North Carolina Department of Cultural Resources Division of Historical Resources Archives & Records Section Government Records Branch

Size: px
Start display at page:

Download "North Carolina Department of Cultural Resources Division of Historical Resources Archives & Records Section Government Records Branch"

Transcription

1 Nrth Carlina Department f Cultural Resurces Divisin f Histrical Resurces Archives & Recrds Sectin Gvernment Recrds Branch as a Public Recrd in Nrth Carlina: A Plicy fr Its Retentin and Dispsitin Revised July 2009

2 Table f Cntents 1 General Plicies Purpse f this Plicy Key Definitins Ownership f Messages Staff Wh Telewrk r Travel Use f Persnal Accunts Use f Alternate Technlgies Plicy Review and Updating 6 2 Managing Messages as Public Recrds Classifying Messages Managing Retentin and Dispsitin Backups Preservatin 9 3 Access t Messages Cnfidentiality 10 4 E-Discveries 10 5 Apprpriate Use f Respnsibility fr Apprpriate Use Inapprpriate Uses f Enfrcing Apprpriate Use 12 6 Technical Security 13 7 Staff Departure 13 8 Training 14 9 Relatinships with Existing Plicies Cnclusins 15 Department f Cultural Resurces Plicy (Revised July 2009) Page 2

3 11 Cntact Infrmatin fr Gvernment Recrds 15 Appendixes 17 Appendix 1 Definitins 17 Appendix 2 Plicies Applicable t Executive Branch Emplyees 19 Bibligraphy 20 Department f Cultural Resurces Plicy (Revised July 2009) Page 3

4 1 General Plicies 1.1 Purpse f this Plicy Increasingly, public emplyees rely n electrnic mail ( ) as a quick and useful cmmunicatin tl fr carrying ut gvernment business. Emplyees regularly use the system t carry ut daily activities such as sending and receiving reprts, plicies, fficial memranda, and crrespndence, and fr supprting varius ther business-related prcesses and transactins f their agency. Like paper recrds, certain messages have administrative, fiscal, legal, reference, and/r archival value. These State recrds may cntain evidence f a particular actin, have infrmatin that prtects the rights f individuals r the gvernment, dcument decisins made during the curse f state business, r have lasting histrical r cultural value. Therefre, sme messages must be kept as a recrd t satisfy agency needs, recrd-keeping requirements, and t cmply with the law. While system administratrs are respnsible fr system security and perfrmance, individual users are respnsible fr managing state recrds effectively and efficiently, regardless f the technlgy used t create the recrds. This plicy and crrespnding guidelines serve several purpses. The plicy ensures that recrds created, sent, and received thrugh the system are managed in agreement with the established legal requirements fr creating, maintaining, and dispsing f all gvernment recrds. It helps users t classify messages and make them available fr public infrmatin requests, and prvides guidance n hw t retain and dispse f messages t satisfy business needs, prgrams, and recrd-keeping requirements. The guidelines prmte best practices and ffer ideas and suggestins that can help in the effective management and retentin f electrnic messages as public recrds. 1.2 Key Definitins The term " " can be cnfusing because it can mean the system, the messages distributed by the system, and the act f sending r receiving messages. Fr the purpse f this plicy systems allw cmputer users t create, send, receive, and stre messages, graphics, and smetimes sunds and animated images ver a cmputer netwrk. The NCMail Service is ne f the systems that prvide accunts t gvernment emplyees thrugh their agencies r departments. An message is a single electrnic mail message. The user cmpses a message using a sftware applicatin such as Micrsft Outlk. The message ften cntains a header (r infrmatin abut the sender and receiver), bdy (including the cntent f the message, signature and applicable disclaimers), and attachments. An message is nt a secure cmmunicatin and is similar t sending a pstcard using cnventinal mail. Additinal definitins are in Appendix 1. Department f Cultural Resurces Plicy (Revised July 2009) Page 4

5 1.3 Ownership f Messages Any recrds including messages created, received, and/r used n cmputers r mbile/prtable cmputing devices wned r perated by the State r lcal cunties and municipalities are gvernment prperty and d nt belng t yu, ther emplyees, r any third parties. 1 Accrdingly, public emplyees wh use gvernment infrmatin systems shuld have n expectatin f privacy unless expressly granted by their agency r lcal gvernment Staff Wh Telewrk r Travel Public emplyees wh have been apprved t telewrk r use mbile/prtable cmputing devices must cmply with all infrmatin technlgy security plicies, including the agency and statewide acceptable use plicies, as applicable. T ensure prper recvery and restratin f data files, ffsite emplyees with laptps r ther mbile/prtable cmputing devices are required t back up their infrmatin including messages daily r as sn as practicable. When a mbile/prtable cmputer is utside a secure area, the backup medium must be kept separate frm the mbile/prtable cmputer. 3 Please cnsult with yur infrmatin technlgy (IT) department t help with this prcess. If yu have a persnal mbile device, yu shuld nt frward yur wrk t it, as wrk data is then stred n a persnal device and is susceptible t ptential security risks. Please cnsult with yur infrmatin technlgy department befre using a persnal mbile device fr wrk. 1.5 Use f Persnal Accunts Due t the challenging nature f capturing the infrmatin in persnal accunts (such as Gmail r Yah ), the use f these accunts t cnduct fficial gvernment business is strngly discuraged. If a persnal accunt is used fr gvernment business, emplyees are required t frward all messages t their gvernment accunt. Thse emplyees wh d nt have a gvernment accunt are expected t print thse messages fllwing the terms f a recrds retentin and dispsitin schedule. Executive Branch emplyees wh cnduct State business via persnal accunts shall ensure that all public recrds are retained in accrdance with Executive Order 18 and are retained pursuant t the Public Recrds Law and applicable recrd retentin schedules. 4 Members f gverning bards wh use persnal accunts t cnduct business manage their s accrding t the recrds retentin schedules and frward the message t the bard s fficial recrd keeping entity. If smene has nt been appinted, we encurage yu t identify the apprpriate entity. 1.6 Use f Alternate Technlgies Public emplyees may nt use Instant Messaging (IM) r ther alternate technlgies unless the risks have been identified and apprpriate risk mitigatin measures have been implemented r an apprved deviatin frm the Security Manual standard has been btained frm the State Chief Infrmatin Officer. 5 If an emplyee has been apprved t use an alternate technlgy, all messages created, received, r sent using IM, Shrt Messaging Services (SMS), mbile 1 Mdified frm the DCR Plicy Regarding the Use f the Internet and the Use and Privacy f Electrnic Mail (September 1, 1999). 2 State f Nrth Carlina Statewide Infrmatin Security Manual Chapter 2, Standard Security Manual Chapter 3, Standard Executive Order N. 18 (issued July 7, 2009). 5 Security Manual Chapter 3, Standard Department f Cultural Resurces Plicy (Revised July 2009) Page 5

6 devices (such as BlackBerry ) r ther alternate technlgies during the curse f gvernment business are t be managed with the same care as messages, which includes activating the audit lg and frwarding all messages t their gvernment accunt. All messages created, received, r sent using alternate technlgies are subject t the rules utlined in this plicy. Emplyees at lcal agencies shuld cnsult with their IT department t determine use f alternate technlgies. 1.7 Plicy Review and Updating T ensure that this plicy is current and relevant, it will be reviewed and updated as needed. This includes any updates resulting in the selectin and implementatin f the archive system as described in Executive Order N Managing Messages as Public Recrds 2.1 Classifying Messages Certain messages, including thse with attachments, have administrative, fiscal, legal, reference, and/r archival value. As such, they must be kept as a recrd t satisfy agency needs, recrd-keeping requirements, and t cmply with the law. Hwever, nt every message that enters r leaves the system is a public recrd as defined by Nrth Carlina General Statute (N.C.G.S.) 132. Sme messages may be public recrds but may als be cnsidered cnfidential by statute and shuld be treated accrdingly (see Sectins 3 and 5.4 fr specifics). It is the emplyee s respnsibility t classify and manage messages in accrdance with their recrds retentin and dispsitin schedule. An message is cnsidered t be a public recrd when made r received pursuant t law r rdinance in cnnectin with the transactin f public business by any agency f Nrth Carlina gvernment r its subdivisins. Nrth Carlina General Statutes (N.C.G.S.) 121-2(8) and 132-1(a) prvide the fllwing definitin: Public recrd r public recrds shall mean all dcuments, papers, letters, maps, bks, phtgraphs, films, sund recrdings, magnetic r ther tapes, electrnic data prcessing recrds, artifacts, r ther dcumentary material, regardless f physical frm r characteristics [emphasis added], made r received pursuant t law r rdinance r in cnnectin with the transactin f public business by any agency f Nrth Carlina gvernment r its subdivisins. Sme examples f messages that are public recrds and therefre cvered by this plicy include: plicies r directives; final drafts r reprts and recmmendatins; crrespndence and mems related t fficial business; wrk schedules and assignments; meeting agendas r minutes; any dcument r message that initiates, facilitates, authrizes, r cmpletes a business Department f Cultural Resurces Plicy (Revised July 2009) Page 6

7 transactin; and messages that create a precedent, such as issuing instructins r advice. If an message is nt created r received as part f the business f gvernment, it is cnsidered t be nn-recrd material. Examples include: Persnal messages are thse received frm family, friends, r wrk clleagues which have nthing t d with cnducting daily gvernment business. accunts may be used fr limited family r persnal cmmunicatins s lng as thse cmmunicatins d nt interfere with their wrk. 6 Emplyees subject t Executive Order N. 18 shuld have n expectatin f privacy in their electrnic crrespndence, and all emplyees shall assume that infrmatin n the State s system is subject t public review. Spam is electrnic junk mail and is similar t the advertising mail received at hme. It is cmpletely unslicited and unwanted and is clearly nt related t the transactin f state business, therefre it is cnsidered t be nn-recrd material. While there are tls and techniques fr restricting the amunt f spam received, there is currently n way t keep it ut cmpletely withut interfering with the ability t receive imprtant messages. See Sectin 4 Technical Security in the Guidelines fr the handling and dispsal f spam. Unslicited s are messages that may be unwanted, but are smewhat business related. These culd include nn wrk-related messages frm cwrkers such as miscellaneus news articles, nn-wrk related annuncements, etc. As with persnal messages, these shuld be deleted in a timely manner. See Sectin 1 Creating Messages in the Guidelines fr practical appraches fr cmpsing prper business messages. 2.2 Managing Retentin and Dispsitin As public recrds, messages are subject t the same retentin and dispsitin requirements as recrds in anther frmat r medium, such as paper r micrfilm. Cnsequently, public emplyees in bth state and lcal gvernment wh use as part f their wrk are respnsible fr keeping r destrying messages fllwing the terms f a recrds retentin and dispsitin schedule. Emplyees can refer t their agency s recrds retentin and dispsitin schedule, the General Schedule fr State Agency Recrds, r the Retentin and Dispsitin Schedules fr Cunties and Municipalities fr specific details. Please cnsult the Gvernment Recrds Branch Web site at fr schedules and additinal infrmatin. Public emplyees are required t be familiar with and cmply with all applicable recrd-keeping practices and respnsibilities mandated by their agency, the State CIO, their recrds retentin and dispsitin schedules, r ther fficial guidelines r plicies t understand s functin in relatin t carrying ut thse duties. Shuld an agency r lcal entity lack an apprved recrds retentin and dispsitin schedule, it may nt destry r therwise dispse f any recrds in its custdy, whether in electrnic, paper, r ther frmat (including electrnic mail), which are nt s authrized by ne f the schedules referred t abve. 7 Please cntact the Gvernment Recrds Branch f the Archives and Recrds Sectin fr assistance. 6 Executive Order N. 18 (issued July 7, 2009). 7 Public Recrds with Shrt-Term Value. Department f Cultural Resurces Plicy (Revised July 2009) Page 7

8 The cntent f the message, the reasn it was created, and the administrative, fiscal, legal, and/r histrical value f the message t the agency determines what kind f recrd it is. messages may have ne f three different values depending n the cntent and functin f the message t the agency. Please nte that public emplyees f Executive Branch agencies are subject t additinal retentin and dispsitin plicies (see item numbers 5 and 11 in Appendix 2) as utlined in Executive Order N Shrt-term recrds are temprary in nature. Mst messages fall int this categry. Sme examples f these types f messages are cmmunicatins received frm prfessinal listservs and brad annuncements received by all emplyees. They have n significant value t an agency fr dcumenting plicy, establishing guidelines r prcedures, r verifying transactins. 2. Lng-term recrds have significant value t the agency but d nt need t be maintained permanently. The retentin value is generally determined by assessing the recrd s administrative, fiscal, r legal value. 3. Permanent recrds are recrds that have lasting histrical value because they dcument r cnstitute evidence f state plicies, decisins, prcedures, and essential transactins. Once it has been determined that an message is a recrd that needs t be retained, it needs t be rganized and stred until it is ready t be transferred t a repsitry authrized t appraise, preserve, and prvide access t thse messages. See Sectin 2 Managing Yur Inbx in the Guidelines fr practical appraches fr managing, string, and rganizing messages. Als see the NC Retentin Checklist (http://www.recrds.ncdcr.gv/erecrds/ checklist.pdf) fr additinal tips n which messages t retain. 2.3 Backups As part f the infrastructure, the Office f Infrmatin Technlgy Services (ITS) perfrms regular system backups fr thse state and lcal gvernment agencies participating in the shared services in rder t aid in the restratin f recrds t the message stre and t prvide business recvery capability. ITS will prcure an archive system t preserve messages as sn as practicable and prvide that system t all agencies fr which it prvides services. 8 Agencies nt using ITS s shared services will be expected t secure an archiving prgram in rder t be cmpliant with Executive Order N messages stred in flders nt n the NCMail server are nt subject t the backup cycle. Emplyees need t perfrm backups n the messages filed n their hard drive r make arrangements t stre thse files n their agency server t prtect frm system failures, unintentinal deletins, r tampering. Telewrkers r thse emplyees wh use mbile/prtable cmputing devices must dwnlad their messages t the agency s netwrk drives daily. 8 Executive Order N. 18. Department f Cultural Resurces Plicy (Revised July 2009) Page 8

9 Fr lcal emplyees r emplyees f state gvernment agencies wh d nt participate in the shared service, cnsult with yur ffice infrmatin technlgy staff regarding the backup and recvery cycle. messages stred in flders nt n the gvernment server are nt subject t a backup cycle. Emplyees need t perfrm backups n the messages filed n their hard drives r make arrangements t stre thse files n their agency server. Please nte that messages sent and received by public emplyees f the Executive Branch agencies are subject t additinal backup requirements (see item number 8 and 9 in Appendix 2) as utlined in Executive Order N Preservatin Emplyees respnsible fr the lng-term preservatin f public recrds shuld cnsult with the Nrth Carlina Department f Cultural Resurces (DCR) staff t select acceptable media that will prtect the integrity f data stred n thse media as lng as the data are kept. 9 DCR diligently cntinues t address the challenges f preserving electrnic mail ver their life-span s they can remain usable and authentic fr future users. See Sectin 2 Managing Yur Inbx in the Guidelines fr practical appraches fr preserving messages fr lng-term use. 3 Access t Messages messages are public recrds that are pen and accessible t the public under the same cnditins as all ther types f gvernment recrds, prvided they d nt cntain cnfidential infrmatin. Therefre, all emplyees must assume that all nn-cnfidential infrmatin n gvernment systems is subject t public view and t review by state fficials. 10 Cnfidential infrmatin is prtected by the Nrth Carlina General Statute r ther applicable statutes and, as such, must nt be disclsed. If messages cntain bth cnfidential and nn-cnfidential infrmatin, and a public recrds request is received, an emplyee must prvide access t the nn-cnfidential infrmatin and redact the cnfidential infrmatin frm the message. Fr additinal details n the types f infrmatin cnsidered t be cnfidential, see Laws Relating t Cnfidential Recrds Held by Nrth Carlina Gvernment (http://www.recrds.ncdcr.gv/guides/cnfidential_publicrec_2009.pdf). The fllwing grups have access t messages: 1. Senders and recipients f electrnic mail in the curse f nrmal usage f electrnic mail systems. 2. Supervisrs f emplyees wh are senders r recipients f electrnic mail. 3. Administratrs f electrnic mail systems r netwrk systems within the Department r ther systems emplyees nly (1) as required by the peratin f the electrnic mail, netwrk, r ther cmputer systems, (2) as requested by supervisrs f the senders r recipients, r (3) when there is a reasnable inference that there has been a vilatin f any prscriptins in this plicy. 9 Statewide Infrmatin Security Manual Chapter 3, Standard Executive Order N. 18. Department f Cultural Resurces Plicy (Revised July 2009) Page 9

10 4. Any individual may request access t public recrds thrugh prcedures defined in N.C.G.S by applicatin made t the legal custdian f the recrd as defined in N.C.G.S and The legal custdian is the public fficial in charge f an ffice having public recrds, and des nt mean an agency that hlds the public recrds f ther agencies slely... t prvide data prcessing. Legal custdy f electrnic mail rests with the ffice f the sender r recipient. 11 Cnsult with yur agency r ffice regarding prcedures that are established regarding respnses t public recrds requests. Cnfidential infrmatin prtected by statute must nt be released. Because access t s is nt limited t the sender nly, each message sent by public emplyees must include the fllwing statement (r sme versin f it): This message and any respnse t this message is being sent n a state system and may be subject t mnitring and disclsure t third parties, including law enfrcement persnnel. 3.1 Cnfidentiality An message having cnfidential infrmatin shuld nt be shared unless prper, frmalized security precautins have been established. 12 If yu are required t prvide recrds as a result f a public recrds request, yu must securely remve any cnfidential r privileged infrmatin frm the recrds befre releasing them. This culd include: 1. Infrmatin cvered by HIPAA (Health Insurance Prtability and Accuntability Act), including health care, medical recrds, treatment, and billing infrmatin. 2. Infrmatin cvered by FERPA (Family Educatinal and Rights t Privacy Act), including student educatin recrds. 3. Scial Security numbers and ther persnal identifying infrmatin as defined in G.S and Trade secrets f yur agency as defined in G.S In the abve examples, emplyees are advised t be cautius in using and, when needed, seek alternative frms f recrdkeeping. 4 E-Discveries All messages, including persnal cmmunicatins and ther nn-recrd material as described abve, may be subject t discvery prceedings in legal actins, investigatins, cmpliance, and audits. All public emplyees and fficials must respnd apprpriately t any impending actin invlving messages. All measures taken in respnse t an e-discvery actin als apply t messages retained by thse wrking n hme cmputers r using mbile/prtable cmputing devices. 11 Nrth Carlina Department f Cultural Resurces Plicy Regarding the Use f the Internet and the Use f Privacy and Electrnic Mail (September 1, 1999). 12 NCMail Plicy: 5. Department f Cultural Resurces Plicy (Revised July 2009) Page 10

11 5 Apprpriate Use f All users are expected t knw the difference between apprpriate and inapprpriate use f the system. 5.1 Respnsibility fr Apprpriate Use The system is prvided, at the gvernment s expense, t assist emplyees in carrying ut gvernment business. Cnsequently the system shuld primarily be used nly t transmit business related infrmatin. In additin, emplyees using the State system t perfrm wrk-related functins shall use the system respnsibly and prfessinally and nt make any intentinal use f this service in an illegal, malicius, r bscene manner. 13 See Sectin 3 Apprpriate Use f in the Guidelines fr best practices n the apprpriate use f including tips n etiquette. 5.2 Inapprpriate Uses f Inapprpriate messages can trigger legal liabilities, lst prductivity, negative publicity, and/r damage t an emplyee s r agency s reputatin. Examples f cntent that cnstitute unacceptable use include: 14 Private r persnal fr-prfit activities. This includes persnal use f fr marketing r cmmercial transactins, advertising f prducts r services r any ther activity intended t fster persnal gain. Unauthrized nt-fr-prfit business activities. Participatin in a nn-business related listserv. A listserv allws individuals t use fr nline discussin. They are typically pen t members wh subscribe via and then receive all messages that are sent t the listserv address. Use fr plitical purpses, such as prmting plitical causes, advancing a plitical party r a candidate fr plitical ffice, and expressing plitical pinins, particularly n cntrversial issues. 15 The use f RSS (Really Simple Syndicatin) feeds. Using RSS feeds in the curse f business is discuraged. If a RSS feed is enabled, all feed messages must be deleted n a daily basis. Use fr, r in supprt f, unlawful/prhibited activities as defined by federal, State, and lcal laws r regulatins. Illegal activities relating t Internet and netwrk access include, but are nt limited t: Tampering with cmputer hardware r sftware. 13 State f Nrth Carlina Statewide Infrmatin Security Manual Chapter 10, Standard State f Nrth Carlina Statewide Infrmatin Security Manual Chapter 3, Standard Adapted frm Executive Order N. 18 (signed July 7, 2009). Department f Cultural Resurces Plicy (Revised July 2009) Page 11

12 Knwingly vandalizing r destrying cmputer files. Transmitting threatening, bscene, r harassing materials. Attempting t penetrate a remte site/cmputer withut prper authrizatin. Vilating federal and State laws dealing with cpyrighted materials r materials prtected by a trade secret. Sending cnfidential infrmatin withut encrypting that infrmatin, expsing the data t discvery by unintended recipients. Nte that this applies t state agencies nly. This is cnsidered t be a best practice and lcal cunties and municipalities are encuraged t fllw this practice. Lcal agencies shuld cnsult with their IT department t determine uses f encryptin. Intentinally seeking infrmatin abut, btaining cpies f, r mdifying cntents f files, ther data, r passwrds belnging t ther users, unless explicitly authrized t d s by thse users. Attempts t subvert netwrk security, t impair functinality f the netwrk, r t bypass restrictins set by netwrk administratrs. Assisting thers in vilating these rules by sharing infrmatin r passwrds is als unacceptable behavir. Deliberate interference r disruptin f anther user's wrk r system. Users must nt take actins that cause interference t the netwrk r cause interference with the wrk f thers n the netwrk. Users are prhibited frm perfrming any activity that will cause the lss r crruptin f data, the abnrmal use f cmputing resurces (degradatin f system/netwrk perfrmance) r the intrductin f cmputer wrms r viruses by any means. Seeking/exchanging infrmatin, sftware, etc., that is nt related t ne's jb duties and respnsibilities. Unauthrized distributin f State data and infrmatin. This includes cnfidential infrmatin. T prtect against misrepresentatin, all messages must cntain the name f the sender and his r her address and include the fllwing disclaimer n each Opinins expressed in this message may nt represent the plicy f my agency. 5.3 Enfrcing Apprpriate Use Using gvernment prperty r funds fr persnal gain r in any f the examples listed under Inapprpriate Uses f is a vilatin f criminal law and may result in a disciplinary actin including dismissal. This includes, but is nt limited t, using telephnes, equipment, Department f Cultural Resurces Plicy (Revised July 2009) Page 12

13 cpiers, fax machines, cmputers, and Additinally, any NCMail user wh sends unslicited advertisements r slicitatins, cmmercial r therwise, may have their accunt disabled and be disallwed further service Technical Security The security f an system is a shared respnsibility. Fr emplyees participating in NCMail, the ITS shared service, Infrmatin Technlgy Services is respnsible fr prtecting the reliability, availability, and integrity f the NCMail service. ITS uses apprpriate security measures t detect security breaches and ther vilatins f system integrity and reviews the security f all netwrk activity, including all NCMail cmmunicatins, t ensure that use des nt vilate federal and state laws, statewide plicies and standards established by the State Chief Infrmatin Officer (CIO). Fr lcal emplyees r emplyees f state gvernment agencies wh d nt participate in the shared service, cnsult with yur ffice infrmatin technlgy staff r refer t the service level agreement prvided by yur service prvider regarding security f yur system. Individual users shuld take all reasnable precautins t prevent the use f their accunt by unauthrized individuals. Sending messages t lcatins utside f the agency/department s lcal area netwrk may require the use f the Internet fr transprt, s users shuld knw that the Internet adheres t pen standards and is inherently insecure. Users must als assess risk befre sending cnfidential infrmatin ver an pen netwrk. 18 Emplyees with state gvernment r lcal gvernment nt using these services need t cnsult with their IT department regarding rules f use f their netwrks and security. Hwever, the precautins mentined abve shuld be heeded t ensure that infrmatin and systems remain secure. See Sectin 4 Technical Security in the Guidelines fr practical appraches fr identifying security risks and better securing yur accunt. 7 Staff Departure When a public emplyee r fficial separates frm their agency, a hld will be placed n the e- mail accunt f that individual until the accunt and cmputer can be reviewed fr recrd cntent. Infrmatin Technlgy persnnel cannt remve all sftware frm a machine t make it available fr use by anther user until prvisins have been made regarding the recrds n the machine. Micrsft Outlk stres messages in a file knwn as a Persnal Strage Table (.pst) files which smetimes reside n a cmputer hard drive 19. The.pst files frm persnal flders created using Micrsft Outlk r ther similar files created by ther sftware packages must be addressed and/r saved smewhere fr a supervisr t view befre the machine can be wiped (data erased) and reassigned. 16 Mdified frm Office f State Persnnel Emplyee Handbk (issued August 2007): NCMail Plicy: NCMail Plicy: It is best t have e mail messages stred n the netwrk s that if smething happens t an individual s hard drive the messages are nt destryed inadvertently. Department f Cultural Resurces Plicy (Revised July 2009) Page 13

14 Any messages maintained n a gvernment wned cmputer r a mbile/prtable cmputing device must be transferred t the agency r ffice fr review and dispsitin prir t the last day f emplyment. See Sectin 2 String and Organizing Messages in the Guidelines fr practical appraches fr string messages as a.pst file t yur netwrk r hard drive. 8 Training DCR prvides training n managing as a public recrd fr all emplyees, bth lcal and state. In additin, it ffers training n the Micrsft Exchange system, the cncepts and fundamentals f which can be transferred t ther sftware packages. DCR als ffers nging training, especially after upgrades r transitins t new prgrams and n an as-needed basis. Please nte that public emplyees f the Executive Branch agencies are subject t additinal plicies (see item number 10 in Appendix 2) as utlined in Executive Order N. 18. In rder t track successful cmpletin f training, it is recmmended that upn cmpletin f training, public emplyees f the Executive Branch print a cpy f their training certificatin and frward it t their Human Resurces representative. 9 Relatinships with Existing Plicies This plicy has been created within the cntext f the fllwing dcuments: Executive Order N. 18: Retentin and Archiving Plicy (issued July 7, 2009) General Schedule fr State Agency Recrds (issued August 31, 2006) (http://www.recrds.ncdcr.gv/schedules/gs_amendments2006.pdf) Nrth Carlina General Statutes (http://www.ncleg.net/gascripts/statutes/statutes.asp) Identity Theft (b). Accessing cmputers (8). Definitins 132-1(a). Public Recrds defined Scial security numbers and ther persnal identifying infrmatin Cnfidential infrmatin Custdian designated Inspectin and examinatin f recrds. Office f Infrmatin Technlgy Services Plicy Manual NCMail Plicy (http://www.its.state.nc.us/servicecatalg/dcuments/18-07ncmail.pdf) Office f State Persnnel Emplyee Handbk (issued August 2007) (http://www.sp.state.nc.us/emphndbk/handbk2007.pdf) Public Recrds with Shrt Term Value (Guidelines) (http://www.recrds.ncdcr.gv/guidelines.htm#shrt) Department f Cultural Resurces Plicy (Revised July 2009) Page 14

15 Recrd Retentin and Dispsitin Schedules fr Cunties and Municipalities (http://www.recrds.ncdcr.gv/lcal/default.htm) State f Nrth Carlina Statewide Infrmatin Security Manual (http://www.sci.state.nc.us/dcuments/dcs_active/statewide%20infrmatin%20secu rity%20manual/statewide%20infrmatin%20security%20manual%20- %20Searchable%20Versin.pdf) Standards: Mnitring System Access and Use Sending Electrnic Mail Retaining r Deleting Electrnic Mail Instant Messaging Cmmunicatins Infrmatin Retentin Standard Backing Up Data n Prtable Cmputers Archiving Electrnic Files Receiving Unslicited Receiving Misdirected Infrmatin by Frwarding Using the Internet in an Acceptable Way 10 Cnclusins messages shuld be treated like any ther public recrd. Delete nn-recrd materials in cmpliance with the prvisins f Executive Order N. 18 and keep business-related messages and attachments in accrdance with yur recrds retentin and dispsitin schedule. Print r cnvert t micrfilm any messages and attachments with lasting evidential r histrical value. messages are the same as any ther frmat f public recrd and must fllw the requirements set in retentin and dispsitin schedules. By setting up a practical mailbx flder system, users can simplify the decisin-making prcess and aid in filing and retrieval. Electrnic strage als has its wn csts. Careful management will help reduce the stress n that strage and any ther assciated csts. As mailbxes verflw with messages, fllwing the prvisins f the recrds retentin and dispsitin schedule is essential fr gd recrds management practices. Realizing that e- mail classificatin and management is a shared respnsibility, the Gvernment Recrds Branch f the Department f Cultural Resurces is ready t respnd t requests t clarify these guidelines, ffer recrds and infrmatin management training, and help identify which recrds need t be kept fr a specific perid. Department f Cultural Resurces Plicy (Revised July 2009) Page 15

16 11 Cntact Infrmatin fr Gvernment Recrds Fr mre infrmatin, please cntact us at: Department f Cultural Resurces Divisin f Histrical Resurces Archives and Recrds Sectin Gvernment Recrds Branch Physical Lcatin: 215 N. Blunt Street, Raleigh, N.C. Main Telephne: Or visit ur Web site at Department f Cultural Resurces Plicy (Revised July 2009) Page 16

17 Appendix 1 - Definitins Archival value - the nging usefulness r significance f recrds, based n the administrative, legal, fiscal, evidential, r histrical infrmatin they cntain, justifying their cntinued preservatin. In general, recrds with archival value are estimated t make up nly three t five percent f an rganizatin's recrds. (Sciety f American Archivists [SAA] Glssary) Backup - the cpying f data stred n a cmputer s that it can be restred shuld the riginal data be destryed by whatever cause (mechanical r sftware failure, theft r disaster). Cpyrighted material includes materials that may be prtected by Cpyright Law (fr example, a cartn, article, r excerpt frm a bk). In ther wrds, if the infrmatin r material is cpyrighted, it may nt be publicly circulated withut prir authrizatin frm the cpyright hlder. Discvery the part f the litigatin prcess in which ppsing parties exchange relevant dcuments, testimny, and ther infrmatin. Litigants generally request and receive infrmatin necessary t build a case in preparatin fr the trial. Discvery helps each side understand the material facts and evidence in advance f the trial. It als prevents anyne frm being ambushed at the trial. ( Rules, page 125) Dispsitin - materials' final destructin r transfer t an Archives as determined by their appraisal. (SAA Glssary) Dcument - traditinally cnsidered t mean text fixed n paper. Hwever, a dcument includes all media and frmats. Phtgraphs, drawings, sund recrdings, and vides, as well as wrd prcessing files, spreadsheets, Web pages, and database reprts, are nw generally cnsidered t be dcuments.(saa Glssary) message a single electrnic mail message. It generally cntains a header (r infrmatin abut the sender and receiver), bdy (including the cntent f the message, signature, and applicable disclaimers), and attachments. The user can cmpse a message using a sftware applicatin such as Micrsft Outlk. Encryptin - the prcess f transfrming infrmatin (referred t as plaintext) using an algrithm (called a cipher) t make it unreadable t anyne except thse pssessing special knwledge. Mbile/prtable cmputing device a pcket-sized cmputing device, typically having a display screen with tuch input r a miniature keybard. These devices include wireless PDAs (Persnal Digital Assistants) and handhelds, mbile phnes, laptps with wireless capabilities, and specific devices, such as the Blackberry, designed fr business use. Netwrk - a number f cmputers cnnected tgether t share infrmatin and hardware. A Lcal Area Netwrk (LAN) is small, usually cnfined t a single building r grup f buildings. A Wide Area Netwrk (WAN) is a system f LANs. It is large, with many cmputers linked. Department f Cultural Resurces Plicy (Revised July 2009) Page 17

18 Receiver- the target f a message in the cmmunicatin prcess. Recrd - data r infrmatin in a fixed frm that is created r received in the curse f individual r institutinal activity and set aside (preserved) as evidence f that activity fr future reference. A recrd has fixed cntent, structure, and cntext. (SAA Glssary) Retentin and dispsitin schedule - a dcument that identifies and describes an rganizatin's recrds, usually at the series level, prvides instructins fr the dispsitin f recrds thrughut their life cycle. (SAA Glssary) Sender - the riginatr f the message in the cmmunicatin prcess; als called the Surce. Telewrk - permits agencies t designate emplyees t wrk at alternate wrk lcatins fr all r part f the wrkweek in rder t prmte general wrk efficiencies. (N.C. Office f State Persnnel Emplyee Handbk) Users - all persns whse access t r use f NCMail is funded by the state r is available thrugh equipment wned r leased by the state. (NCMail Plicy) Department f Cultural Resurces Plicy (Revised July 2009) Page 18

19 Appendix 2 Plicies Applicable t Executive Branch Emplyees (excerpted frm Executive Order N. 18) 5. Executive Branch emplyees shall nt permanently delete any messages that they send fr at least 24 hurs, and shall nt permanently delete any messages they receive fr at least 24 hurs except that they may immediately and permanently delete any messages they receive that are nt clearly related t the transactin f State business, such as s cntaining advertising materials r ffensive materials. After 24 hurs, Executive Branch emplyees shall retain r delete s they have sent r received accrding t the retentin schedules fr their agency established by the Department f Cultural Resurces. 8. All Executive Branch agencies shall cpy all s sent and received by their emplyees n backup tapes at least nce daily. The Office f Infrmatin Technlgy Services (ITS) will prvide this backup service t all agencies fr which it prvides services. Each Executive Branch agency that des nt use ITS services shall emply a back-up system that creates a back-up cpy f the messages in all systems f the agency at least nce daily. All backup tapes created after the issuance f Executive Order 150 and prir t the implementatin f a single archive system will be maintained fr 10 years. After implementatin f an archive system, backup tapes will be maintained fr such perid as ITS may establish. 9. ITS will prcure an archive system as sn as practicable and prvide that system t all agencies fr which it prvides services. ITS will make this archive system available t ther Executive Branch agencies as sn as practicable. s shall be retained in this system fr 10 years. ITS will cnsult with Nrth Carlina Department f Cultural Resurces (DCR) t identify s that shuld be preserved beynd 10 years. 10. DCR shall prvide Executive Branch emplyees with mandatry nline training fr managing as public recrds. 11. DCR shall cnduct randm audits f State agencies in the Executive Branch t ensure that emplyees are in cmpliance with the recrds retentin and dispsitin schedules. Department f Cultural Resurces Plicy (Revised July 2009) Page 19

20 Bibligraphy Flynn, Nancy and Randlph Kahn Esq Rules: A Business Guide t Managing Plicies, Security, and Legal Issues. New Yrk: AMACOM (American Management Assciatin). Kentucky Department fr Libraries and Archives. Guidelines fr Managing in Kentucky Gvernment. (accessed February 25, 2009). Mses, Richard-Pearce A Glssary f Archival and Recrds Terminlgy. (accessed February 19, 2009). New Yrk State Archives Develping a Plicy fr Managing . Archives Technical Infrmatin Series #85. (accessed February 13, 2009). Pennck, Maureen Digital Curatin Manual. Curating s: A life-cycle apprach t the management and preservatin f messages. Digital Curatin Centre. (accessed February 25, 2009). State f Kansas. Managing Electrnic Mail Guidelines fr Kansas Gvernment Agencies. (accessed February 14, 2009). Department f Cultural Resurces Plicy (Revised July 2009) Page 20

GUIDANCE FOR BUSINESS ASSOCIATES

GUIDANCE FOR BUSINESS ASSOCIATES GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.

More information

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin

More information

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network 2361/Page 1 f 6 Hillsbrugh Bard f Educatin Acceptable Use Plicy fr Using the Hillsbrugh Twnship Public Schls Netwrk It is the gal f the HTPS (Hillsbrugh Twnship Public Schls) Netwrk t prmte educatinal

More information

VCU Payment Card Policy

VCU Payment Card Policy VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this

More information

Data Protection Policy & Procedure

Data Protection Policy & Procedure Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015

More information

New York Institute of Technology Faculty and Staff Email Retention Policy

New York Institute of Technology Faculty and Staff Email Retention Policy New Yrk Institute f Technlgy Faculty and Staff Email Retentin Plicy Nvember 2013 I. PURPOSE As electrnic mail (email) has becme the primary frm f cmmunicatin at NYIT and thrughut the wrld, the vlume f

More information

Personal Data Security Breach Management Policy

Personal Data Security Breach Management Policy Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner

More information

HIPAA HITECH ACT Compliance, Review and Training Services

HIPAA HITECH ACT Compliance, Review and Training Services Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical

More information

Unified Infrastructure/Organization Computer System/Software Use Policy

Unified Infrastructure/Organization Computer System/Software Use Policy Unified Infrastructure/Organizatin Cmputer System/Sftware Use Plicy 1. Statement f Respnsibility All emplyees are charged with the security and integrity f the cmputer system. Emplyees are asked t help

More information

Norwood Public Schools Internet & Cell Phone Use Agreement School Year 2015-16

Norwood Public Schools Internet & Cell Phone Use Agreement School Year 2015-16 Yu must read and agree t fllw the netwrk rules belw t use yur netwrk accunt r access the internet. Nrwd Public Schls makes available t students access t cmputers and the Internet. Students are expected

More information

Woodstock Multimedia, INC. Software/Hardware Usage Policy

Woodstock Multimedia, INC. Software/Hardware Usage Policy Wdstck Multimedia, INC. Sftware/Hardware Usage Plicy POLICY PURPOSE The purpse f the Wdstck Multimedia, INC. Sftware / Hardware Usage Plicy is t ensure that Wdstck Multimedia, INC. emplyees are prperly

More information

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer RUTGERS POLICY Sectin: 70.1.1 Sectin Title: Infrmatin Technlgy Plicy Name: Acceptable Use Plicy fr Infrmatin Technlgy Resurces Frmerly Bk: N/A Apprval Authrity: Senir Vice President fr Administratin Respnsible

More information

POLICY INTERNET - ACCEPTABLE USE

POLICY INTERNET - ACCEPTABLE USE POLICY Dc. Cde: IS I5 INTERNET - ACCEPTABLE USE Applicable t: MidCentral DHB Including MidCentral Health & Enable NZ Issued by: Infrmatin Systems Cntact: Manager Service Delivery 1. PURPOSE This plicy

More information

Supersedes: DPS Policy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 of 5

Supersedes: DPS Policy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 of 5 Plicy: 13.01 SUBJECT: INTERNET USAGE Supersedes: DPS Plicy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 f 5 1.0 POLICY PURPOSE Detrit Public Schls (DPS) Internet

More information

TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY

TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY REFERENCE NUMBER: 14/103368 RESPONSIBLE DEPARTMENT: Crprate Services APPLICABLE LEGISLATION: State Recrds Act 1997 Lcal Gvernment Act 1999 Crpratins Act

More information

Internet and E-Mail Policy User s Guide

Internet and E-Mail Policy User s Guide Internet and E-Mail Plicy User s Guide Versin 2.2 supprting partnership in mental health Internet and E-Mail Plicy User s Guide Ver. 2.2-1/5 Intrductin Health and Scial Care requires a great deal f cmmunicatin

More information

INFORMATION TECHNOLOGY USAGE POLICY COUNTY OF ORANGE

INFORMATION TECHNOLOGY USAGE POLICY COUNTY OF ORANGE INFORMATION TECHNOLOGY USAGE POLICY COUNTY OF ORANGE Cunty f Orange Infrmatin Technlgy Usage Plicy 1 INTRODUCTION: The Cunty f Orange Infrmatin Technlgy (IT) Usage Plicy is the fundatin f the Cunty s infrmatin

More information

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department

More information

Remote Working (Policy & Procedure)

Remote Working (Policy & Procedure) Remte Wrking (Plicy & Prcedure) Publicatin Scheme Y/N Department f Origin Plicy Hlder Authrs Can be published n Frce Website Prfessinal Standards Department (PSD) Ch Supt Head f PSD IT Security Officer

More information

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy. Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive

More information

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus

More information

Felician College. Computer Use Policy. Office of Information Technology 262 South Main St Lodi, NJ 07644-2117

Felician College. Computer Use Policy. Office of Information Technology 262 South Main St Lodi, NJ 07644-2117 Felician Cllege Office f Infrmatin Technlgy 262 Suth Main St Ldi, NJ 07644-2117 Cmputer Use Plicy Intrductin - In supprt f Felician Cllege's missin f teaching and public service, the Infrmatin Technlgy

More information

Document Management/Archiving Records general guidelines for the UBC Department of Medicine

Document Management/Archiving Records general guidelines for the UBC Department of Medicine Dcument Management/Archiving Recrds general guidelines fr the UBC Department f Medicine ADMINISTRATIVE/FINACIAL FILES: Email/Crrespndence - An extremely difficult recrd type t schedule, sme email is clearly

More information

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant

More information

Immaculate Conception School, Prince George Bring Your Own Device Policy for Students

Immaculate Conception School, Prince George Bring Your Own Device Policy for Students Bring Yur Own Device Plicy fr Students Purpse This plicy utlines the acceptable use f electrnic devices t maintain a safe and secure educatin envirnment with the gal f preparing students fr the future,

More information

FINANCIAL OPTIONS. 2. For non-insured patients, payment is due on the day of service.

FINANCIAL OPTIONS. 2. For non-insured patients, payment is due on the day of service. FINANCIAL OPTIONS 1. Fr thse patients wh carry dental insurance, all c-payments are due n date f service. We will file yur claim as a service t yu, and will d ur very best t maximize yur benefits. We accept

More information

Project Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES

Project Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES Prject Open Hand Atlanta Effective Date: April 14, 2003 Health Insurance Prtability and Accuntability Act (HIPAA) The Health Insurance Prtability and Accuntability Act f 1996 (HIPAA) directs health care

More information

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network 2361/Page 1 f 8 Hillsbrugh Bard f Educatin Acceptable Use Plicy fr Using the Hillsbrugh Twnship Public Schls Netwrk The Bard f Educatin recgnizes as new technlgies shift the manner in which infrmatin is

More information

ensure that all users understand how mobile phones supplied by the council should and should not be used.

ensure that all users understand how mobile phones supplied by the council should and should not be used. Mbile Phne Plicy & Guidance Intrductin This plicy is designed t safeguard bth the cuncil and users f mbile phnes supplied by Angus Cuncil. It aims t ensure that these are used effectively, fr their intended

More information

DisplayNote Technologies Limited Data Protection Policy July 2014

DisplayNote Technologies Limited Data Protection Policy July 2014 DisplayNte Technlgies Limited Data Prtectin Plicy July 2014 1. Intrductin This dcument sets ut the bligatins f DisplayNte Technlgies Limited ( the Cmpany ) with regard t data prtectin and the rights f

More information

DETROIT PUBLIC SCHOOLS NETBOOK PARENT CONSENT FORM For 8 th 12 th Grade Students Only

DETROIT PUBLIC SCHOOLS NETBOOK PARENT CONSENT FORM For 8 th 12 th Grade Students Only DETROIT PUBLIC SCHOOLS NETBOOK PARENT CONSENT FORM Fr 8 th 12 th Grade Students Only Student s Last Name Parent/Guardian Last Name Class First Name First Name Date Fr the first time this fall, students

More information

Meopham School Information Technology Code of Conduct

Meopham School Information Technology Code of Conduct 1. Intrductin Infrmatin technlgy resurces are essential fr accmplishing Mepham Schl s missin f pursuing excellence in teaching and learning, research and cmmunity service. Members f the Schl cmmunity are

More information

To clarify terms used within these policies, the following definitions are provided:

To clarify terms used within these policies, the following definitions are provided: Baker University Email Plicy E-mail services are prvided t the Baker cmmunity in supprt f the educatinal missin f the University and the administrative functins t carry ut that missin. Users f Baker e-mail

More information

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337 HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders

More information

ACTIVITY MONITOR Real Time Monitor Employee Activity Monitor

ACTIVITY MONITOR Real Time Monitor Employee Activity Monitor ACTIVITY MONITOR Real Time Mnitr Emplyee Activity Mnitr This pwerful tl allws yu t track any LAN, giving yu the mst detailed infrmatin n what, hw and when yur netwrk users perfrmed. Whether it is a library

More information

HIPAA Notice of Privacy Practices. Central Ohio Surgical Associates, Inc.

HIPAA Notice of Privacy Practices. Central Ohio Surgical Associates, Inc. HIPAA Ntice f Privacy Practices Central Ohi Surgical Assciates, Inc. THIS NOTICE OF PRIVACY PRACTICES (THE NOTICE ) DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN

More information

FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT

FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT If using US Pstal Service, please return t: Califrnia Student Aid Cmmissin Prgram Administratin & Services Divisin ATTN: Institutinal Supprt P.O. Bx 419028

More information

Cloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013

Cloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013 Clud-based File Sharing: Privacy and Security Tutrial Institutinal Cmpliance Office July 2013 Patient Data in the Clud Prtecting patient privacy is ne f MD Andersn s greatest respnsibilities Technlgies

More information

General Records Authority 33. Accredited Training

General Records Authority 33. Accredited Training General Recrds Authrity 33 2012/00579704 Accredited Training February 2013 This is an accurate reprductin f the authrised recrds authrity cntent, created fr accessibility purpses CONTENTS INTRODUCTION

More information

Chapter 7 Business Continuity and Risk Management

Chapter 7 Business Continuity and Risk Management Chapter 7 Business Cntinuity and Risk Management Sectin 01 Business Cntinuity Management 070101 Initiating the Business Cntinuity Plan (BCP) Purpse: T establish the apprpriate level f business cntinuity

More information

Plus500CY Ltd. Statement on Privacy and Cookie Policy

Plus500CY Ltd. Statement on Privacy and Cookie Policy Plus500CY Ltd. Statement n Privacy and Ckie Plicy Statement n Privacy and Ckie Plicy This website is perated by Plus500CY Ltd. ("we, us r ur"). It is ur plicy t respect the cnfidentiality f infrmatin and

More information

In addition to assisting with the disaster planning process, it is hoped this document will also::

In addition to assisting with the disaster planning process, it is hoped this document will also:: First Step f a Disaster Recver Analysis: Knwing What Yu Have and Hw t Get t it Ntes abut using this dcument: This free tl is ffered as a guide and starting pint. It is des nt cver all pssible business

More information

First Global Data Corp.

First Global Data Corp. First Glbal Data Crp. Privacy Plicy As f February 23, 2015 Ding business with First Glbal Data Crp. ("First Glbal", First Glbal Mney, "we" r "us", which includes First Glbal Data Crp. s subsidiary, First

More information

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021 Multi-Year Accessibility Plicy and Plan fr NSF Canada and NSF Internatinal Strategic Registratins Canada Cmpany, 2014-2021 This 2014-21 accessibility plan utlines the plicies and actins that NSF Canada

More information

Key Steps for Organizations in Responding to Privacy Breaches

Key Steps for Organizations in Responding to Privacy Breaches Key Steps fr Organizatins in Respnding t Privacy Breaches Purpse The purpse f this dcument is t prvide guidance t private sectr rganizatins, bth small and large, when a privacy breach ccurs. Organizatins

More information

Creating an Ethical Culture and Protecting Your Bottom Line:

Creating an Ethical Culture and Protecting Your Bottom Line: Creating an Ethical Culture and Prtecting Yur Bttm Line: Best Practices fr Crprate Cdes f Cnduct Nte: The infrmatin belw and all infrmatin n this website is nt meant t be taken as legal advice. Please

More information

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014 State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)

More information

Often people have questions about new or enhanced services. This is a list of commonly asked questions and answers regarding our new WebMail format.

Often people have questions about new or enhanced services. This is a list of commonly asked questions and answers regarding our new WebMail format. Municipal Service Cmmissin Gerald P. Cle Frederick C. DeLisle Thmas M. Kaul Gregry L. Riggle Stanley A. Rutkwski Electric, Steam, Water Cable Televisin and High Speed Internet Service since 1889 Melanie

More information

For students to participate in BYOD please follow these two steps

For students to participate in BYOD please follow these two steps www.readingtn.k12.nj.us September 15, 2015 Dear Readingtn Middle Schl Families, We are excited t annunce that we are cntinuing with Bring Yur Own Device fr all middle schl students! We recgnize that many

More information

We will record and prepare documents based off the information presented

We will record and prepare documents based off the information presented Dear Client: We appreciate the pprtunity f wrking with yu regarding yur Payrll needs. T ensure a cmplete understanding between us, we are setting frth the pertinent infrmatin abut the services that we

More information

Process for Responding to Privacy Breaches

Process for Responding to Privacy Breaches Prcess fr Respnding t Privacy Breaches 1. Purpse 1.1 This dcument sets ut the steps that ministries must fllw when respnding t a privacy breach. It must be read in cnjunctin with the Infrmatin Incident

More information

IT Help Desk Service Level Expectations Revised: 01/09/2012

IT Help Desk Service Level Expectations Revised: 01/09/2012 IT Help Desk Service Level Expectatins Revised: 01/09/2012 Overview The IT Help Desk team cnsists f six (6) full time emplyees and fifteen (15) part time student emplyees. This team prvides supprt fr 25,000+

More information

Guidelines for Custodians

Guidelines for Custodians Guidelines fr Custdians t assess cmpliance with the Persnal Health Infrmatin Privacy and Access Act (PHIPAA) This dcument is designed t help custdians evaluate readiness fr cmpliance with PHIPAA and t

More information

NYU Langone Medical Center NYU Hospitals Center NYU School of Medicine

NYU Langone Medical Center NYU Hospitals Center NYU School of Medicine Title: Identity Theft Prgram Effective Date: July 2009 NYU Langne Medical Center NYU Hspitals Center NYU Schl f Medicine POLICY It is the plicy f the NYU Langne Medical Center t educate and train staff

More information

FORM ADV (Paper Version) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS

FORM ADV (Paper Version) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS APPENDIX A FORM ADV (Paper Versin) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS Frm ADV: General Instructins Read these instructins carefully befre

More information

A. Early Case Assessment

A. Early Case Assessment Electrnic Discvery Reference Mdel Standards fr the identificatin f electrnically stred infrmatin in discvery http://www.edrm.net/resurces/standards/identificatin A. Early Case Assessment Once a triggering

More information

Employees - recruitment, records and monitoring

Employees - recruitment, records and monitoring Emplyees - recruitment, recrds and mnitring This guidance has been prduced t help rganisatins cmply with the Data Prtectin Act (DPA) when recruiting and emplying wrkers. It is relevant t public sectr emplyers,

More information

CIS 4360: INTRODUCTION TO COMPUTER SECURITY

CIS 4360: INTRODUCTION TO COMPUTER SECURITY CIS 4360: INTRODUCTION TO COMPUTER SECURITY Flrida A&M University Cmputer and Infrmatin Sciences Cllege f Arts & Sciences Curse Prerequisite: Cmputer Science majr r permissin f the instructr Required Textbk:

More information

KIK s GUIDE FOR LAW ENFORCEMENT

KIK s GUIDE FOR LAW ENFORCEMENT Thanks fr checking ut ur law enfrcement guide. Kik takes the safety f ur users very seriusly, and we hpe this guide will be a useful tl fr yu. It includes infrmatin abut ur app; the features and functins

More information

expertise hp services valupack consulting description security review service for Linux

expertise hp services valupack consulting description security review service for Linux expertise hp services valupack cnsulting descriptin security review service fr Linux Cpyright services prvided, infrmatin is prtected under cpyright by Hewlett-Packard Cmpany Unpublished Wrk -- ALL RIGHTS

More information

WHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy

WHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy WHAT YOU NEED TO KNOW ABOUT Prtecting yur Privacy YOUR PRIVACY IS OUR PRIORITY Credit unins have a histry f respecting the privacy f ur members and custmers. Yur Bard f Directrs has adpted the Credit Unin

More information

ACTIVITY MONITOR. Live view of remote desktops. You may easily have a look at any user s desktop.

ACTIVITY MONITOR. Live view of remote desktops. You may easily have a look at any user s desktop. Web Develpment Offshre Develpment Outsurcing SEO ACTIVITY MONITOR This pwerful tl allws yu t track any LAN, giving yu the mst detailed infrmatin n what, hw and when yur netwrk users perfrmed. Whether it

More information

INTRODUCTION TO PORTAL GROUP STUDIO

INTRODUCTION TO PORTAL GROUP STUDIO Mntana State University Luminis Prtal Prject INTRODUCTION TO PORTAL GROUP STUDIO Grup Studi With the Grup Studi sftware, yu can request the creatin f nline grups fr clubs, affiliatins, r interests and

More information

Unified Communications

Unified Communications Office f Infrmatin Technlgy Services Service Level Agreement Unified Cmmunicatins Nvember 7, 2013 v2.2 Service Descriptin Unified Cmmunicatins Service Descriptin ITS Unified Cmmunicatins ffers a number

More information

BYOD and Cloud Computing

BYOD and Cloud Computing BYOD and Clud Cmputing AIIM First Canadian Chapter May 22, 2014 Susan Nickle, Lndn Health Sciences Centre Chuck Rthman, Wrtzmans Sheila Taylr, Erg Infrmatin Management Cnsulting Clud cmputing Agenda What

More information

Hampton Roads Orthopaedics & Sports Medicine. Notice of Privacy Practices

Hampton Roads Orthopaedics & Sports Medicine. Notice of Privacy Practices This is being prvided t yu as a requirement f the privacy regulatins issued under the Health Insurance Prtability and Accuntability Act f 1996 (HIPAA). This ntice describes hw HROSM may use and disclse

More information

Research Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012

Research Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012 Research Reprt Abstract: The Emerging Intersectin Between Big Data and Security Analytics By Jn Oltsik, Senir Principal Analyst With Jennifer Gahm Nvember 2012 2012 by The Enterprise Strategy Grup, Inc.

More information

Purpose Statement. Objectives

Purpose Statement. Objectives Apprved by Academic Affairs Cuncil, June 24, 2014 Faculty Handbk Part VI: Other Plicies and Prcedures Sectin R. Intellectual Prperty Classified Emplyee Handbk Part VI: Other Plicies and Prcedures Sectin

More information

Electronic and Information Resources Accessibility Compliance Plan

Electronic and Information Resources Accessibility Compliance Plan Electrnic and Infrmatin Resurces Accessibility Cmpliance Plan Intrductin The University f Nrth Texas at Dallas (UNTD) is cmmitted t prviding a wrk envirnment that affrds equal access and pprtunity t therwise

More information

Texas Woman's University University Policy Manual

Texas Woman's University University Policy Manual Texas Wman's University University Plicy Manual Plicy Name: Plicy Number: 6.06 Date Passed: July 2004 Health Insurance Prtability& Accuntability Act (HIPAA) Date Reviewed: September 2008 Next Review: September

More information

Directives to Hospitals in respect of Reporting Requirements under the BPSAA

Directives to Hospitals in respect of Reporting Requirements under the BPSAA DRAFT Directives t Hspitals in respect f Reprting Requirements under the BPSAA Issued By Minister f Health and Lng-Term Care Effective April 1, 2011 DRAFT March 28, 2011 Table f Cntents 1. BACKGROUND...

More information

Internet Banking Agreement and Disclosure Statement

Internet Banking Agreement and Disclosure Statement Internet Banking Agreement and Disclsure Statement This agreement cntains the terms and cnditins that gvern accessing r using Internet Banking (NetTeller), Bill Payment Services, Mbile Banking and On Demand

More information

Frequently Asked Questions About I-9 Compliance

Frequently Asked Questions About I-9 Compliance Frequently Asked Questins Abut I-9 Cmpliance What is required t verify wrk authrizatin? The basic requirement t verify wrk authrizatin is the Frm I-9. This frm is available n the HR website: http://www.fit.edu/hr/dcuments/frms/i-9.pdf

More information

Heythrop College Disciplinary Procedure for Support Staff

Heythrop College Disciplinary Procedure for Support Staff Heythrp Cllege Disciplinary Prcedure fr Supprt Staff Intrductin 1. This prcedural dcument des nt apply t thse academic-related staff wh are mentined in the Cllege s Ordinance, namely the Librarian and

More information

TrustED Briefing Series:

TrustED Briefing Series: TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers

More information

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER This Audit Cmmittee Charter has been amended as f July 17, 2015. The Audit Cmmittee shall review and reassess this Charter annually and recmmend

More information

ALBAN CHURCH OF ENGLAND ACADEMY COMPUTER SECURITY POLICY. Approved by Governing Body on: 6 th May 2015

ALBAN CHURCH OF ENGLAND ACADEMY COMPUTER SECURITY POLICY. Approved by Governing Body on: 6 th May 2015 ALBAN CHURCH OF ENGLAND ACADEMY COMPUTER SECURITY POLICY Gvernrs Cmmittee: Finance and General Purpses Apprved by Gverning Bdy n: 6 th May 2015 Signed: (Chair f Cmmittee) Signed: (Headteacher) Date t be

More information

0820.02 Workers Disability Compensation Claims Procedures Issued: January 1, 1994 Revised: March 29, 2012

0820.02 Workers Disability Compensation Claims Procedures Issued: January 1, 1994 Revised: March 29, 2012 State f Michigan Administrative Guide t State Gvernment 0820.02 Wrkers Disability Cmpensatin Claims Prcedures Issued: January 1, 1994 Revised: March 29, 2012 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY:

More information

Systems Support - Extended

Systems Support - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets

More information

FAYETTEVILLE STATE UNIVERSITY

FAYETTEVILLE STATE UNIVERSITY FAYETTEVILLE STATE UNIVERSITY IDENTITY THEFT PREVENTION (RED FLAGS RULE) Authrity: Categry: Issued by the Fayetteville State University Bard f Trustees. University-Wide Applies t: Administratrs Faculty

More information

Maryland General Service (MGS) Area 29 Treatment Facilities Committee (TFC) TFC Instructions

Maryland General Service (MGS) Area 29 Treatment Facilities Committee (TFC) TFC Instructions Maryland General Service (MGS) Area 29 Treatment Facilities Cmmittee (TFC) TFC Instructins Lve And Service Facility Presentatin t Patients We are frm Alchlics Annymus (AA), fr AA, and ur service is fr

More information

Directives to LHINs in respect of Reporting Requirements under the BPSAA. Issued By Minister of Health and Long-Term Care

Directives to LHINs in respect of Reporting Requirements under the BPSAA. Issued By Minister of Health and Long-Term Care Directives t LHINs in respect f Reprting Requirements under the BPSAA Issued By Minister f Health and Lng-Term Care Effective April 1, 2011 Table f Cntents 1. BACKGROUND... 2 2. REPORT ON THE USE OF CONSULTANTS...

More information

University of Kent. Quality Assurance Office Quality Assurance: Documentation Retention and Archiving Policy

University of Kent. Quality Assurance Office Quality Assurance: Documentation Retention and Archiving Policy Quality Assurance Office Quality Assurance: Dcumentatin Retentin and Archiving Plicy This plicy sets ut apprved dcument retentin perids in rder that Kent may meet its bligatins t students; cmply with quality

More information

THIRD PARTY PROCUREMENT PROCEDURES

THIRD PARTY PROCUREMENT PROCEDURES ADDENDUM #1 THIRD PARTY PROCUREMENT PROCEDURES NORTH CENTRAL TEXAS COUNCIL OF GOVERNMENTS TRANSPORTATION DEPARTMENT JUNE 2011 OVERVIEW These prcedures establish standards and guidelines fr the Nrth Central

More information

CMS Eligibility Requirements Checklist for MSSP ACO Participation

CMS Eligibility Requirements Checklist for MSSP ACO Participation ATTACHMENT 1 CMS Eligibility Requirements Checklist fr MSSP ACO Participatin 1. General Eligibility Requirements ACO participants wrk tgether t manage and crdinate care fr Medicare fee-fr-service beneficiaries.

More information

Williamson County Board of Education Procedures and Guidelines

Williamson County Board of Education Procedures and Guidelines Williamsn Cunty Bard f Educatin Prcedures and Guidelines Effective Date: 6/21/10; 8/15/11; Page 1 f 7 PURPOSE Williamsn Cunty Schls prvides student and emplyee access t the Internet as a means t increase

More information

Monthly All IFS files, all Libraries, security and configuration data

Monthly All IFS files, all Libraries, security and configuration data Server Backup Plicy Intrductin Data is ne f Banks DIH Limited s mst imprtant assets. In rder t prtect this asset frm lss r destructin, it is imperative that it be safely and securely captured, cpied, and

More information

Malpractice and Maladministration Policy

Malpractice and Maladministration Policy TR340 Malpractice and Maladministratin Plicy This plicy aims t: Define malpractice and maladministratin in the cntext f CIM/CAM studying members, Accredited study centres (ASCs), examinatin centres, invigilatrs

More information

COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE

COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE Mst dealers are familiar with the requirements f the Gramm-Leach-Bliley Act

More information

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Department f Health and Human Services OFFICE OF INSPECTOR GENERAL PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Inquiries abut this reprt may be addressed t the Office f Public Affairs

More information

Data Protection Act Data security breach management

Data Protection Act Data security breach management Data Prtectin Act Data security breach management The seventh data prtectin principle requires that rganisatins prcessing persnal data take apprpriate measures against unauthrised r unlawful prcessing

More information

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply Sectin 1 General Infrmatin RFR Number: (Reference BPO Number) Functinal Area (Enter One Only) F50B3400026 7 Infrmatin System Security Labr Categry A single supprt resurce may be engaged fr a perid nt t

More information

AMWA Chapter Subgroups on LinkedIn Guidance for Subgroup Managers and Chapter Leaders, updated 2-12-15

AMWA Chapter Subgroups on LinkedIn Guidance for Subgroup Managers and Chapter Leaders, updated 2-12-15 AMWA Chapter Subgrups n LinkedIn Guidance fr Subgrup Managers and Chapter Leaders, updated 2-12-15 1. Chapters may nt have an independent grup n LinkedIn, Facebk, r ther scial netwrking site. AMWA prvides

More information

Johnston Public Schools Special Education Procedural Manual. IEP Overview

Johnston Public Schools Special Education Procedural Manual. IEP Overview Jhnstn Public Schls Special Educatin Prcedural Manual IEP Overview Definitin The Individualized Educatin Prgram (IEP) is a written plan fr the apprpriate educatin f students with disabilities. It is a

More information

LAW ENFORCEMENT TECHNOLOGY CREDIT BY EXAMINATION FACT SHEET Texas

LAW ENFORCEMENT TECHNOLOGY CREDIT BY EXAMINATION FACT SHEET Texas LAW ENFORCEMENT TECHNOLOGY CREDIT BY EXAMINATION FACT SHEET Texas Ri Salad Cllege, a Maricpa Cunty Cmmunity Cllege in Tempe, Arizna, is prud t annunce its Credit by Examinatin prgram in Law Enfrcement

More information

CSUSB Containment Guidelines CSUSB, Information Security Office

CSUSB Containment Guidelines CSUSB, Information Security Office CSUSB, Infrmatin Security Office Last Revised: 01/30/2013 Final REVISION CONTROL Dcument Title: Authr: File Reference: CSUSB Cntainment Guidelines Javier Trner Date By Actin Pages 03/30/05 J Trner Created

More information

Audit Committee Charter

Audit Committee Charter Audit Cmmittee Charter Membership The Audit Cmmittee (the "Cmmittee") f the Bard f Directrs (the "Bard") f Philip Mrris Internatinal Inc. (the "Cmpany") shall cnsist f at least three directrs all f whm

More information