Health Insurance Portability and Accountability Act

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Health Insurance Portability and Accountability Act"

Transcription

1 Health Insurance Prtability and Accuntability Act Frm Wikipedia, the free encyclpedia. (Redirected frm HIPAA) Jump t: navigatin, search The Health Insurance Prtability and Accuntability Act (HIPAA) was enacted by the U.S. Cngress in Accrding t the Centers fr Medicare and Medicaid Services' (CMS) website, Title I f HIPAA prtects health insurance cverage fr wrkers and their families when they change r lse their jbs. Title II f HIPAA, the Administrative Simplificatin prvisins, requires the establishment f natinal standards fr electrnic health care transactins and natinal identifiers fr prviders, health insurance plans, and emplyers. The AS prvisins als address the security and privacy f health data. The standards are meant t imprve the efficiency and effectiveness f the natin's health care system by encuraging the widespread use f electrnic data interchange in health care. As a matter f linguistic-plitical criticism, many have nted that the Act did little t actually make health insurance mre "prtable" in the sense f preserving access t health care when an individual changes emplyers. Als, despite its many new rules n the sharing f medical infrmatin, the Act did nt significantly increase health insurers' "accuntability" fr wrngding. Cntents [hide] 1 Administrative simplificatin prvisins 1.1 Privacy prvisin 1.2 HIPAA Electrnic Data Interchange (HIPAA/EDI) 1.3 Security prvisin 2 Legislative infrmatin 3 See als 4 External links

2 Administrative simplificatin prvisins The Administrative Simplificatin prvisins are nly applicable t "cvered entities", which include health care prviders (e.g. dctrs ffices and hspitals) which engage in electrnic transactins subject t the HIPAA/EDI rules belw, health plans (which includes health insurance cmpanies and emplyer-spnsred "grup health plans"), and health care clearinghuses. Privacy prvisin The HIPAA Privacy prvisin tk effect n April 14, 2003, with a ne-year extensin fr certain "small plans". Key privacy prvisins include: Individuals must be able t access their recrd and request crrectin f errrs Individuals must be infrmed f hw their persnal infrmatin will be used. Individuals "prtected health infrmatin" (r "PHI") cannt be used fr marketing purpses withut the explicit cnsent f the invlved individuals. Individuals can ask cvered entities which maintain PHI abut them t take reasnable steps t ensure that their cmmunicatins with the individual are cnfidential. Fr instance, an individual can ask t be called at his r her wrk number, instead f hme r cell phne number. Individuals can file frmal privacy-related cmplaints t the Department f Health and Human Services (HHS) Office fr Civil Rights. Cvered entities must dcument their privacy prcedures, but they have discretin n what t include in their privacy prcedure. Cvered entities must designate a privacy fficer and train their emplyees. Cvered entities may use an individual's infrmatin withut the individual's cnsent fr the purpses f prviding treatment, btaining payment fr services and perfrming the nn-treatment peratinal tasks f the prvider's business. HIPAA Electrnic Data Interchange (HIPAA/EDI) The HIPAA/EDI prvisin was scheduled t take effect Octber 16, 2003 with a neyear extensin fr certain "small plans"; hwever, due t widespread cnfusin and difficulty in implementing the rule, CMS granted a ne-year extensin t all parties. As f Octber 16, 2004, full implementatin was nt achieved and CMS began an penended "cntingency perid." Penalties fr nn-cmpliance were nt levied; hwever, all parties are expected t make a "gd-faith effrt" t cme int cmpliance.

3 CMS has annunced that the Medicare cntingency perid will end July 1, After July 1, mst medical prviders that file electrnically will have t file their electrnic claims using the HIPAA standards in rder t be paid. There are exceptins fr dctrs that meet certain criteria. Key EDI transactins are: 837: Medical claims with subtypes fr Prfessinal, Institutinal, and Dental varieties. 820: Payrll Deducted and Other Grup Premium Payment fr Insurance Prducts 834: Benefits enrllment and maintenance 835: Electrnic remittances 270/271: Eligibility inquiry and respnse 276/277: Claim status inquiry and respnse 278: Health Services Review request and reply These standards are X12 cmpliant, and are gruped under the label X12N. Implementatin Guides are available fr free frm the Washingtn Publishing Cmpany. Security prvisin The HIPAA Security prvisins tk effect April 20, 2005 with a ne-year extensin fr certain "small plans". The Security prvisin cmplements the Privacy prvisin. HIPAA defines three segments f security safeguards fr cmpliance: administrative, physical, and technical. Key prvisins are: Administrative Safeguards - plicies and prcedures designed t clearly shw hw the entity will cmply with the act Cvered entities (entities that must cmply with HIPAA requirements) must adpt a written set f privacy prcedures and designate a privacy fficer t be respnsible fr develping and implementing all required plicies and prcedures. The plicies and prcedures must reference management versight and rganizatinal buy-in t cmpliance with the dcumented security cntrls. Prcedures shuld clearly identify emplyees r classes f emplyees wh will have access t prtected health infrmatin (PHI). Access t PHI in all frms must be restricted t nly thse emplyees wh have a need fr it t cmplete their jb functin. The prcedures must address access authrizatin, establishment, mdificatin, and terminatin. Entities must shw that an apprpriate nging training prgram regarding the handling PHI is prvided t emplyees perfrming health plan administrative functins.

4 Cvered entities that ut-surce sme f their business prcesses t a third party must ensure that their vendrs als have a framewrk in place t cmply with HIPAA requirements. Cmpanies typically gain this assurance thrugh clauses in the cntracts stating that the vendr will meet the same data prtectin requirements that apply t the cvered entity. Care must be taken t determine if the vendr further ut-surces any data handling functins t ther vendrs and mnitr whether apprpriate cntracts and cntrls are in place. A cntingency plan shuld be in place fr respnding t emergencies. Cvered entities are respnsible fr backing up their data and having disaster recvery prcedures in place. The plan shuld dcument data pririty and failure analysis, testing activities, and change cntrl prcedures. Internal audits play a key rle in HIPAA cmpliance by reviewing peratins with the gal f identifying ptential security vilatins. Plicies and prcedures shuld specifically dcument the scpe, frequency, and prcedures f audits. Audits shuld be bth rutine and event-based. Prcedures shuld dcument instructins fr addressing and respnding t security breaches that are identified either during the audit r the nrmal curse f peratins. Physical Safeguards - cntrlling physical access t prtect against inapprpriate access t prtected data Respnsibility fr security must be assigned t a specific persn r department. This respnsibility includes the management and versight f data prtectin and persnnel cnduct with respect t data prtectin. Frequently, a Chief Security Officer psitin is established t fulfill this requirement. This psitin typically reprts t executive level management. Cntrls must gvern the intrductin and remval f hardware and sftware frm the netwrk. (When equipment is retired it must be dispsed f prperly t ensure that PHI is nt cmprmised.) Access t equipment cntaining health infrmatin shuld be carefully cntrlled and mnitred. Access t hardware and sftware must be limited t prperly authrized individuals. Required access cntrls cnsist f facility security plans, maintenance recrds, and visitr sign-in and escrts. Plicies are required t address prper wrkstatin use. Wrkstatins shuld be remved frm high traffic areas and mnitr screens shuld nt be in direct view f the public. If the cvered entities utilize cntractrs r agents, they t must be fully trained n their physical access respnsibilities. Technical Safeguards - cntrlling access t cmputer systems and enabling cvered entities t prtect cmmunicatins cntaining PHI transmitted

5 electrnically ver pen netwrks frm being intercepted by anyne ther than the intended recipient Infrmatin systems husing PHI must be prtected frm intrusin. When infrmatin flws ver pen netwrks, sme frm f encryptin must be utilized. If clsed systems/netwrks are utilized, existing access cntrls are cnsidered sufficient and encryptin is ptinal. Each cvered entity is respnsible fr ensuring that the data within its systems has nt been changed r erased in an unauthrized manner. Data crrbratin, including the use f check sum, duble-keying, message authenticatin, and digital signature may be used t ensure data integrity. Cvered entities must als authenticate entities it cmmunicates with. Authenticatin cnsists f crrbrating that an entity is wh it claims t be. Examples f crrbratin include: passwrd systems, tw r threeway handshakes, telephne callback, and tken systems. Cvered entities must make dcumentatin f their HIPAA practices available t the gvernment t determine cmpliance. In additin t plicies and prcedures and access recrds, infrmatin technlgy dcumentatin shuld als include a written recrd f all cnfiguratin settings n the cmpnents f the netwrk because these cmpnents are cmplex, cnfigurable, and always changing. Dcumented risk analysis and risk management prgrams are required. Cvered entities must carefully cnsider the risks f their peratins as they implement systems t cmply with the act. (The requirement f risk analysis and risk management implies that the act s security requirements are a minimum standard and places respnsibility n cvered entities t take all reasnable precautins necessary t prevent PHI frm being used fr nn-health purpses.) Legislative infrmatin Huse: 104 H.R. 3103, H. Rept , Pt. 1, H. Rept Senate: 104 S. 1028, 104 S. 1698, S. Rept Law: Pub. L , 110 Stat HHS Privacy Rule: 45 CFR 160, 45 CFR 164

GUIDANCE FOR BUSINESS ASSOCIATES

GUIDANCE FOR BUSINESS ASSOCIATES GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.

More information

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337 HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders

More information

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus

More information

HIPAA HITECH ACT Compliance, Review and Training Services

HIPAA HITECH ACT Compliance, Review and Training Services Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical

More information

HIPAA Notice of Privacy Practices. Central Ohio Surgical Associates, Inc.

HIPAA Notice of Privacy Practices. Central Ohio Surgical Associates, Inc. HIPAA Ntice f Privacy Practices Central Ohi Surgical Assciates, Inc. THIS NOTICE OF PRIVACY PRACTICES (THE NOTICE ) DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN

More information

Texas Woman's University University Policy Manual

Texas Woman's University University Policy Manual Texas Wman's University University Plicy Manual Plicy Name: Plicy Number: 6.06 Date Passed: July 2004 Health Insurance Prtability& Accuntability Act (HIPAA) Date Reviewed: September 2008 Next Review: September

More information

Data Protection Policy & Procedure

Data Protection Policy & Procedure Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015

More information

First Global Data Corp.

First Global Data Corp. First Glbal Data Crp. Privacy Plicy As f February 23, 2015 Ding business with First Glbal Data Crp. ("First Glbal", First Glbal Mney, "we" r "us", which includes First Glbal Data Crp. s subsidiary, First

More information

INTERNATIONAL STANDARD ON AUDITING 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT CONTENTS

INTERNATIONAL STANDARD ON AUDITING 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT CONTENTS INTERNATIONAL STANDARD ON AUDITING 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT (Effective fr audits f financial statements fr perids beginning n r

More information

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department

More information

Key Steps for Organizations in Responding to Privacy Breaches

Key Steps for Organizations in Responding to Privacy Breaches Key Steps fr Organizatins in Respnding t Privacy Breaches Purpse The purpse f this dcument is t prvide guidance t private sectr rganizatins, bth small and large, when a privacy breach ccurs. Organizatins

More information

Hampton Roads Orthopaedics & Sports Medicine. Notice of Privacy Practices

Hampton Roads Orthopaedics & Sports Medicine. Notice of Privacy Practices This is being prvided t yu as a requirement f the privacy regulatins issued under the Health Insurance Prtability and Accuntability Act f 1996 (HIPAA). This ntice describes hw HROSM may use and disclse

More information

2. Are there any restrictions on when the work can be performed (e.g. only at night, only during business hours, only on weekends)? No.

2. Are there any restrictions on when the work can be performed (e.g. only at night, only during business hours, only on weekends)? No. HIPAA Technical Risk Security Assessment 1. Will yu be issuing additinal directins fr the frmatting f the final prpsal due Nvember 21 st? There is nt specific frmatting requirements, just submit the prpsal

More information

NYU Langone Medical Center NYU Hospitals Center NYU School of Medicine

NYU Langone Medical Center NYU Hospitals Center NYU School of Medicine Title: Identity Theft Prgram Effective Date: July 2009 NYU Langne Medical Center NYU Hspitals Center NYU Schl f Medicine POLICY It is the plicy f the NYU Langne Medical Center t educate and train staff

More information

VCU Payment Card Policy

VCU Payment Card Policy VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this

More information

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the

More information

WHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy

WHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy WHAT YOU NEED TO KNOW ABOUT Prtecting yur Privacy YOUR PRIVACY IS OUR PRIORITY Credit unins have a histry f respecting the privacy f ur members and custmers. Yur Bard f Directrs has adpted the Credit Unin

More information

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER This Audit Cmmittee Charter has been amended as f July 17, 2015. The Audit Cmmittee shall review and reassess this Charter annually and recmmend

More information

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021 Multi-Year Accessibility Plicy and Plan fr NSF Canada and NSF Internatinal Strategic Registratins Canada Cmpany, 2014-2021 This 2014-21 accessibility plan utlines the plicies and actins that NSF Canada

More information

CMS Eligibility Requirements Checklist for MSSP ACO Participation

CMS Eligibility Requirements Checklist for MSSP ACO Participation ATTACHMENT 1 CMS Eligibility Requirements Checklist fr MSSP ACO Participatin 1. General Eligibility Requirements ACO participants wrk tgether t manage and crdinate care fr Medicare fee-fr-service beneficiaries.

More information

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network 2361/Page 1 f 6 Hillsbrugh Bard f Educatin Acceptable Use Plicy fr Using the Hillsbrugh Twnship Public Schls Netwrk It is the gal f the HTPS (Hillsbrugh Twnship Public Schls) Netwrk t prmte educatinal

More information

Audit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd

Audit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd Audit Cmmittee Charter St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd Versin 2.0, 22 February 2016 Apprver Bard f Directrs St Andrew

More information

Cloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013

Cloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013 Clud-based File Sharing: Privacy and Security Tutrial Institutinal Cmpliance Office July 2013 Patient Data in the Clud Prtecting patient privacy is ne f MD Andersn s greatest respnsibilities Technlgies

More information

Privacy and Security Training Policy (PS.Pol.051)

Privacy and Security Training Policy (PS.Pol.051) Privacy and Security Training Plicy (PS.Pl.051) Purpse T define the plicies and prcedures fr prviding privacy and security training in respect f the CnnectingGTA Slutin. Definitins Electrnic Service Prvider

More information

Guidelines for Custodians

Guidelines for Custodians Guidelines fr Custdians t assess cmpliance with the Persnal Health Infrmatin Privacy and Access Act (PHIPAA) This dcument is designed t help custdians evaluate readiness fr cmpliance with PHIPAA and t

More information

HIPAA 5010 Implementation FAQs for Health Care Professionals

HIPAA 5010 Implementation FAQs for Health Care Professionals HIPAA 5010 Implementatin FAQs fr Health Care Prfessinals Updated September 27, 2012 Key Messages In January 2009, the Department f Health and Human Services published the final rule cntaining the requirements

More information

Systems Support - Extended

Systems Support - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets

More information

Process of Setting up a New Merchant Account

Process of Setting up a New Merchant Account Prcess f Setting up a New Merchant Accunt Table f Cntents PCI DSS... 3 Wh t cntact?... 3 Bakcgrund n PCI... 3 Why cmply?... 3 Hw t cmply?... 3 PCI DSS Scpe... 4 Des PCI DSS Apply t Me?... 4 What if I am

More information

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant

More information

IT Help Desk Service Level Expectations Revised: 01/09/2012

IT Help Desk Service Level Expectations Revised: 01/09/2012 IT Help Desk Service Level Expectatins Revised: 01/09/2012 Overview The IT Help Desk team cnsists f six (6) full time emplyees and fifteen (15) part time student emplyees. This team prvides supprt fr 25,000+

More information

HIPAA Legislation - Key Provisions

HIPAA Legislation - Key Provisions HIPAA SECURITY, PRIVACY, AND THE NATIONAL PROVIDER IDENTIFIER Frederick Britten Frt Hays State University Carl Ann Raymnd The University f Gergia Outline HIPAA Review Enfrcement Update Natinal Prvider

More information

ERISA Compliance FAQs: Fiduciary Responsibilities

ERISA Compliance FAQs: Fiduciary Responsibilities Brught t yu by Mrris & Reynlds Insurance ERISA Cmpliance FAQs: Fiduciary Respnsibilities The Emplyee Retirement Incme Security Act f 1974 (ERISA) is a federal law that sets minimum standards fr emplyee

More information

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin

More information

FAYETTEVILLE STATE UNIVERSITY

FAYETTEVILLE STATE UNIVERSITY FAYETTEVILLE STATE UNIVERSITY IDENTITY THEFT PREVENTION (RED FLAGS RULE) Authrity: Categry: Issued by the Fayetteville State University Bard f Trustees. University-Wide Applies t: Administratrs Faculty

More information

Presentation: The Demise of SAS 70 - What s Next?

Presentation: The Demise of SAS 70 - What s Next? Presentatin: The Demise f SAS 70 - What s Next? September 15, 2011 1 Presenters: Jeffrey Ziplw - Partner BlumShapir Jennifer Gerasimv Senir Manager Delitte. SAS 70 Backgrund and Overview Purpse f a SAS

More information

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply Sectin 1 General Infrmatin RFR Number: (Reference BPO Number) Functinal Area (Enter One Only) F50B3400026 7 Infrmatin System Security Labr Categry A single supprt resurce may be engaged fr a perid nt t

More information

Sources of Federal Government and Employee Information

Sources of Federal Government and Employee Information Inf Surce Surces f Federal Gvernment and Emplyee Infrmatin Ridley Terminals Inc. TABLE OF CONTENTS General Infrmatin Intrductin t Inf Surce Backgrund Respnsibilities Institutinal Functins, Prgram and Activities

More information

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer RUTGERS POLICY Sectin: 70.1.1 Sectin Title: Infrmatin Technlgy Plicy Name: Acceptable Use Plicy fr Infrmatin Technlgy Resurces Frmerly Bk: N/A Apprval Authrity: Senir Vice President fr Administratin Respnsible

More information

Help Desk Level Competencies

Help Desk Level Competencies Help Desk Level Cmpetencies Level 1 Take user calls and manage truble tickets Ability t staff and manage the rganizatins helpdesk and effectively respnd t rutine custmer calls Ability t use prper grammar

More information

Plus500CY Ltd. Statement on Privacy and Cookie Policy

Plus500CY Ltd. Statement on Privacy and Cookie Policy Plus500CY Ltd. Statement n Privacy and Ckie Plicy Statement n Privacy and Ckie Plicy This website is perated by Plus500CY Ltd. ("we, us r ur"). It is ur plicy t respect the cnfidentiality f infrmatin and

More information

Information Security Incident Response Plan

Information Security Incident Response Plan Infrmatin Security Incident Respnse Plan Agency: Date: Cntact: 1 TABLE OF CONTENTS Intrductin... 3 Authrity... 4 Terms and Definitins... 4 Rles and Respnsibilities... 5 Prgram... 6 Educatin and Awareness...

More information

Woodstock Multimedia, INC. Software/Hardware Usage Policy

Woodstock Multimedia, INC. Software/Hardware Usage Policy Wdstck Multimedia, INC. Sftware/Hardware Usage Plicy POLICY PURPOSE The purpse f the Wdstck Multimedia, INC. Sftware / Hardware Usage Plicy is t ensure that Wdstck Multimedia, INC. emplyees are prperly

More information

FINANCIAL SERVICES FLASH REPORT

FINANCIAL SERVICES FLASH REPORT FINANCIAL SERVICES FLASH REPORT Draft Regulatry Cmpliance Management Guideline Released by the Office f the Superintendent f Financial Institutins May 5, 2014 On April 30, 2014, the Office f the Superintendent

More information

POLISH STANDARDS ON HEALTH AND SAFETY AS A TOOL FOR IMPLEMENTING REQUIREMENTS OF THE EUROPEAN DIRECTIVES INTO THE PRACTICE OF ENTERPRISES

POLISH STANDARDS ON HEALTH AND SAFETY AS A TOOL FOR IMPLEMENTING REQUIREMENTS OF THE EUROPEAN DIRECTIVES INTO THE PRACTICE OF ENTERPRISES POLISH STANDARDS ON HEALTH AND SAFETY AS A TOOL FOR IMPLEMENTING REQUIREMENTS OF THE EUROPEAN DIRECTIVES INTO THE PRACTICE OF ENTERPRISES M. PĘCIŁŁO Central Institute fr Labur Prtectin ul. Czerniakwska

More information

TrustED Briefing Series:

TrustED Briefing Series: TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers

More information

CLAIMS Section 6. Overview. Timely Claims Submission. Clean Claim. Prompt Payment. Claim Submission Format

CLAIMS Section 6. Overview. Timely Claims Submission. Clean Claim. Prompt Payment. Claim Submission Format Overview The Claims department partners with the Prvider Relatins, Health Services and Custmer Service departments t assist prviders with any claim-related questins. The fcus f the Claims department is

More information

Notice of Protection Provided by Utah Life and Health Insurance Guaranty Association

Notice of Protection Provided by Utah Life and Health Insurance Guaranty Association Ntice f Prtectin Prvided by Utah Life and Health Insurance Guaranty Assciatin This ntice prvides a brief summary f the Utah Life and Health Insurance Guaranty Assciatin ("the Assciatin") and the prtectin

More information

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010 OntariMD Inc. Electrnic Medical Recrds SPECIFICATION Hspital Reprt Manager Cnnectivity Requirements DRAFT Date: September 30, 2010 Versin: 1.0 2007-2010 OntariMD Inc. All rights reserved HRM EMR Cnnectivity

More information

COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE

COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE Mst dealers are familiar with the requirements f the Gramm-Leach-Bliley Act

More information

Creating an Ethical Culture and Protecting Your Bottom Line:

Creating an Ethical Culture and Protecting Your Bottom Line: Creating an Ethical Culture and Prtecting Yur Bttm Line: Best Practices fr Crprate Cdes f Cnduct Nte: The infrmatin belw and all infrmatin n this website is nt meant t be taken as legal advice. Please

More information

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy. Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive

More information

ICD-10 Frequently Asked Questions: (resource CMS website)

ICD-10 Frequently Asked Questions: (resource CMS website) ICD-10 Frequently Asked Questins: (resurce CMS website) 1. Will ICD-9-CM cdes be accepted n claims with FROM dates f service r dates f discharge/through dates n r after Octber 1, 2015? N. ICD-9-CM cdes

More information

Project Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES

Project Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES Prject Open Hand Atlanta Effective Date: April 14, 2003 Health Insurance Prtability and Accuntability Act (HIPAA) The Health Insurance Prtability and Accuntability Act f 1996 (HIPAA) directs health care

More information

Audit Committee Charter

Audit Committee Charter Audit Cmmittee Charter Membership The Audit Cmmittee (the "Cmmittee") f the Bard f Directrs (the "Bard") f Philip Mrris Internatinal Inc. (the "Cmpany") shall cnsist f at least three directrs all f whm

More information

Frequently Asked Questions About I-9 Compliance

Frequently Asked Questions About I-9 Compliance Frequently Asked Questins Abut I-9 Cmpliance What is required t verify wrk authrizatin? The basic requirement t verify wrk authrizatin is the Frm I-9. This frm is available n the HR website: http://www.fit.edu/hr/dcuments/frms/i-9.pdf

More information

Research Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012

Research Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012 Research Reprt Abstract: The Emerging Intersectin Between Big Data and Security Analytics By Jn Oltsik, Senir Principal Analyst With Jennifer Gahm Nvember 2012 2012 by The Enterprise Strategy Grup, Inc.

More information

Coordinating Dual Eligibles Medicare and Medicaid Managed Medical Assistance Benefits

Coordinating Dual Eligibles Medicare and Medicaid Managed Medical Assistance Benefits Crdinating Dual Eligibles Medicare and Medicaid Managed Medical Assistance Benefits Medicare beneficiaries wh have limited incme and resurces may get help paying fr their Medicare premiums and ut-f-pcket

More information

PADUA COLLEGE LIMITED ACN 072 693 700 ABN 20 072 693 700

PADUA COLLEGE LIMITED ACN 072 693 700 ABN 20 072 693 700 PADUA COLLEGE LIMITED ACN 072 693 700 ABN 20 072 693 700 Plicy Title Versin Number Date Issued Critical Incident Management Plicy 2.0 Nvember 2007 Reviewed April 2010 June 2015 Definitin Critical incidents

More information

IN-HOUSE OR OUTSOURCED BILLING

IN-HOUSE OR OUTSOURCED BILLING IN-HOUSE OR OUTSOURCED BILLING Medical billing is ne f the mst cmplicated aspects f running a medical practice. With thusands f pssible cdes fr diagnses and prcedures, and multiple payers, the ability

More information

DisplayNote Technologies Limited Data Protection Policy July 2014

DisplayNote Technologies Limited Data Protection Policy July 2014 DisplayNte Technlgies Limited Data Prtectin Plicy July 2014 1. Intrductin This dcument sets ut the bligatins f DisplayNte Technlgies Limited ( the Cmpany ) with regard t data prtectin and the rights f

More information

A96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015

A96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries Revisin 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries TABLE OF CONTENTS TABLE OF CONTENTS... 1 CALA POLICY

More information

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014 State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)

More information

Stark Safe Harbor and Anti-Kickback Statute Exception. E-Prescribing and Electronic health Records Systems

Stark Safe Harbor and Anti-Kickback Statute Exception. E-Prescribing and Electronic health Records Systems Stark Safe Harbr and Anti-Kickback Statute Exceptin E-Prescribing and Electrnic health Recrds Systems Prpsed Rules fr Dnatin t Physicians and Prescribers August 3, 2006 Executive Summary The fllwing summarizes

More information

Malpractice and Maladministration Policy

Malpractice and Maladministration Policy TR340 Malpractice and Maladministratin Plicy This plicy aims t: Define malpractice and maladministratin in the cntext f CIM/CAM studying members, Accredited study centres (ASCs), examinatin centres, invigilatrs

More information

General Records Authority 33. Accredited Training

General Records Authority 33. Accredited Training General Recrds Authrity 33 2012/00579704 Accredited Training February 2013 This is an accurate reprductin f the authrised recrds authrity cntent, created fr accessibility purpses CONTENTS INTRODUCTION

More information

Wire Transfer Request

Wire Transfer Request Wire Transfer Request Requirements and Instructins OFFICE OF DISBURSEMENTS Categry: Dcument Name: Payment Prcessing Wire Transfer Request - Requirements and Instructins Respnsible Department: Office f

More information

New York Institute of Technology Faculty and Staff Email Retention Policy

New York Institute of Technology Faculty and Staff Email Retention Policy New Yrk Institute f Technlgy Faculty and Staff Email Retentin Plicy Nvember 2013 I. PURPOSE As electrnic mail (email) has becme the primary frm f cmmunicatin at NYIT and thrughut the wrld, the vlume f

More information

Chapter 7 Business Continuity and Risk Management

Chapter 7 Business Continuity and Risk Management Chapter 7 Business Cntinuity and Risk Management Sectin 01 Business Cntinuity Management 070101 Initiating the Business Cntinuity Plan (BCP) Purpse: T establish the apprpriate level f business cntinuity

More information

Personal Data Security Breach Management Policy

Personal Data Security Breach Management Policy Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner

More information

GOVERNORS PHARMACY HIPAA NOTICE OF PRIVACY PRACTICES For Your Protected Health Information

GOVERNORS PHARMACY HIPAA NOTICE OF PRIVACY PRACTICES For Your Protected Health Information GOVERNORS PHARMACY HIPAA NOTICE OF PRIVACY PRACTICES Fr Yur Prtected Health Infrmatin THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS

More information

ensure that all users understand how mobile phones supplied by the council should and should not be used.

ensure that all users understand how mobile phones supplied by the council should and should not be used. Mbile Phne Plicy & Guidance Intrductin This plicy is designed t safeguard bth the cuncil and users f mbile phnes supplied by Angus Cuncil. It aims t ensure that these are used effectively, fr their intended

More information

Research Report. Abstract: Advanced Malware Detection and Protection Trends. September 2013

Research Report. Abstract: Advanced Malware Detection and Protection Trends. September 2013 Research Reprt Abstract: Advanced Malware Detectin and Prtectin Trends By Jn Oltsik, Senir Principal Analyst With Jennifer Gahm, Senir Prject Manager September 2013 2013 by The Enterprise Strategy Grup,

More information

Information Services Hosting Arrangements

Information Services Hosting Arrangements Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based

More information

Enterprise Security Management CIS 259

Enterprise Security Management CIS 259 Enterprise Security Management CIS 259 Prerequisites CIS 175 Descriptin This curse is designed t cver the managerial aspects f cmputer security and risk management fr enterprises. The student will attain

More information

Scotiabank Group Privacy Agreement

Scotiabank Group Privacy Agreement Sctiabank Grup Privacy Agreement Last revised Octber 2010 Yur privacy is imprtant t Sctiabank. This Agreement sets ut the infrmatin practices fr Sctiabank Grup Members in Canada, including what type f

More information

Care Plan Oversight. Home Health Certification. July 23, 2014. Agenda

Care Plan Oversight. Home Health Certification. July 23, 2014. Agenda Care Plan Oversight Hme Health Certificatin July 23, 2014 Agenda Care Plan Oversight Why We Are Prviding the Educatin Prcedure cdes Descriptin f Services Wh Can Perfrm Frequency f Services Face-t-Face

More information

Planning & Delivering Safe Work Railway Contractors Certificate Non Training Services v1.2. Keith Miller & Rebecca Pears

Planning & Delivering Safe Work Railway Contractors Certificate Non Training Services v1.2. Keith Miller & Rebecca Pears Planning & Delivering Safe Wrk Railway Cntractrs Certificate Nn Training Services v1.2 Keith Miller & Rebecca Pears Planning & Delivering Safe Wrk Backgrund / Histry Intrductin f Safe Wrk Leader Intrductin

More information

Consumer ebanking Account and Services Agreement

Consumer ebanking Account and Services Agreement Cnsumer ebanking Accunt and Services Agreement Intrductin: As used in this agreement, the wrds yu and yur refer t the accunt hlder(s) and the wrds Bank, us, and we refer t CnnectOne Bank. Cnsumer ebanking:

More information

VALLEYVIEW AUTOMATED PAYROLL SYSTEM

VALLEYVIEW AUTOMATED PAYROLL SYSTEM VALLEYVIEW AUTOMATED PAYROLL SYSTEM ValleyView has purchased and custmised an autmated system t manage their payrll. This system is knwn as ValleyView Autmated Payrll System (VAPS). VAPS is used t recrd

More information

Environmental, Health & Safety Management System (EMS) Documents and Records Management Procedure

Environmental, Health & Safety Management System (EMS) Documents and Records Management Procedure Envirnmental, Health & Safety Management System (EMS) Dcument N.: 01005 Revisin N.: 10 Dcuments and Recrds Management Prcedure Revised: 03/06/2015 Reviewed: 01/26/2015 Prepared By: Liske, Kurt Apprved

More information

Virtual Meetings and Virtual Teams Using Technology to Work Smarter

Virtual Meetings and Virtual Teams Using Technology to Work Smarter http://www.psu.edu/president/pia/innvatin/ INNOVATION INSIGHT SERIES NUMBER 9 Virtual Meetings and Virtual Teams Using Technlgy t Wrk Smarter Yu need t have a meeting. Sme f the peple yu d like t include

More information

Session 9 : Information Security and Risk

Session 9 : Information Security and Risk INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin

More information

Support Services. v1.19 / 2015-07-02

Support Services. v1.19 / 2015-07-02 Supprt Services v1.19 / 2015-07-02 Intrductin - Table f Cntents 1 Intrductin... 3 2 Definitins... 4 3 Supprt Prgram Feature Overview... 5 4 SLA fr the Supprt Services... 6 4.1 Standard Supprt... 6 4.2

More information

0820.02 Workers Disability Compensation Claims Procedures Issued: January 1, 1994 Revised: March 29, 2012

0820.02 Workers Disability Compensation Claims Procedures Issued: January 1, 1994 Revised: March 29, 2012 State f Michigan Administrative Guide t State Gvernment 0820.02 Wrkers Disability Cmpensatin Claims Prcedures Issued: January 1, 1994 Revised: March 29, 2012 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY:

More information

FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT

FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT If using US Pstal Service, please return t: Califrnia Student Aid Cmmissin Prgram Administratin & Services Divisin ATTN: Institutinal Supprt P.O. Bx 419028

More information

The Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future

The Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future The Imprtance Advanced Data Cllectin System Maintenance Berry Drijsen Glbal Service Business Manager WHITE PAPER knwledge t shape yur future The Imprtance Advanced Data Cllectin System Maintenance Cntents

More information

FINANCIAL OPTIONS. 2. For non-insured patients, payment is due on the day of service.

FINANCIAL OPTIONS. 2. For non-insured patients, payment is due on the day of service. FINANCIAL OPTIONS 1. Fr thse patients wh carry dental insurance, all c-payments are due n date f service. We will file yur claim as a service t yu, and will d ur very best t maximize yur benefits. We accept

More information

Felician College. Computer Use Policy. Office of Information Technology 262 South Main St Lodi, NJ 07644-2117

Felician College. Computer Use Policy. Office of Information Technology 262 South Main St Lodi, NJ 07644-2117 Felician Cllege Office f Infrmatin Technlgy 262 Suth Main St Ldi, NJ 07644-2117 Cmputer Use Plicy Intrductin - In supprt f Felician Cllege's missin f teaching and public service, the Infrmatin Technlgy

More information

Christchurch Polytechnic Institute of Technology Access Control Security Standard

Christchurch Polytechnic Institute of Technology Access Control Security Standard CPIT Crprate Services Divisin: ICT Christchurch Plytechnic Institute f Technlgy Access Cntrl Security Standard Crprate Plicies & Prcedures Sectin 1: General Administratin Dcument CPP121a Principles Infrmatin

More information

CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT

CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT Plicy Number: 2.20 1. Authrity Lcal Gvernment Act 2009 Lcal Gvernment Regulatin 2012 AS/NZS ISO 31000-2009 Risk Management Principles

More information

Information Security Policy

Information Security Policy Purpse The risk t Charlestn Suthern University, its emplyees and students frm data lss and identity theft is f significant cncern t the University and can be reduced nly thrugh the cmbined effrts f every

More information

REQUEST FOR PROPOSAL SECURITY SERVICES

REQUEST FOR PROPOSAL SECURITY SERVICES REQUEST FOR PROPOSAL SECURITY SERVICES Sectin I INTRODUCTION [Cmpany] is seeking prpsals frm qualified Cntractrs t prvide unifrmed security service fr [Cmpany] facilities at [Lcatin(s)]. This dcument is

More information

Summary of Arrangements Conducted under the Medicare ACO Participation Waiver

Summary of Arrangements Conducted under the Medicare ACO Participation Waiver Summary f Arrangements Cnducted under the Medicare ACO Participatin Waiver Last Updated: January 1, 2015 1. EHR Subsidy Arrangements (2013 2015). Effective August 14, 2013, the Jhn Muir Physician Netwrk

More information

Employees - recruitment, records and monitoring

Employees - recruitment, records and monitoring Emplyees - recruitment, recrds and mnitring This guidance has been prduced t help rganisatins cmply with the Data Prtectin Act (DPA) when recruiting and emplying wrkers. It is relevant t public sectr emplyers,

More information

We will record and prepare documents based off the information presented

We will record and prepare documents based off the information presented Dear Client: We appreciate the pprtunity f wrking with yu regarding yur Payrll needs. T ensure a cmplete understanding between us, we are setting frth the pertinent infrmatin abut the services that we

More information

The chief executive officer and the chief finance officer are ex-officio members of the board.

The chief executive officer and the chief finance officer are ex-officio members of the board. DATATEC LIMITED BOARD CHARTER / TERMS OF REFERENCE 1. CONSTITUTION The primary bjective f the Cmpany s Bard Charter is t set ut the rle and respnsibilities f the Bard f Directrs ( the Bard ) as well as

More information

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF UPLAND SOFTWARE, INC.

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF UPLAND SOFTWARE, INC. CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF UPLAND SOFTWARE, INC. PURPOSE The purpse f the Cmpensatin Cmmittee f the Bard f Directrs (the Bard ) f Upland Sftware, Inc. (the Cmpany

More information

Online Banking Agreement

Online Banking Agreement Online Banking Agreement 1. General This Online Banking Agreement, which may be amended frm time t time by us (this "Agreement"), fr accessing yur Clrad Federal Savings Bank accunt(s) via the Internet

More information

Privacy Breach and Complaint Protocol

Privacy Breach and Complaint Protocol Privacy Breach and Cmplaint Prtcl Effective: December 31, 2012 Apprved by: Le McKenna, CFO 1.0 General Privacy breaches and privacy cmplaints will be handled in accrdance with this prtcl. This prtcl is

More information