Dealership s privacy plicies and infrmatin security standards training prgram and attend educatinal and training seminars n a regular basis. 3. Sign and acknwledge his/her agreement t ur Dealership s Statement f Privacy Plicies and Infrmatin Security Standards. 4. Be respnsible fr prtecting the cnfidentiality and security f the custmer infrmatin ur Dealership cllects and fr using the infrmatin in accrdance with ur Privacy Plicies. Obtaining Custmer Infrmatin and Verifying Custmer Identities The fllwing prcedures have been implemented with respect t btaining custmer infrmatin and verifying custmer identities: 1. Frms utilized by the Dealership request custmer infrmatin, such as names, addresses, telephne numbers, birth dates, scial security numbers, tax identificatin numbers, and driver s license and insurance infrmatin, t enable the Dealership t verify the identificatin f its custmers. 2. Emplyees must request t see the custmer s driver s license r ther frm f gvernment-issued identificatin bearing a phtgraph t verify the custmer s identity and will make a cpy f the same t retain in the custmer s file. If a custmer requests financing in cnnectin with a transactin, the custmer must cmplete a credit applicatin, prvide emplyment infrmatin and references, and authrize the Dealership t btain a credit reprt. Emplyees may als request cpies f the custmer s utility bills, bank r credit card statements and paycheck stubs. 3. In the event that custmer infrmatin prvided in dcumentatin is cnflicting r cannt be verified upn further inquiry, emplyees shall request additinal gvernment-issued dcumentatin evidencing the custmer s residence and bearing a phtgraph r ther safeguard (i.e. a scial security card, alien identificatin card, r passprt) t enable emplyees t frm a reasnable belief that they knw a custmer s true identity. If custmer infrmatin still cannt be verified, emplyees shall ntify the Prgram Crdinatr fr further instructins. 4. The Dealership has access t updated versins f the alphabetical master list f Specially Designated Natinals and Blcked Persns maintained by the Office f Freign Asset Cntrl (OFAC), which shuld be checked t ensure that ptential custmers d nt appear n the same. Prtecting the Cnfidentiality and Security f Custmer Infrmatin

20 Each emplyee is respnsible fr prtecting the cnfidentiality and security f the custmer infrmatin ur Dealership cllects and fr using the infrmatin in accrdance with ur Privacy Plicy. The fllwing security prcedures must be fllwed in rder t prtect ur custmer infrmatin: 1. Emplyees shall have access nly t that custmer infrmatin which is necessary t cmplete their designated respnsibilities. Emplyees shall nt access r prvide any ther unauthrized persn access t custmer infrmatin that is btained during the curse f emplyment. Emplyees must refer requests fr custmer infrmatin t the Prgram Crdinatr r apprpriate manager when such requests are nt received within the rdinary curse f the Dealership s business r are fr infrmatin that the emplyee is nt authrized t prvide. 2. All paper and electrnic recrds must be stred in secure lcatins t which nly authrized emplyees have access. Any paper recrds cntaining custmer infrmatin must be stred in a deal jacket r flder. Paper recrds must be stred in an ffice, desk, r file cabinet that is lcked when unattended. Electrnic recrds will be stred n a secure server that is lcated in a lcked rm and is accessible nly with a passwrd. Where apprpriate, recrds will be maintained in a fireprf file cabinet and/r at an ffsite lcatin. Custmers, vendrs and service prviders shall nt be left in an area with insecure custmer recrds. 3. Access t electrnic custmer infrmatin will be passwrd cntrlled. Every emplyee with access t the Dealership s cmputer system and electrnic recrds will have a unique passwrd cnsisting f at least characters, including numbers and letters. Only emplyees that need t access electrnic recrds will be prvided with passwrds. Passwrds may nt be psted near cmputers r shared any ther persn. 4. Emplyees that have access t the cmputer system and electrnic recrds may nt dwnlad any sftware r applicatins t ur Dealership cmputers r pen attachments frm unknwn surces. Emplyees must lg ff f any Internet, r ther accunt when it is nt in use. 5. Electrnic recrds may nt be dwnladed t a disk r individual cmputer withut explicit authrizatin frm the Prgram Crdinatr. If custmer infrmatin is transmitted electrnically ver external netwrks, emplyees must encrypt the infrmatin at the time f transmittal. 6. All data must be erased frm cmputers, disks, hard drives r any ther electrnic media that cntain custmer infrmatin befre dispsing f them and, where apprpriate, hard drives will be remved and destryed. Any paper recrds must be shredded and stred in a designated secure area until an authrized dispsal/recycling service picks it up. 7. Emplyees may nt remve any custmer infrmatin, whether cntained n paper recrds r electrnic recrds frm the Dealership r disclse ur security standards t any persn wh is nt emplyed by us withut authrizatin frm the Prgram Crdinatr. 8. Only that infrmatin which is necessary t cmplete a transactin initiated by the custmer, is specifically authrized t be disclsed by the custmer and/r is permitted t be disclsed by law shall be prvided t service prviders, marketers r any ther parties. If yu are unsure as t whether a specific disclsure is permitted, it is yur respnsibility t check with the Prgram Crdinatr r yur manager t verify that it is acceptable t release the infrmatin befre ding s. 9. Neither current nr frmer emplyees will be permitted t remve any custmer infrmatin frm the Dealership, whether cntained in paper recrds r electrnic recrds, r t disclse ur infrmatin security standards t any persn withut authrizatin frm the Prgram Crdinatr. 10. The Prgram Crdinatr r apprpriate manager shuld be ntified immediately f any attempts by unauthrized persns t btain access t custmer infrmatin and/r if any passwrd r custmer infrmatin is subject t unauthrized access.

21 11. When an emplyee ceases t be emplyed by the Dealership, he/she must turn in any keys that prvide access t the Dealership and file cabinets, desks, and ffices in the Dealership; passwrds and security cdes, if applicable, will be deleted. Disciplinary Actin Any emplyee that fails t abide by ur Statement f Privacy Plicies and Security Standards, whether such failure is intentinal r unintentinal, will be subject t apprpriate disciplinary actin, which may include terminatin f emplyment.

22 ADDENDUM This Addendum mdifies the ( Agreement ) entered int between ( Dealer ), and ( Cmpany ). By executing this Addendum, Dealer and Cmpany acknwledge and agree that this Addendum is incrprated int and made a part f the Agreement, the terms and prvisins f which, except as expressly mdified in this Addendum, are hereby affirmed and ratified by Dealer and Cmpany and remain in full frce and effect. It is agreed between the parties t the Agreement and this Addendum that, ntwithstanding anything t the cntrary cntained in the Agreement r in any ther dcuments pertaining t the Agreement, Dealer and Cmpany shall cmply with all privacy and data prtectin laws, rules and regulatins applicable nw and in the future. Withut limiting the generality f the preceding sentence, Dealer and Cmpany agree that they will implement and maintain apprpriate safeguards t prtect custmer infrmatin and that they will nt use r disclse nnpublic custmer infrmatin that they receive pursuant t the terms f this Agreement t any ther party, except as is reasnably necessary t fulfill the purpses fr which such infrmatin was prvided and as therwise permitted by applicable law. Fr purpses f this Addendum, the terms nnpublic persnal infrmatin and financial institutin shall have the meanings set frth in Sectin 509 f the Gramm-Leach-Bliley Act (P.L ) (15 U.S.C. Sectin 6809) and implementing regulatins theref. The prvisins cntained in this Addendum shall survive the terminatin r expiratin f the Agreement, by the expiratin f time, by peratin f law, r therwise. IN WITNESS HEREOF, and intending t be bund by the terms and cnditins heref, each f the parties has caused this Addendum t be executed by its duly authrized representative as f the respective dates set frth belw. Dealer: By: Its: Date: Cmpany: By: Its: Date:

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant

More information

VCU Payment Card Policy

VCU Payment Card Policy VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this

More information

GUIDANCE FOR BUSINESS ASSOCIATES

GUIDANCE FOR BUSINESS ASSOCIATES GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.

More information

Key Steps for Organizations in Responding to Privacy Breaches

Key Steps for Organizations in Responding to Privacy Breaches Key Steps fr Organizatins in Respnding t Privacy Breaches Purpse The purpse f this dcument is t prvide guidance t private sectr rganizatins, bth small and large, when a privacy breach ccurs. Organizatins

More information

First Global Data Corp.

First Global Data Corp. First Glbal Data Crp. Privacy Plicy As f February 23, 2015 Ding business with First Glbal Data Crp. ("First Glbal", First Glbal Mney, "we" r "us", which includes First Glbal Data Crp. s subsidiary, First

More information

WHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy

WHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy WHAT YOU NEED TO KNOW ABOUT Prtecting yur Privacy YOUR PRIVACY IS OUR PRIORITY Credit unins have a histry f respecting the privacy f ur members and custmers. Yur Bard f Directrs has adpted the Credit Unin

More information

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department

More information

Plus500CY Ltd. Statement on Privacy and Cookie Policy

Plus500CY Ltd. Statement on Privacy and Cookie Policy Plus500CY Ltd. Statement n Privacy and Ckie Plicy Statement n Privacy and Ckie Plicy This website is perated by Plus500CY Ltd. ("we, us r ur"). It is ur plicy t respect the cnfidentiality f infrmatin and

More information

DisplayNote Technologies Limited Data Protection Policy July 2014

DisplayNote Technologies Limited Data Protection Policy July 2014 DisplayNte Technlgies Limited Data Prtectin Plicy July 2014 1. Intrductin This dcument sets ut the bligatins f DisplayNte Technlgies Limited ( the Cmpany ) with regard t data prtectin and the rights f

More information

Data Protection Policy & Procedure

Data Protection Policy & Procedure Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015

More information

Guidelines for Custodians

Guidelines for Custodians Guidelines fr Custdians t assess cmpliance with the Persnal Health Infrmatin Privacy and Access Act (PHIPAA) This dcument is designed t help custdians evaluate readiness fr cmpliance with PHIPAA and t

More information

NYU Langone Medical Center NYU Hospitals Center NYU School of Medicine

NYU Langone Medical Center NYU Hospitals Center NYU School of Medicine Title: Identity Theft Prgram Effective Date: July 2009 NYU Langne Medical Center NYU Hspitals Center NYU Schl f Medicine POLICY It is the plicy f the NYU Langne Medical Center t educate and train staff

More information

Privacy and Security Training Policy (PS.Pol.051)

Privacy and Security Training Policy (PS.Pol.051) Privacy and Security Training Plicy (PS.Pl.051) Purpse T define the plicies and prcedures fr prviding privacy and security training in respect f the CnnectingGTA Slutin. Definitins Electrnic Service Prvider

More information

Personal Data Security Breach Management Policy

Personal Data Security Breach Management Policy Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner

More information

HIPAA HITECH ACT Compliance, Review and Training Services

HIPAA HITECH ACT Compliance, Review and Training Services Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical

More information

PRIVACY POLICY. This Privacy Policy describes how and when Pole Star USA, Inc. ( Pole Star ) collects, uses and

PRIVACY POLICY. This Privacy Policy describes how and when Pole Star USA, Inc. ( Pole Star ) collects, uses and PRIVACY POLICY This Privacy Plicy describes hw and when Ple Star USA, Inc. ( Ple Star ) cllects, uses and shares yur infrmatin when yu use Ple Star s NAO Clud Platfrm, which includes the Ple Star website

More information

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER This Audit Cmmittee Charter has been amended as f July 17, 2015. The Audit Cmmittee shall review and reassess this Charter annually and recmmend

More information

Texas Woman's University University Policy Manual

Texas Woman's University University Policy Manual Texas Wman's University University Plicy Manual Plicy Name: Plicy Number: 6.06 Date Passed: July 2004 Health Insurance Prtability& Accuntability Act (HIPAA) Date Reviewed: September 2008 Next Review: September

More information

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network 2361/Page 1 f 6 Hillsbrugh Bard f Educatin Acceptable Use Plicy fr Using the Hillsbrugh Twnship Public Schls Netwrk It is the gal f the HTPS (Hillsbrugh Twnship Public Schls) Netwrk t prmte educatinal

More information

FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT

FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT If using US Pstal Service, please return t: Califrnia Student Aid Cmmissin Prgram Administratin & Services Divisin ATTN: Institutinal Supprt P.O. Bx 419028

More information

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus

More information

Information Security Policy

Information Security Policy Purpse The risk t Charlestn Suthern University, its emplyees and students frm data lss and identity theft is f significant cncern t the University and can be reduced nly thrugh the cmbined effrts f every

More information

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy. Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive

More information

Project Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES

Project Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES Prject Open Hand Atlanta Effective Date: April 14, 2003 Health Insurance Prtability and Accuntability Act (HIPAA) The Health Insurance Prtability and Accuntability Act f 1996 (HIPAA) directs health care

More information

FAYETTEVILLE STATE UNIVERSITY

FAYETTEVILLE STATE UNIVERSITY FAYETTEVILLE STATE UNIVERSITY IDENTITY THEFT PREVENTION (RED FLAGS RULE) Authrity: Categry: Issued by the Fayetteville State University Bard f Trustees. University-Wide Applies t: Administratrs Faculty

More information

Hampton Roads Orthopaedics & Sports Medicine. Notice of Privacy Practices

Hampton Roads Orthopaedics & Sports Medicine. Notice of Privacy Practices This is being prvided t yu as a requirement f the privacy regulatins issued under the Health Insurance Prtability and Accuntability Act f 1996 (HIPAA). This ntice describes hw HROSM may use and disclse

More information

FINANCIAL OPTIONS. 2. For non-insured patients, payment is due on the day of service.

FINANCIAL OPTIONS. 2. For non-insured patients, payment is due on the day of service. FINANCIAL OPTIONS 1. Fr thse patients wh carry dental insurance, all c-payments are due n date f service. We will file yur claim as a service t yu, and will d ur very best t maximize yur benefits. We accept

More information

Audit Committee Charter

Audit Committee Charter Audit Cmmittee Charter Membership The Audit Cmmittee (the "Cmmittee") f the Bard f Directrs (the "Bard") f Philip Mrris Internatinal Inc. (the "Cmpany") shall cnsist f at least three directrs all f whm

More information

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin

More information

TrustED Briefing Series:

TrustED Briefing Series: TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers

More information

Process for Responding to Privacy Breaches

Process for Responding to Privacy Breaches Prcess fr Respnding t Privacy Breaches 1. Purpse 1.1 This dcument sets ut the steps that ministries must fllw when respnding t a privacy breach. It must be read in cnjunctin with the Infrmatin Incident

More information

Financial Planning Agreement

Financial Planning Agreement Financial Planning Agreement This Financial Planning Agreement, the ( Agreement ), dated as f, 20, is by and between Vulcan Investments LLC, 2100 SuthBridge Pkwy, Suite 650 Birmingham, AL. 35209, an investment

More information

Bill Payment Agreement & Disclosures

Bill Payment Agreement & Disclosures Bill Payment Agreement & Disclsures Welcme t Online Banking Bill Payment Service. Use f the Bill Payment Service indicates acceptance f terms and cnditins set frth in the Online Banking Agreement & Disclsures

More information

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021 Multi-Year Accessibility Plicy and Plan fr NSF Canada and NSF Internatinal Strategic Registratins Canada Cmpany, 2014-2021 This 2014-21 accessibility plan utlines the plicies and actins that NSF Canada

More information

Creating an Ethical Culture and Protecting Your Bottom Line:

Creating an Ethical Culture and Protecting Your Bottom Line: Creating an Ethical Culture and Prtecting Yur Bttm Line: Best Practices fr Crprate Cdes f Cnduct Nte: The infrmatin belw and all infrmatin n this website is nt meant t be taken as legal advice. Please

More information

THIRD PARTY PROCUREMENT PROCEDURES

THIRD PARTY PROCUREMENT PROCEDURES ADDENDUM #1 THIRD PARTY PROCUREMENT PROCEDURES NORTH CENTRAL TEXAS COUNCIL OF GOVERNMENTS TRANSPORTATION DEPARTMENT JUNE 2011 OVERVIEW These prcedures establish standards and guidelines fr the Nrth Central

More information

NAIC Replacement Requirements For Certain Life Insurance Policies And Annuity Contracts

NAIC Replacement Requirements For Certain Life Insurance Policies And Annuity Contracts NAIC Replacement Requirements Fr Certain Life Insurance Plicies And Annuity Cntracts Duties f Prducers If a transactin invlves a replacement, the prducer must leave with the applicant, at the time an applicatin

More information

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer RUTGERS POLICY Sectin: 70.1.1 Sectin Title: Infrmatin Technlgy Plicy Name: Acceptable Use Plicy fr Infrmatin Technlgy Resurces Frmerly Bk: N/A Apprval Authrity: Senir Vice President fr Administratin Respnsible

More information

Scotiabank Group Privacy Agreement

Scotiabank Group Privacy Agreement Sctiabank Grup Privacy Agreement Last revised Octber 2010 Yur privacy is imprtant t Sctiabank. This Agreement sets ut the infrmatin practices fr Sctiabank Grup Members in Canada, including what type f

More information

Unified Infrastructure/Organization Computer System/Software Use Policy

Unified Infrastructure/Organization Computer System/Software Use Policy Unified Infrastructure/Organizatin Cmputer System/Sftware Use Plicy 1. Statement f Respnsibility All emplyees are charged with the security and integrity f the cmputer system. Emplyees are asked t help

More information

Kentwood Police Department 4742 Walma Ave SE Kentwood, Michigan 49512 (616) 698-6580 http://www.ci.kentwood.mi.us REPORTING IDENTITY THEFT

Kentwood Police Department 4742 Walma Ave SE Kentwood, Michigan 49512 (616) 698-6580 http://www.ci.kentwood.mi.us REPORTING IDENTITY THEFT Kentwd Plice Department 4742 Walma Ave SE Kentwd, Michigan 49512 (616) 698-6580 http://www.ci.kentwd.mi.us REPORTING IDENTITY THEFT If yu are the victim f identity theft and ne f the fllwing cnditins are

More information

HIPAA Notice of Privacy Practices. Central Ohio Surgical Associates, Inc.

HIPAA Notice of Privacy Practices. Central Ohio Surgical Associates, Inc. HIPAA Ntice f Privacy Practices Central Ohi Surgical Assciates, Inc. THIS NOTICE OF PRIVACY PRACTICES (THE NOTICE ) DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN

More information

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the

More information

Credit Work Group Recommendation

Credit Work Group Recommendation Credit Wrk Grup Recmmendatin T: Credit Wrk Grup Frm: Mike Bixby (305) 829-5549 mbixby@inf1team.cm Paul Wills (770) 740-7353 Paul.Wills@equifax.cm Date: Octber 7, 2004 Re: FACT Act Implicatins and Recmmendatins

More information

Sources of Federal Government and Employee Information

Sources of Federal Government and Employee Information Inf Surce Surces f Federal Gvernment and Emplyee Infrmatin Ridley Terminals Inc. TABLE OF CONTENTS General Infrmatin Intrductin t Inf Surce Backgrund Respnsibilities Institutinal Functins, Prgram and Activities

More information

expertise hp services valupack consulting description security review service for Linux

expertise hp services valupack consulting description security review service for Linux expertise hp services valupack cnsulting descriptin security review service fr Linux Cpyright services prvided, infrmatin is prtected under cpyright by Hewlett-Packard Cmpany Unpublished Wrk -- ALL RIGHTS

More information

UNITED STATES SECURITIES AND EXCHANGE COMMISSION Washington, D.C. 20549 FORM WB-DEC

UNITED STATES SECURITIES AND EXCHANGE COMMISSION Washington, D.C. 20549 FORM WB-DEC UNITED STATES SECURITIES AND EXCHANGE COMMISSION Washingtn, D.C. 20549 FORM WB-DEC DECLARATION OF ORIGINAL INFORMATION SUBMITTED PURSUANT TO SECTION 21F OF THE SECURITIES EXCHANGE ACT OF 1934 A. SUBMITTER

More information

Merchant Processes and Procedures

Merchant Processes and Procedures Merchant Prcesses and Prcedures Table f Cntents EXHIBIT C 1. MERCHANT INTRODUCTION TO T-CHEK 3 1.1 Wh is T-Chek Systems? 3 1.2 Hw t Cntact T-Chek Systems 3 1.3 Hw t Recgnize T-Chek Frms f Payment 3 1.3.1

More information

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337 HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders

More information

GOVERNORS PHARMACY HIPAA NOTICE OF PRIVACY PRACTICES For Your Protected Health Information

GOVERNORS PHARMACY HIPAA NOTICE OF PRIVACY PRACTICES For Your Protected Health Information GOVERNORS PHARMACY HIPAA NOTICE OF PRIVACY PRACTICES Fr Yur Prtected Health Infrmatin THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS

More information

Health Insurance Portability and Accountability Act

Health Insurance Portability and Accountability Act Health Insurance Prtability and Accuntability Act Frm Wikipedia, the free encyclpedia. (Redirected frm HIPAA) Jump t: navigatin, search The Health Insurance Prtability and Accuntability Act (HIPAA) was

More information

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Department f Health and Human Services OFFICE OF INSPECTOR GENERAL PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Inquiries abut this reprt may be addressed t the Office f Public Affairs

More information

TITLE: Supplier Contracting Guidelines Process: FIN_PS_PSG_050 Replaces: Manual Sections 6.4, 7.1, 7.5, 7.6, 7.11 Effective Date: 10/1/2014 Contents

TITLE: Supplier Contracting Guidelines Process: FIN_PS_PSG_050 Replaces: Manual Sections 6.4, 7.1, 7.5, 7.6, 7.11 Effective Date: 10/1/2014 Contents TITLE: Supplier Cntracting Guidelines Prcess: FIN_PS_PSG_050 Replaces: Manual Sectins 6.4, 7.1, 7.5, 7.6, 7.11 Cntents 1 Abut university supplier cntracting... 2 2 When is a cntract required?... 2 3 Wh

More information

DATE APPROVED March 2011. Version Date Comments / Changes 1.0 March 2011 Initial policy released

DATE APPROVED March 2011. Version Date Comments / Changes 1.0 March 2011 Initial policy released Page 1 f 11 APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial plicy released 1. PURPOSE OF THIS POLICY T define the purpses fr which Crprate Purchase Cards are t be used

More information

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply Sectin 1 General Infrmatin RFR Number: (Reference BPO Number) Functinal Area (Enter One Only) F50B3400026 7 Infrmatin System Security Labr Categry A single supprt resurce may be engaged fr a perid nt t

More information

To Receive CPE Credit

To Receive CPE Credit Trends in ACH Fraud & Risk Management Jhn A. Mills, AAP Supervising Cnsultant jmills@bkd.cm 314.231.5544 March 28, 2013 T Receive CPE Credit Participate in entire webinar Answer plls when they are prvided

More information

Online Banking Agreement

Online Banking Agreement Online Banking Agreement 1. General This Online Banking Agreement, which may be amended frm time t time by us (this "Agreement"), fr accessing yur Clrad Federal Savings Bank accunt(s) via the Internet

More information

Data Protection Act Data security breach management

Data Protection Act Data security breach management Data Prtectin Act Data security breach management The seventh data prtectin principle requires that rganisatins prcessing persnal data take apprpriate measures against unauthrised r unlawful prcessing

More information

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF UPLAND SOFTWARE, INC.

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF UPLAND SOFTWARE, INC. CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF UPLAND SOFTWARE, INC. PURPOSE The purpse f the Cmpensatin Cmmittee f the Bard f Directrs (the Bard ) f Upland Sftware, Inc. (the Cmpany

More information

We will record and prepare documents based off the information presented

We will record and prepare documents based off the information presented Dear Client: We appreciate the pprtunity f wrking with yu regarding yur Payrll needs. T ensure a cmplete understanding between us, we are setting frth the pertinent infrmatin abut the services that we

More information

CMS Eligibility Requirements Checklist for MSSP ACO Participation

CMS Eligibility Requirements Checklist for MSSP ACO Participation ATTACHMENT 1 CMS Eligibility Requirements Checklist fr MSSP ACO Participatin 1. General Eligibility Requirements ACO participants wrk tgether t manage and crdinate care fr Medicare fee-fr-service beneficiaries.

More information

SECTION I.4 AUDIT ENGAGEMENT WORKING PAPERS

SECTION I.4 AUDIT ENGAGEMENT WORKING PAPERS SECTION I.4 AUDIT ENGAGEMENT WORKING PAPERS Ref. Plicy and Practice Requirements IIA Standards references I.4 1 Plicy: Wrking papers shall be prepared fr each audit engagement t recrd wrk perfrmed and

More information

Symantec User Authentication Service Level Agreement

Symantec User Authentication Service Level Agreement Symantec User Authenticatin Service Level Agreement Overview and Scpe This Symantec User Authenticatin service level agreement ( SLA ) applies t Symantec User Authenticatin prducts/services, such as Managed

More information

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released Page 1 f 6 Vice President, Infrmatics and Transfrmatin Supprt APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial Plicy Released INTENT / PURPOSE The Infrmatin and Data Gvernance

More information

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014 State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)

More information

- Upfront fee of $ + GST - Ongoing fee commencing immediately after plan implementation of $20.00 + GST per fortnight.

- Upfront fee of $ + GST - Ongoing fee commencing immediately after plan implementation of $20.00 + GST per fortnight. Cntract f engagement This cntract f engagement is between FSB 4 Financial Limited (the adviser) and (the client). Purpse This cntract establishes the relatinship between the adviser and the client relating

More information

Columbine Federal Credit Union ONLINE BANKING/ BILL PAYMENT AGREEMENT & DISCLOSURES AND PRIV ACY DISCLOSURE

Columbine Federal Credit Union ONLINE BANKING/ BILL PAYMENT AGREEMENT & DISCLOSURES AND PRIV ACY DISCLOSURE Clumbine Federal Credit Unin ONLINE BANKING/ BILL PAYMENT AGREEMENT & DISCLOSURES AND PRIV ACY DISCLOSURE 1. Online Banking/Bill Payment 2. Online Banking/ Bill Payment Limitatins 3. Online Bill Payment

More information

Cloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013

Cloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013 Clud-based File Sharing: Privacy and Security Tutrial Institutinal Cmpliance Office July 2013 Patient Data in the Clud Prtecting patient privacy is ne f MD Andersn s greatest respnsibilities Technlgies

More information

Privacy Breach and Complaint Protocol

Privacy Breach and Complaint Protocol Privacy Breach and Cmplaint Prtcl Effective: December 31, 2012 Apprved by: Le McKenna, CFO 1.0 General Privacy breaches and privacy cmplaints will be handled in accrdance with this prtcl. This prtcl is

More information

DATA REQUEST GUIDELINES

DATA REQUEST GUIDELINES DATA REQUEST GUIDELINES This dcument describes prcedures law enfrcement authrities and individuals invlved in civil litigatin shuld fllw t request data frm LinkedIn and its affiliated service prviders.

More information

Employees - recruitment, records and monitoring

Employees - recruitment, records and monitoring Emplyees - recruitment, recrds and mnitring This guidance has been prduced t help rganisatins cmply with the Data Prtectin Act (DPA) when recruiting and emplying wrkers. It is relevant t public sectr emplyers,

More information

IN-HOUSE OR OUTSOURCED BILLING

IN-HOUSE OR OUTSOURCED BILLING IN-HOUSE OR OUTSOURCED BILLING Medical billing is ne f the mst cmplicated aspects f running a medical practice. With thusands f pssible cdes fr diagnses and prcedures, and multiple payers, the ability

More information

2.1 All SHR Users are responsible for the security of SHR systems/applications, resources and information.

2.1 All SHR Users are responsible for the security of SHR systems/applications, resources and information. POLICY Number: 7311-25-004 Title: Saskatn Health Regin User Accunt Plicy Authrizatin [ ] President and CEO [X] Vice President, Finance and Crprate Services Surce: Directr, Infrmatin Technlgy Services Crss

More information

Information Services Hosting Arrangements

Information Services Hosting Arrangements Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based

More information

Frequently Asked Questions About I-9 Compliance

Frequently Asked Questions About I-9 Compliance Frequently Asked Questins Abut I-9 Cmpliance What is required t verify wrk authrizatin? The basic requirement t verify wrk authrizatin is the Frm I-9. This frm is available n the HR website: http://www.fit.edu/hr/dcuments/frms/i-9.pdf

More information

Purpose Statement. Objectives

Purpose Statement. Objectives Apprved by Academic Affairs Cuncil, June 24, 2014 Faculty Handbk Part VI: Other Plicies and Prcedures Sectin R. Intellectual Prperty Classified Emplyee Handbk Part VI: Other Plicies and Prcedures Sectin

More information

What Information Is Collected and How Is It Collected?

What Information Is Collected and How Is It Collected? RCI PRIVACY NOTICE RCI Pacific Pty Ltd is cncerned abut privacy issues and wants yu t be familiar with hw we cllect, use and disclse infrmatin. This Privacy Ntice describes ur practices in cnnectin with

More information

PRIVACY IMPACT ASSESSMENT (PIA) For the. icompliants. Department of Defense Education Activity (DoDEA) - Headquarters

PRIVACY IMPACT ASSESSMENT (PIA) For the. icompliants. Department of Defense Education Activity (DoDEA) - Headquarters PRIVACY IMPACT ASSESSMENT (PIA) Fr the icompliants Department f Defense Educatin Activity (DDEA) - Headquarters SECTION 1: IS A PIA REQUIRED? a. Will this Department f Defense (000) infrmatin system r

More information

FORM ADV (Paper Version) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS

FORM ADV (Paper Version) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS APPENDIX A FORM ADV (Paper Versin) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS Frm ADV: General Instructins Read these instructins carefully befre

More information

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013 Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004J Payment Card Industry (PCI) Patch Management (prpsed) 01.1 Purpse The purpse f the Patch

More information

Privacy Policy. What personally identifying information is collected on or through the Frames Data Online Site?

Privacy Policy. What personally identifying information is collected on or through the Frames Data Online Site? Privacy Plicy Welcme t www.framesdata.cm! This site (the Frames Data Online Site ) is wned by Frames Data Inc. ("FDI" r we ), a subsidiary f Jbsn Medical Infrmatin LLC ("JMI") and its parent, Jbsn Healthcare

More information

Third Party Originator Application

Third Party Originator Application Third Party Originatr Applicatin Applicant Infrmatin Third Party Name: Primary Address: City: State: Zip Cde: Primary Cntact: Telephne Number: Email Address: Fax Number: Website Address: Branch Lcatins

More information

Key Steps to Responding to Privacy Breaches. Nova Scotia Freedom of Information and Protection of Privacy Review Office

Key Steps to Responding to Privacy Breaches. Nova Scotia Freedom of Information and Protection of Privacy Review Office Key Steps t Respnding t Privacy Breaches Nva Sctia Freedm f Infrmatin and Prtectin f Privacy Review Office ~ 1 ~ ~ 1 ~ 1 ~ Key Steps t Respnding t Privacy Breaches 1 Key Key Steps Steps t t Respnding

More information

Frequently Asked Questions about the Faith A. Fields Nursing Scholarship Loan

Frequently Asked Questions about the Faith A. Fields Nursing Scholarship Loan ARKANSAS STATE BOARD OF NURSING 1123 S. University Avenue, Suite 800, University Twer Building, Little Rck, AR 72204 Phne: (501) 686-2700 Fax: (501) 686-2714 www.arsbn.rg Frequently Asked Questins abut

More information

Preventing Identity Theft

Preventing Identity Theft Preventing Identity Theft Each year, millins f Americans have their identity stlen. ENG Lending wants yu t have the infrmatin yu need t prtect yurself against identity theft. While there are n guarantees

More information

New York Institute of Technology Faculty and Staff Email Retention Policy

New York Institute of Technology Faculty and Staff Email Retention Policy New Yrk Institute f Technlgy Faculty and Staff Email Retentin Plicy Nvember 2013 I. PURPOSE As electrnic mail (email) has becme the primary frm f cmmunicatin at NYIT and thrughut the wrld, the vlume f

More information

A96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015

A96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries Revisin 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries TABLE OF CONTENTS TABLE OF CONTENTS... 1 CALA POLICY

More information

Letter of Engagement. as instructed from time to time in respect of your/the company/trusts affairs

Letter of Engagement. as instructed from time to time in respect of your/the company/trusts affairs We enclse material which sets ut: Letter f Engagement Infrmatin fr clients which lawyers are required by the New Zealand Law Sciety t prvide; and Our standard terms f engagement. Services t be prvided

More information

Malpractice and Maladministration Policy

Malpractice and Maladministration Policy TR340 Malpractice and Maladministratin Plicy This plicy aims t: Define malpractice and maladministratin in the cntext f CIM/CAM studying members, Accredited study centres (ASCs), examinatin centres, invigilatrs

More information

CLEARANCE REVIEWS FOR STUDENT RESTRICTION ISSUES OTHER THAN ACADEMIC PROGRESS

CLEARANCE REVIEWS FOR STUDENT RESTRICTION ISSUES OTHER THAN ACADEMIC PROGRESS CLEARANCE REVIEWS FOR STUDENT RESTRICTION ISSUES OTHER THAN ACADEMIC PROGRESS Only the Ministry f Training, Clleges & Universities can cnsider clearance reviews fr mst ther student restrictin issues. These

More information

REQUEST FOR PROPOSAL SECURITY SERVICES

REQUEST FOR PROPOSAL SECURITY SERVICES REQUEST FOR PROPOSAL SECURITY SERVICES Sectin I INTRODUCTION [Cmpany] is seeking prpsals frm qualified Cntractrs t prvide unifrmed security service fr [Cmpany] facilities at [Lcatin(s)]. This dcument is

More information

Systems Support - Extended

Systems Support - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets

More information

TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY

TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY REFERENCE NUMBER: 14/103368 RESPONSIBLE DEPARTMENT: Crprate Services APPLICABLE LEGISLATION: State Recrds Act 1997 Lcal Gvernment Act 1999 Crpratins Act

More information

Financial Accountability Handbook

Financial Accountability Handbook Financial Accuntability Handbk >> Vlume 5 Reprting Systems Infrmatin Sheet 5.2 Preparatin f Financial Statements Intrductin The Financial Accuntability Act 2009 (the Act) and the Financial and Perfrmance

More information

Consumer ebanking Account and Services Agreement

Consumer ebanking Account and Services Agreement Cnsumer ebanking Accunt and Services Agreement Intrductin: As used in this agreement, the wrds yu and yur refer t the accunt hlder(s) and the wrds Bank, us, and we refer t CnnectOne Bank. Cnsumer ebanking:

More information

Chapter 7 Business Continuity and Risk Management

Chapter 7 Business Continuity and Risk Management Chapter 7 Business Cntinuity and Risk Management Sectin 01 Business Cntinuity Management 070101 Initiating the Business Cntinuity Plan (BCP) Purpse: T establish the apprpriate level f business cntinuity

More information

Remote Working (Policy & Procedure)

Remote Working (Policy & Procedure) Remte Wrking (Plicy & Prcedure) Publicatin Scheme Y/N Department f Origin Plicy Hlder Authrs Can be published n Frce Website Prfessinal Standards Department (PSD) Ch Supt Head f PSD IT Security Officer

More information

Process Safety Management Program for Contractors

Process Safety Management Program for Contractors Page 1 f 6 Sect: 1.0 Purpse 2.0 Scpe This sectin cntains requirements fr Ardent (Cntract Emplyer) and ur subcntractrs fr the purpse f assisting ur clients in preventing r minimizing the cnsequences f catastrphic

More information

A. Early Case Assessment

A. Early Case Assessment Electrnic Discvery Reference Mdel Standards fr the identificatin f electrnically stred infrmatin in discvery http://www.edrm.net/resurces/standards/identificatin A. Early Case Assessment Once a triggering

More information