Privacy and Security Training Policy (PS.Pol.051)

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Privacy and Security Training Policy (PS.Pol.051)"

Transcription

1 Privacy and Security Training Plicy (PS.Pl.051) Purpse T define the plicies and prcedures fr prviding privacy and security training in respect f the CnnectingGTA Slutin. Definitins Electrnic Service Prvider A persn wh prvides gds r services fr the purpse f enabling a HIC t use electrnic means t cllect, use, mdify, disclse, retain r dispse f persnal health infrmatin (PHI), and includes a health infrmatin netwrk prvider. Privacy Breach Privacy breach has the same meaning as in the Privacy Breach Management Plicy and its assciated prcedures, as amended frm time t time. Scpe This plicy and its assciated prcedures apply t the prvisin f privacy and security training t health infrmatin custdians (HICs), CnnectingGTA and agents and Electrnic Service Prviders f HICs and CnnectingGTA in respect f the CnnectingGTA Slutin. This plicy and its assciated prcedures d nt apply t privacy and security training: In respect f any ther system ther than the CnnectingGTA Slutin; In respect f any ther infrmatin ther than PHI in the CnnectingGTA Slutin; T any agents f HICs wh d nt cllect, use r disclse PHI in the CnnectingGTA Slutin; T any Electrnic Service Prviders f HICs wh d nt view, handle r therwise deal with PHI in the CnnectingGTA Slutin; r T any agents r Electrnic Service Prviders f CnnectingGTA wh d nt view, handle r therwise deal with PHI in the CnnectingGTA Slutin. This plicy and its assciated prcedures als d nt apply t basic privacy and security training, als knwn as privacy and security awareness training. CnnectingGTA Privacy and Security Training Plicy (PS.Pl.051), v11 Nvember 22, 2013 Page 1

2 Plicies and Prcedures 1. Guiding Plicies 1.1. PHIPA requires a HIC that is nt a natural persn t designate a cntact persn t facilitate the HIC s cmpliance with the Persnal Health Infrmatin Prtectin Act, 2004 (PHIPA) and t ensure that all agents f the HIC are apprpriately infrmed f their duties under PHIPA PHIPA permits a HIC that is a natural persn t designate a cntact persn t facilitate the HIC s cmpliance with PHIPA and t ensure that all agents f the HIC are apprpriately infrmed f their duties under PHIPA. Where a HIC that is a natural persn des nt designate a cntact persn t perfrm these functins, the HIC is required t perfrm these functins n his r her wn PHIPA requires CnnectingGTA t ensure that thse acting n its behalf agree t cmply with cnditins and restrictins necessary t enable CnnectingGTA t cmply with PHIPA HICs and CnnectingGTA shall have in place and maintain plicies, prcedures and practices in respect f privacy and security that cmply with PHIPA and prvide training t their agents and electrnic service prviders n the plicies, prcedures and practices as required by PHIPA HICs and CnnectingGTA shall take steps that are reasnable in the circumstances t ensure their agents and Electrnic Service Prviders cmply with PHIPA and this plicy and its assciated prcedures. 2. Prcedures Related t Creating Privacy and Security Training Materials 2.1. CnnectingGTA shall develp and distribute privacy and security training materials t enable HICs and CnnectingGTA t train their agents and Electrnic Service Prviders wh cllect, use and disclse PHI in the CnnectingGTA Slutin r wh view, handle r therwise deal with PHI in the CnnectingGTA Slutin, as the case may be, n their privacy and security duties and bligatins CnnectingGTA shall ensure that the privacy and security training materials are rle-based t enable HICs and agents and Electrnic Service Prviders f HICs and CnnectingGTA t understand hw t meet their duties and bligatins in respect f the CnnectingGTA Slutin in their day-t-day peratins At a minimum, the privacy and security training materials shall address the requirements described in paragraph 5.1.CnnectingGTA will review and refresh the privacy and security training materials every tw years r earlier in circumstances where amendments t the privacy and security plicies, prcedures and practices will impact the duties and bligatins f HICs, CnnectingGTA and/r their agents and Electrnic Service Prviders in respect f the CnnectingGTA Slutin. 3. Prcedures Related t Delivering Privacy and Security Training 3.1. HICs shall ensure that all their agents and Electrnic Service Prviders, ther than CnnectingGTA and agents r Electrnic Service Prviders t CnnectingGTA, are apprpriately infrmed f their relevant duties under PHIPA and the CnnectingGTA privacy and security plicies, prcedures and practices, prir t permitting the agents and Electrnic Service Prviders t cllect, use r disclse PHI in the CnnectingGTA Slutin r t view, handle r therwise deal with PHI in the CnnectingGTA Slutin, as the case may be CnnectingGTA shall ensure that all its agents and Electrnic Service Prviders are apprpriately infrmed f their relevant duties under PHIPA and the CnnectingGTA privacy and security plicies, prcedures and practices, prir t permitting its agents and Electrnic Service Prviders CnnectingGTA Privacy and Security Training Plicy (PS.Pl.051), v11 Nvember 22, 2013 Page 2

3 t view, handle r therwise deal with PHI in the CnnectingGTA Slutin HICs and CnnectingGTA shall nt permit their agents and Electrnic Service Prviders t cntinue t cllect, use r disclse PHI in the CnnectingGTA Slutin r t cntinue t view, handle r therwise deal with PHI in the CnnectingGTA Slutin, as the case may be, unless the agent r Electrnic Service Prvider has been apprpriately infrmed f its relevant duties under PHIPA and the CnnectingGTA privacy and security plicies, prcedures and practices When infrming their agents and Electrnic Service Prviders f their duties under PHIPA and the CnnectingGTA privacy and security plicies, prcedures, and practices, HICs and CnnectingGTA shall ensure that the agent r Electrnic Service Prvider is infrmed, if relevant t their day-t-day duties, f the infrmatin described in paragraph HICs and CnnectingGTA shall impse cnsequences n agents and Electrnic Service Prviders wh d nt understand their relevant duties under PHIPA and the CnnectingGTA privacy and security plicies, prcedures, and practices HICs and CnnectingGTA shall be able t demnstrate with evidence that their agents and Electrnic Service Prviders understand their relevant duties under PHIPA and the CnnectingGTA privacy and security plicies, prcedures, and practices. 4. Prcedures Related t End User Agreements 4.1. CnnectingGTA shall ensure that the CnnectingGTA Slutin requires HICs as well as agents and Electrnic Service Prviders f HICs and CnnectingGTA t acknwledge and agree t cmply with the duties and bligatins in the end user agreement prir t cllecting, using r disclsing PHI in the CnnectingGTA Slutin r prir t viewing, handling r therwise dealing with PHI in the CnnectingGTA Slutin, as the case may be, and at a minimum, every tw years thereafter CnnectingGTA shall ensure that the CnnectingGTA Slutin des nt permit agents and Electrnic Service Prviders f HICs and CnnectingGTA t cllect, use r disclse PHI in the CnnectingGTA Slutin r t view, handle r therwise deal with PHI in the CnnectingGTA Slutin, as the case may be, unless the agent r Electrnic Service Prvider has acknwledged and agreed t cmply with the duties and bligatins in the annual end user agreement CnnectingGTA shall develp and implement an end user agreement that, at a minimum: Sets ut the purpses fr which HICs and agents and Electrnic Service Prviders f HICs are permitted t cllect, use r disclse PHI in the CnnectingGTA Slutin r t view, handle r therwise deal with PHI in the CnnectingGTA Slutin, as the case may be; Sets ut the purpses fr which agents and Electrnic Service Prviders f CnnectingGTA are permitted t view, handle r therwise deal with PHI in the CnnectingGTA Slutin; Requires HICs and agents and Electrnic Service Prviders f HICs and CnnectingGTA t acknwledge that they have read, understd and agreed t cmply with the privacy and security plicies, prcedures and practices in respect f the CnnectingGTA Slutin; Requires HICs and agents and Electrnic Service Prviders f HICs and CnnectingGTA t agree t cmply with PHIPA; Requires HICs and agents and Electrnic Service Prviders f HICs and CnnectingGTA t implement the administrative, technical and physical safeguards set ut in the end user agreement t prtect PHI in the CnnectingGTA Slutin; Requires HICs and agents and Electrnic Service Prviders f HICs and CnnectingGTA t prvide ntificatin in accrdance with the Privacy Breach Management Plicy and its assciated prcedures, as amended frm time t time, if they believe that an actual r CnnectingGTA Privacy and Security Training Plicy (PS.Pl.051), v11 Nvember 22, 2013 Page 3

4 suspected Privacy Breach has ccurred r is abut t ccur in respect f the CnnectingGTA Slutin; and Sets ut the cnsequences f breach f the end user agreement. 5. Training Cntent 5.1. The cntent fr training shall include the fllwing infrmatin if the rle f the agent r Electrnic Service Prvider requires it: The nature f PHI that is retained in the CnnectingGTA Slutin; The status under PHIPA f CnnectingGTA and ther rganizatins participating in the CnnectingGTA Slutin and the duties and bligatins arising frm this status; All f the permitted and knwn purpses fr which HICs and their agents and Electrnic Service Prviders are permitted t cllect, use and disclse PHI in the CnnectingGTA Slutin r t view, handle r therwise deal with PHI in the CnnectingGTA Slutin, as the case may be, and the limitatins placed theren; The authrity fr the cllectin, use and disclsure f PHI in the CnnectingGTA Slutin r the viewing, handling r dealing with PHI in the CnnectingGTA Slutin, as the case may be, by HICs and their agents and Electrnic Service Prviders; The purpses fr which PHI in the CnnectingGTA Slutin is permitted t be viewed, handled r therwise dealt with by CnnectingGTA and its agents and Electrnic Service Prviders and the limitatins placed theren; The authrity fr viewing, handling r dealing with PHI in the CnnectingGTA Slutin by CnnectingGTA and its agents and Electrnic Service Prviders; The prcesses r materials available t HICs and their agents t ensure that cnsent is knwledgeable; An verview f the privacy and security plicies, prcedures and practices that have been implemented in respect f the CnnectingGTA Slutin and the duties and bligatins f HICs and agents and Electrnic Service Prviders f HICs and CnnectingGTA arising frm these plicies, prcedures and practices; The cnsequences f breach f the privacy and security plicies, prcedures and practices implemented in respect f the CnnectingGTA Slutin; The administrative, technical and physical safeguards put in place t prtect PHI in the CnnectingGTA Slutin against theft, lss and unauthrized use r disclsure and t prtect recrds f PHI in the CnnectingGTA Slutin frm unauthrized cpying, mdificatin r dispsal; The duties and bligatins f HICs and agents and Electrnic Service Prviders f HICs and CnnectingGTA in implementing the administrative, technical and physical safeguards; The end-user agreement that HICs and agents and Electrnic Service Prviders f HICs and CnnectingGTA must acknwledge and agree t cmply with; and The duties and bligatins f HICs and agents and Electrnic Service Prviders f HICs and CnnectingGTA with respect t identifying, reprting, cntaining and participating in the investigatin and remediatin f Privacy Breaches and Security Breaches. CnnectingGTA Privacy and Security Training Plicy (PS.Pl.051), v11 Nvember 22, 2013 Page 4

5 Enfrcement All instances f nn-cmpliance will be reviewed by the Privacy and Security Cmmittee wh will recmmend apprpriate actin t the CnnectingGTA Steering Cmmittee. The CnnectingGTA Steering Cmmittee has the authrity t impse apprpriate penalties, up t and including terminatin f the Participatin Agreement with the HIC r terminatin f the access privileges f agents, and t require the implementatin f remedial actins. References 1. Legislative PHIPA, ss. 10, 15 and 17 and Part V.1 PHIPA, Reg. 329/04, s. 6 Dcument Management Plicy Number PS.Pl.051 Versin 11 Versin Histry V11 Plicy structure refreshed and increased level f prcedural detail added V10 Initial release Effective Date LPR G-live Last Review Date Nvember 22, 2013 Next Review Date Annually r therwise established by PSC CnnectingGTA Privacy and Security Training Plicy (PS.Pl.051), v11 Nvember 22, 2013 Page 5

6 CnnectingGTA Privacy and Security Training Plicy (PS.Pl.051), v11 Nvember 22, 2013 Page 6

Personal Data Security Breach Management Policy

Personal Data Security Breach Management Policy Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner

More information

Texas Woman's University University Policy Manual

Texas Woman's University University Policy Manual Texas Wman's University University Plicy Manual Plicy Name: Plicy Number: 6.06 Date Passed: July 2004 Health Insurance Prtability& Accuntability Act (HIPAA) Date Reviewed: September 2008 Next Review: September

More information

GUIDANCE FOR BUSINESS ASSOCIATES

GUIDANCE FOR BUSINESS ASSOCIATES GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.

More information

Key Steps for Organizations in Responding to Privacy Breaches

Key Steps for Organizations in Responding to Privacy Breaches Key Steps fr Organizatins in Respnding t Privacy Breaches Purpse The purpse f this dcument is t prvide guidance t private sectr rganizatins, bth small and large, when a privacy breach ccurs. Organizatins

More information

Guidelines for Custodians

Guidelines for Custodians Guidelines fr Custdians t assess cmpliance with the Persnal Health Infrmatin Privacy and Access Act (PHIPAA) This dcument is designed t help custdians evaluate readiness fr cmpliance with PHIPAA and t

More information

Process for Responding to Privacy Breaches

Process for Responding to Privacy Breaches Prcess fr Respnding t Privacy Breaches 1. Purpse 1.1 This dcument sets ut the steps that ministries must fllw when respnding t a privacy breach. It must be read in cnjunctin with the Infrmatin Incident

More information

WHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy

WHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy WHAT YOU NEED TO KNOW ABOUT Prtecting yur Privacy YOUR PRIVACY IS OUR PRIORITY Credit unins have a histry f respecting the privacy f ur members and custmers. Yur Bard f Directrs has adpted the Credit Unin

More information

Plus500CY Ltd. Statement on Privacy and Cookie Policy

Plus500CY Ltd. Statement on Privacy and Cookie Policy Plus500CY Ltd. Statement n Privacy and Ckie Plicy Statement n Privacy and Ckie Plicy This website is perated by Plus500CY Ltd. ("we, us r ur"). It is ur plicy t respect the cnfidentiality f infrmatin and

More information

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy. Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive

More information

DisplayNote Technologies Limited Data Protection Policy July 2014

DisplayNote Technologies Limited Data Protection Policy July 2014 DisplayNte Technlgies Limited Data Prtectin Plicy July 2014 1. Intrductin This dcument sets ut the bligatins f DisplayNte Technlgies Limited ( the Cmpany ) with regard t data prtectin and the rights f

More information

VCU Payment Card Policy

VCU Payment Card Policy VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this

More information

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant

More information

HIPAA Notice of Privacy Practices. Central Ohio Surgical Associates, Inc.

HIPAA Notice of Privacy Practices. Central Ohio Surgical Associates, Inc. HIPAA Ntice f Privacy Practices Central Ohi Surgical Assciates, Inc. THIS NOTICE OF PRIVACY PRACTICES (THE NOTICE ) DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN

More information

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337 HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders

More information

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin

More information

FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT

FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT If using US Pstal Service, please return t: Califrnia Student Aid Cmmissin Prgram Administratin & Services Divisin ATTN: Institutinal Supprt P.O. Bx 419028

More information

Data Protection Policy & Procedure

Data Protection Policy & Procedure Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015

More information

Project Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES

Project Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES Prject Open Hand Atlanta Effective Date: April 14, 2003 Health Insurance Prtability and Accuntability Act (HIPAA) The Health Insurance Prtability and Accuntability Act f 1996 (HIPAA) directs health care

More information

RATIONALE TERMS OF REFERENCE FOR THE QUALITY COMMITTEE UNDER THE EXCELLENT CARE FOR ALL ACT. Authority

RATIONALE TERMS OF REFERENCE FOR THE QUALITY COMMITTEE UNDER THE EXCELLENT CARE FOR ALL ACT. Authority RATIONALE With the intrductin f the Excellent Care fr All Act, hspital bards must nw have a quality cmmittee that reprts t the bard. The template prvides sample terms f references fr rganizatins t adapt

More information

First Global Data Corp.

First Global Data Corp. First Glbal Data Crp. Privacy Plicy As f February 23, 2015 Ding business with First Glbal Data Crp. ("First Glbal", First Glbal Mney, "we" r "us", which includes First Glbal Data Crp. s subsidiary, First

More information

Hampton Roads Orthopaedics & Sports Medicine. Notice of Privacy Practices

Hampton Roads Orthopaedics & Sports Medicine. Notice of Privacy Practices This is being prvided t yu as a requirement f the privacy regulatins issued under the Health Insurance Prtability and Accuntability Act f 1996 (HIPAA). This ntice describes hw HROSM may use and disclse

More information

General Records Authority 33. Accredited Training

General Records Authority 33. Accredited Training General Recrds Authrity 33 2012/00579704 Accredited Training February 2013 This is an accurate reprductin f the authrised recrds authrity cntent, created fr accessibility purpses CONTENTS INTRODUCTION

More information

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021 Multi-Year Accessibility Plicy and Plan fr NSF Canada and NSF Internatinal Strategic Registratins Canada Cmpany, 2014-2021 This 2014-21 accessibility plan utlines the plicies and actins that NSF Canada

More information

Cloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013

Cloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013 Clud-based File Sharing: Privacy and Security Tutrial Institutinal Cmpliance Office July 2013 Patient Data in the Clud Prtecting patient privacy is ne f MD Andersn s greatest respnsibilities Technlgies

More information

nbn is committed to identifying hazards, preventing workplace accidents and minimising dangerous health safety and environment incidents.

nbn is committed to identifying hazards, preventing workplace accidents and minimising dangerous health safety and environment incidents. Incident & Hazard Reprting Overview At nbn we are safe, disciplined and reliable. nbn is cmmitted t preventing injury, illness and envirnmental harm by prviding a safe and healthy wrking envirnment fr

More information

New York Institute of Technology Faculty and Staff Email Retention Policy

New York Institute of Technology Faculty and Staff Email Retention Policy New Yrk Institute f Technlgy Faculty and Staff Email Retentin Plicy Nvember 2013 I. PURPOSE As electrnic mail (email) has becme the primary frm f cmmunicatin at NYIT and thrughut the wrld, the vlume f

More information

NYU Langone Medical Center NYU Hospitals Center NYU School of Medicine

NYU Langone Medical Center NYU Hospitals Center NYU School of Medicine Title: Identity Theft Prgram Effective Date: July 2009 NYU Langne Medical Center NYU Hspitals Center NYU Schl f Medicine POLICY It is the plicy f the NYU Langne Medical Center t educate and train staff

More information

Financial Planning Agreement

Financial Planning Agreement Financial Planning Agreement This Financial Planning Agreement, the ( Agreement ), dated as f, 20, is by and between Vulcan Investments LLC, 2100 SuthBridge Pkwy, Suite 650 Birmingham, AL. 35209, an investment

More information

Creating an Ethical Culture and Protecting Your Bottom Line:

Creating an Ethical Culture and Protecting Your Bottom Line: Creating an Ethical Culture and Prtecting Yur Bttm Line: Best Practices fr Crprate Cdes f Cnduct Nte: The infrmatin belw and all infrmatin n this website is nt meant t be taken as legal advice. Please

More information

Directives to LHINs in respect of Reporting Requirements under the BPSAA. Issued By Minister of Health and Long-Term Care

Directives to LHINs in respect of Reporting Requirements under the BPSAA. Issued By Minister of Health and Long-Term Care Directives t LHINs in respect f Reprting Requirements under the BPSAA Issued By Minister f Health and Lng-Term Care Effective April 1, 2011 Table f Cntents 1. BACKGROUND... 2 2. REPORT ON THE USE OF CONSULTANTS...

More information

COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE

COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE Mst dealers are familiar with the requirements f the Gramm-Leach-Bliley Act

More information

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released Page 1 f 6 Vice President, Infrmatics and Transfrmatin Supprt APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial Plicy Released INTENT / PURPOSE The Infrmatin and Data Gvernance

More information

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department

More information

Corporate Credit Card Policy

Corporate Credit Card Policy Plicy N: 13 Crprate Credit Card Plicy CONTROL: Plicy Type: Authrised by: Head f Pwer: Financial Cuncil Nt Applicable Respnsible Officer: Crprate and Cmmunity Manager Respnsibilities: Review and implement

More information

Malpractice and Maladministration Policy

Malpractice and Maladministration Policy TR340 Malpractice and Maladministratin Plicy This plicy aims t: Define malpractice and maladministratin in the cntext f CIM/CAM studying members, Accredited study centres (ASCs), examinatin centres, invigilatrs

More information

CHANGE MANAGEMENT STANDARD

CHANGE MANAGEMENT STANDARD The electrnic versin is current, r when printed and stamped with the green cntrlled dcument stamp. All ther cpies are uncntrlled. DOCUMENT INFORMATION Descriptin Dcument Owner This standard utlines the

More information

PRIVACY POLICY. This Privacy Policy describes how and when Pole Star USA, Inc. ( Pole Star ) collects, uses and

PRIVACY POLICY. This Privacy Policy describes how and when Pole Star USA, Inc. ( Pole Star ) collects, uses and PRIVACY POLICY This Privacy Plicy describes hw and when Ple Star USA, Inc. ( Ple Star ) cllects, uses and shares yur infrmatin when yu use Ple Star s NAO Clud Platfrm, which includes the Ple Star website

More information

GOVERNORS PHARMACY HIPAA NOTICE OF PRIVACY PRACTICES For Your Protected Health Information

GOVERNORS PHARMACY HIPAA NOTICE OF PRIVACY PRACTICES For Your Protected Health Information GOVERNORS PHARMACY HIPAA NOTICE OF PRIVACY PRACTICES Fr Yur Prtected Health Infrmatin THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS

More information

Public consultation paper

Public consultation paper Public cnsultatin paper Nvember 2012 Public cnsultatin n guidelines fr prfessinal indemnity insurance arrangements fr nurses and nurse practitiners. Please prvide feedback by email t: nmbafeedback@ahpra.gv.au

More information

RQ10.06 AACo Share Trading Policy

RQ10.06 AACo Share Trading Policy Australian Agricultural Cmpany Limited ACN 010 892 270 RQ10.06 AAC Share Trading Plicy Versin 5 This plicy was apprved by the Bard f Australian Agricultural Cmpany Limited n 15 December 2010. This plicy

More information

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the

More information

Scotiabank Group Privacy Agreement

Scotiabank Group Privacy Agreement Sctiabank Grup Privacy Agreement Last revised Octber 2010 Yur privacy is imprtant t Sctiabank. This Agreement sets ut the infrmatin practices fr Sctiabank Grup Members in Canada, including what type f

More information

Privacy Breach and Complaint Protocol

Privacy Breach and Complaint Protocol Privacy Breach and Cmplaint Prtcl Effective: December 31, 2012 Apprved by: Le McKenna, CFO 1.0 General Privacy breaches and privacy cmplaints will be handled in accrdance with this prtcl. This prtcl is

More information

Self- certification Criteria for companies participating in the European Self- Regulatory Programme on OBA. Document version: 1.1

Self- certification Criteria for companies participating in the European Self- Regulatory Programme on OBA. Document version: 1.1 Self- certificatin Criteria fr cmpanies participating in the Eurpean Self- Regulatry Prgramme n OBA Dcument versin: 1.1 Date: 16 Nvember 2012 Table f cntents 1. Intrductin 3 2. Criteria fr self- certificatin

More information

SPENCER STUART CANDIDATE DATA PROTECTION STANDARDS

SPENCER STUART CANDIDATE DATA PROTECTION STANDARDS SPENCER STUART CANDIDATE DATA PROTECTION STANDARDS Spencer Stuart is the leading privately-held glbal executive search firm and advisr f chice amng tp cmpanies seeking guidance and cunsel n senir leadership

More information

NHVAS Mass Management Spot Check Checklist

NHVAS Mass Management Spot Check Checklist Legal Entity Name f NHVAS Operatr: DTMR Representative: Lcatin: NHVAS Mass Management Spt Check Checklist Spt Check Date: Spt Check Number: DMS Number: 540/ The fllwing surces f evidence have been identified

More information

FAYETTEVILLE STATE UNIVERSITY

FAYETTEVILLE STATE UNIVERSITY FAYETTEVILLE STATE UNIVERSITY IDENTITY THEFT PREVENTION (RED FLAGS RULE) Authrity: Categry: Issued by the Fayetteville State University Bard f Trustees. University-Wide Applies t: Administratrs Faculty

More information

Directives to Hospitals in respect of Reporting Requirements under the BPSAA

Directives to Hospitals in respect of Reporting Requirements under the BPSAA DRAFT Directives t Hspitals in respect f Reprting Requirements under the BPSAA Issued By Minister f Health and Lng-Term Care Effective April 1, 2011 DRAFT March 28, 2011 Table f Cntents 1. BACKGROUND...

More information

Summary Plan Description Requirements for Group Health Plans

Summary Plan Description Requirements for Group Health Plans Summary Plan Descriptin Requirements fr Grup Health Plans September 2014 All grup health plans subject t the Emplyee Retirement Incme Security Act (ERISA) are required t prvide participants with a Summary

More information

Visa Global Acquirer Risk Standards (GARS)

Visa Global Acquirer Risk Standards (GARS) Visa Glbal Acquirer Risk Standards (GARS) The Visa Glbal Acquirer Risk Standards guide was develped fr member use in managing merchants and Third Party Agents. It is intended fr member distributin. Members

More information

Planning Considerations: Emergency Medical Services Regional Response Approach

Planning Considerations: Emergency Medical Services Regional Response Approach Planning Cnsideratins: Emergency Medical Services Reginal Respnse Apprach It is incumbent upn all ambulance services and advanced life supprt first respnse services in New Yrk State t cmply with the Acting

More information

What Information Is Collected and How Is It Collected?

What Information Is Collected and How Is It Collected? RCI PRIVACY NOTICE RCI Pacific Pty Ltd is cncerned abut privacy issues and wants yu t be familiar with hw we cllect, use and disclse infrmatin. This Privacy Ntice describes ur practices in cnnectin with

More information

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer RUTGERS POLICY Sectin: 70.1.1 Sectin Title: Infrmatin Technlgy Plicy Name: Acceptable Use Plicy fr Infrmatin Technlgy Resurces Frmerly Bk: N/A Apprval Authrity: Senir Vice President fr Administratin Respnsible

More information

PRIVACY POLICY Last revised: April 2015

PRIVACY POLICY Last revised: April 2015 PRIVACY POLICY Last revised: April 2015 ACD, LLC, and its affiliates (cllectively, we, us, ur ) understand that privacy is imprtant t ur cnsumers and want yu t make knwledgeable decisins abut the infrmatin

More information

Investment Adviser Switch Workshop

Investment Adviser Switch Workshop Investment Adviser Switch Wrkshp Investment Adviser Registratin, Renewal, Amendment And Pst-Registratin Requirements Presented by Office f the Attrney General Maryland Divisin f Securities 1 Registratin

More information

Data Protection Act Data security breach management

Data Protection Act Data security breach management Data Prtectin Act Data security breach management The seventh data prtectin principle requires that rganisatins prcessing persnal data take apprpriate measures against unauthrised r unlawful prcessing

More information

Immaculate Conception School, Prince George Bring Your Own Device Policy for Students

Immaculate Conception School, Prince George Bring Your Own Device Policy for Students Bring Yur Own Device Plicy fr Students Purpse This plicy utlines the acceptable use f electrnic devices t maintain a safe and secure educatin envirnment with the gal f preparing students fr the future,

More information

2.1 All SHR Users are responsible for the security of SHR systems/applications, resources and information.

2.1 All SHR Users are responsible for the security of SHR systems/applications, resources and information. POLICY Number: 7311-25-004 Title: Saskatn Health Regin User Accunt Plicy Authrizatin [ ] President and CEO [X] Vice President, Finance and Crprate Services Surce: Directr, Infrmatin Technlgy Services Crss

More information

Safety in Practice Compliance and Risk Assessment Procedure March, 2016

Safety in Practice Compliance and Risk Assessment Procedure March, 2016 Safety in Practice Cmpliance and Risk Assessment Prcedure Safety in Practice Cmpliance and Risk Assessment Prcedure March, 2016 Cntents 1 Objectives... 2 2 Scpe... 2 3 Safety in Practice Cmpliance and

More information

The information contained in this site is for INFORMATIONAL purposes only and is protected by copyright. We are not providing legal advice.

The information contained in this site is for INFORMATIONAL purposes only and is protected by copyright. We are not providing legal advice. Privacy Plicy Terms f Service: The fllwing terms and cnditins gvern all use f the Rightwaywebhsting.cm website and all cntent, services and prducts available at r thrugh the website (taken tgether, the

More information

- Upfront fee of $ + GST - Ongoing fee commencing immediately after plan implementation of $20.00 + GST per fortnight.

- Upfront fee of $ + GST - Ongoing fee commencing immediately after plan implementation of $20.00 + GST per fortnight. Cntract f engagement This cntract f engagement is between FSB 4 Financial Limited (the adviser) and (the client). Purpse This cntract establishes the relatinship between the adviser and the client relating

More information

FINANCIAL OPTIONS. 2. For non-insured patients, payment is due on the day of service.

FINANCIAL OPTIONS. 2. For non-insured patients, payment is due on the day of service. FINANCIAL OPTIONS 1. Fr thse patients wh carry dental insurance, all c-payments are due n date f service. We will file yur claim as a service t yu, and will d ur very best t maximize yur benefits. We accept

More information

POLICY INTERNET - ACCEPTABLE USE

POLICY INTERNET - ACCEPTABLE USE POLICY Dc. Cde: IS I5 INTERNET - ACCEPTABLE USE Applicable t: MidCentral DHB Including MidCentral Health & Enable NZ Issued by: Infrmatin Systems Cntact: Manager Service Delivery 1. PURPOSE This plicy

More information

Annex 01 Recommendation #1: Establishing an Empowered Community for Enforcing Community Power

Annex 01 Recommendation #1: Establishing an Empowered Community for Enforcing Community Power Annex 01 - Recmmendatin #1 Annex 01 Recmmendatin #1: Establishing an Empwered Cmmunity fr Enfrcing Cmmunity Pwer 1. Summary Under Califrnia law and the current Bylaws f the Internet Crpratin fr Assigned

More information

GUIDELINE INFORMATION MANAGEMENT (IM) PROGRAM PLAN

GUIDELINE INFORMATION MANAGEMENT (IM) PROGRAM PLAN Gvernment f Newfundland and Labradr Office f the Chief Infrmatin Officer Infrmatin Management Branch GUIDELINE INFORMATION MANAGEMENT (IM) PROGRAM PLAN Guideline (Definitin): OCIO Guidelines derive frm

More information

CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT

CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT Plicy Number: 2.20 1. Authrity Lcal Gvernment Act 2009 Lcal Gvernment Regulatin 2012 AS/NZS ISO 31000-2009 Risk Management Principles

More information

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER This Audit Cmmittee Charter has been amended as f July 17, 2015. The Audit Cmmittee shall review and reassess this Charter annually and recmmend

More information

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus

More information

Internet and E-Mail Policy User s Guide

Internet and E-Mail Policy User s Guide Internet and E-Mail Plicy User s Guide Versin 2.2 supprting partnership in mental health Internet and E-Mail Plicy User s Guide Ver. 2.2-1/5 Intrductin Health and Scial Care requires a great deal f cmmunicatin

More information

Process Safety Management Program for Contractors

Process Safety Management Program for Contractors Page 1 f 6 Sect: 1.0 Purpse 2.0 Scpe This sectin cntains requirements fr Ardent (Cntract Emplyer) and ur subcntractrs fr the purpse f assisting ur clients in preventing r minimizing the cnsequences f catastrphic

More information

National Australia Bank Limited Group Disclosure & External Communications Policy

National Australia Bank Limited Group Disclosure & External Communications Policy Natinal Australia Bank Limited Grup Disclsure & External Cmmunicatins Plicy Grup Disclsure & External Cmmunicatins Plicy Page 2 f 7 Grup Disclsure & External Cmmunicatins Plicy ( the Plicy ) 1. Overview

More information

ACQUIRED RARE DISEASE DRUG THERAPY EXCEPTION PROCESS

ACQUIRED RARE DISEASE DRUG THERAPY EXCEPTION PROCESS ADMINISTRATIVE POLICY ACQUIRED RARE DISEASE DRUG THERAPY EXCEPTION PROCESS Plicy Number: ADMINISTRATIVE 19.8 T Effective Date: Octber 1, 014 Table f Cntents CONDITIONS OF COVERAGE... BENEFIT CONSIDERATIONS...

More information

Audit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd

Audit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd Audit Cmmittee Charter St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd Versin 2.0, 22 February 2016 Apprver Bard f Directrs St Andrew

More information

Sources of Federal Government and Employee Information

Sources of Federal Government and Employee Information Inf Surce Surces f Federal Gvernment and Emplyee Infrmatin Ridley Terminals Inc. TABLE OF CONTENTS General Infrmatin Intrductin t Inf Surce Backgrund Respnsibilities Institutinal Functins, Prgram and Activities

More information

Business Continuity Management Policy

Business Continuity Management Policy The Public Trustee Business Cntinuity Management Plicy Octber 2015 Business Cntinuity Management Plicy Octber 2015 Page 1 f 6 Dcument Infrmatin Apprved Name Psitin Signature Date Mark Crftn A/Public Trustee

More information

Internet Banking Agreement and Disclosure Statement

Internet Banking Agreement and Disclosure Statement Internet Banking Agreement and Disclsure Statement This agreement cntains the terms and cnditins that gvern accessing r using Internet Banking (NetTeller), Bill Payment Services, Mbile Banking and On Demand

More information

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014 State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)

More information

A.M. BEST RATING SERVICES, INC. RATING DIVISION INTERNAL POLICY AND PROCEDURE. Subject: Dissemination Number: CRPC Policy 5

A.M. BEST RATING SERVICES, INC. RATING DIVISION INTERNAL POLICY AND PROCEDURE. Subject: Dissemination Number: CRPC Policy 5 A.M. BEST RATING SERVICES, INC. RATING DIVISION INTERNAL POLICY AND PROCEDURE Subject: Disseminatin Number: CRPC Plicy 5 Effective Date: Nvember 29, 2006 Revisin Date: January 04, 2016 Purpse: The purpse

More information

Environmental, Health & Safety Management System (EHSMS) Training, Awareness and Competency Procedure Revision Number: 7

Environmental, Health & Safety Management System (EHSMS) Training, Awareness and Competency Procedure Revision Number: 7 Envirnmental, Health & Safety Management System (EHSMS) Dcument Number: 00122 Issue Date: 05/07/2014 Training, Awareness and Cmpetency Prcedure Revisin Number: 7 Prepared By: Stalcup, Bryce Apprved By:

More information

NAIC Replacement Requirements For Certain Life Insurance Policies And Annuity Contracts

NAIC Replacement Requirements For Certain Life Insurance Policies And Annuity Contracts NAIC Replacement Requirements Fr Certain Life Insurance Plicies And Annuity Cntracts Duties f Prducers If a transactin invlves a replacement, the prducer must leave with the applicant, at the time an applicatin

More information

UNIVERSITY INCIDENT PLANNING COMMITTEE TERMS OF REFERENCE

UNIVERSITY INCIDENT PLANNING COMMITTEE TERMS OF REFERENCE 1. TITLE OF COMMITTEE UNIVERSITY INCIDENT PLANNING COMMITTEE University Incident Planning Cmmittee (IPC) 2. ESTABLISHMENT TERMS OF REFERENCE The University Incident Planning Cmmittee is established in

More information

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010 OntariMD Inc. Electrnic Medical Recrds SPECIFICATION Hspital Reprt Manager Cnnectivity Requirements DRAFT Date: September 30, 2010 Versin: 1.0 2007-2010 OntariMD Inc. All rights reserved HRM EMR Cnnectivity

More information

Key Steps to Responding to Privacy Breaches. Nova Scotia Freedom of Information and Protection of Privacy Review Office

Key Steps to Responding to Privacy Breaches. Nova Scotia Freedom of Information and Protection of Privacy Review Office Key Steps t Respnding t Privacy Breaches Nva Sctia Freedm f Infrmatin and Prtectin f Privacy Review Office ~ 1 ~ ~ 1 ~ 1 ~ Key Steps t Respnding t Privacy Breaches 1 Key Key Steps Steps t t Respnding

More information

To clarify terms used within these policies, the following definitions are provided:

To clarify terms used within these policies, the following definitions are provided: Baker University Email Plicy E-mail services are prvided t the Baker cmmunity in supprt f the educatinal missin f the University and the administrative functins t carry ut that missin. Users f Baker e-mail

More information

Data Protection: Regulating Cyber Security. Jonathan Bamford Head of Strategic Liaison

Data Protection: Regulating Cyber Security. Jonathan Bamford Head of Strategic Liaison Data Prtectin: Regulating Cyber Security Jnathan Bamfrd Head f Strategic Liaisn Hw des DP regulatin affect cyber security? Data Prtectin Act 1998: apprpriate security Privacy and Electrnic Cmmunicatin

More information

Registered Traveler Pilot. Privacy Impact Assessment. June 24, 2004. Contact Point:

Registered Traveler Pilot. Privacy Impact Assessment. June 24, 2004. Contact Point: Registered Traveler Pilt Privacy Impact Assessment June 24, 2004 Cntact Pint: Lisa S. Dean Privacy Officer Transprtatin Security Administratin 571.227.3947 Reviewing Official: Nuala O Cnnr Kelly Chief

More information

AUDIT AND RISK COMMITTEE TERMS OF REFERENCE

AUDIT AND RISK COMMITTEE TERMS OF REFERENCE AUDIT AND RISK COMMITTEE TERMS OF REFERENCE 1. TITLE OF COMMITTEE Audit and Risk Cmmittee 2. ESTABLISHMENT The Audit and Risk Cmmittee is established under Part 3 Sectin 19(1) f the Charles Darwin University

More information

expertise hp services valupack consulting description security review service for Linux

expertise hp services valupack consulting description security review service for Linux expertise hp services valupack cnsulting descriptin security review service fr Linux Cpyright services prvided, infrmatin is prtected under cpyright by Hewlett-Packard Cmpany Unpublished Wrk -- ALL RIGHTS

More information

Audit Committee Charter

Audit Committee Charter Audit Cmmittee Charter Membership The Audit Cmmittee (the "Cmmittee") f the Bard f Directrs (the "Bard") f Philip Mrris Internatinal Inc. (the "Cmpany") shall cnsist f at least three directrs all f whm

More information

Offer Specifications Dell Email Management Services (EMS): Policy Based Encryption-E

Offer Specifications Dell Email Management Services (EMS): Policy Based Encryption-E Dell Email Management Services (EMS): Plicy Based Encryptin-E Offer Specificatins Dell Email Management Services (EMS): Plicy Based Encryptin-E Service Overview The Plicy Based Encryptin-E service ( PBE-E

More information

ICBA Summary of the TILA- RESPA Integrated Disclosure (TRID) Rule

ICBA Summary of the TILA- RESPA Integrated Disclosure (TRID) Rule ICBA Summary f the TILA- RESPA Integrated Disclsure (TRID) Rule Octber 2015 Mnth Year Mn Cntact: Je Grmley Assistant Vice President & Regulatry Cunsel jseph.grmley@icba.rg www.icba.rg ICBA Summary f the

More information

Bank switching service - Regulation

Bank switching service - Regulation versin 3.0-1/7/2011 Bank switching service - Regulatin This Regulatin cnstitutes the verall framewrk in which the participating banks in Belgium ffer cnsumers a bank switching service fr current accunts.

More information

Human Research Protection Program Investigating Reports of Research Non-compliance at MMC

Human Research Protection Program Investigating Reports of Research Non-compliance at MMC Human Research Prtectin Prgram Investigating Reprts f Research Nn-cmpliance at MMC SOP- I.5.D, II.2.F, II.2.G A-II.2.F, II.2.G 1. POLICY 1.1 Definitins 1.1.1 Nn-cmpliance Failure n the part f a PI r any

More information

Information Security Incident Response Plan

Information Security Incident Response Plan Infrmatin Security Incident Respnse Plan Agency: Date: Cntact: 1 TABLE OF CONTENTS Intrductin... 3 Authrity... 4 Terms and Definitins... 4 Rles and Respnsibilities... 5 Prgram... 6 Educatin and Awareness...

More information

Systems Support - Extended

Systems Support - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets

More information

Helicopter Landing Sites Planning, Implementation and Management

Helicopter Landing Sites Planning, Implementation and Management Directive # QH-HSD-039:2013 Effective Date: 01 July 2013 Review Date: 01 July 2016 Supersedes: Nil Landing Sites Planning, Implementatin and Management Purpse The purpse f this Health Service Directive

More information

TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY

TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY REFERENCE NUMBER: 14/103368 RESPONSIBLE DEPARTMENT: Crprate Services APPLICABLE LEGISLATION: State Recrds Act 1997 Lcal Gvernment Act 1999 Crpratins Act

More information

Change Management Process For [Project Name]

Change Management Process For [Project Name] Management Prcess Fr [Prject Name] i 1 Intrductin The is fllwed during the Executin phase f the Prject Management Life Cycle, nce the prject has been frmally defined and planned. 1.1 What is a Management

More information

Internal Audit Charter and operating standards

Internal Audit Charter and operating standards Internal Audit Charter and perating standards 2 1 verview This dcument sets ut the basis fr internal audit: (i) the Internal Audit charter, which establishes the framewrk fr Internal Audit; and (ii) hw

More information