TECH TALK. September 25, 2014
|
|
- Raymond Barrett
- 8 years ago
- Views:
Transcription
1 TECH TALK September 25, 2014
2 Cloud Services Guidance for Campus Tech Talk
3 UAB IT is offering interim guidance to members of the UAB campus community who wish to use 'cloud' applications & services available on the Web, including file storage, web conferencing, and content hosting. These tools, which we collectively refer to as "cloud computing" should be fully understood before they are used. Additional policies, recommendations and guidance for the use of specific products will be coming in early 2015.
4 Why is this interim guidance necessary? Need to begin communicating issues and concerns to campus in a formal manner and on a regular basis Areas of concern have been brought forward from the UA System Internal Audit Office related to: Governance and Management of Cloud Computing Services Cloud Computing Discovery Data Classification Contract Management
5 Why is this interim guidance necessary? Use of free services by individuals is increasing; Issues with reimbursement requests where paid services are subscribed to by an individual (not through a UAB contract) Contracts not reviewed by appropriate UAB areas as agreement is between the cloud provider and the individual not UAB Data ownership and control of sensitive data Personal liability Institutional reputation/liability risk
6 Why is this interim guidance necessary? Use of cloud services may conflict with UAB policies and guidelines (even with a contract in place) Sensitive data considerations. For UAB, sensitive data includes (but is not limited to) individually identifiable information, Social Security numbers, credit card numbers, driver license numbers, protected health information proprietary research data, privileged legal information, and data protected by law, such as student and patient records. UAB Data Protection and Security Policy UAB HIPAA Policy
7 Why is this interim guidance necessary? Use of cloud services may conflict with UAB policies and guidelines (even with a contract in place) Record retention policies UAB branding policies Web accessibility standards Contract routing and execution policies
8 What is the interim guidance? Recognizing that the campus community has a need for the type of services available via the cloud: We all have a responsibility to understand the significant institutional and individual liability that the use of cloud services presents It is important that the liability/risk is communicated to management before using any cloud service or tool The safest method to store/host/process sensitive data is by using technology within the UAB computing environment. UAB provides researchers with 1TB of free storage that allows for document sharing.
9 What is the interim guidance? Contracts should be between UAB and the cloud provider not between the individual and the cloud provider. Free individual subscriptions should be avoided as there is no oversight or review at any point by UAB administration. Paid individual subscriptions where the individual makes payment by credit card and then seeks reimbursement from UAB require the individual sign an affirming statement in order to be reimbursed.
10 Affirming Statement By signing this reimbursement request, I hereby certify that the services/products for which I am requesting reimbursement are not used to host, store, transmit or otherwise process any information or data that is classified (or should be classified due to the nature of the information/data) as HIPAA (patient), PHI (personal health information), PII (personally identifiable information), FERPA (student) or other such 'protected' or 'sensitive' data such as social security numbers, credit card numbers, proprietary research data, privileged legal information, data protected by law, etc.. Additional information and definitions can be found in UAB's Data Protection and Security Policy at I also understand that I may be asked to verify this certification through audits or reviews conducted at UAB's discretion. Signature If the above statement cannot be signed, please contact UAB Procurement or Expense Review for further guidance.
11 What is the interim guidance? Be familiar with and follow all UAB policies and standards Follow other Best Practices listed in the Interim Guidance document that will be communicated to campus in October Contact UAB Contracts or UAB IT for further guidance
12 Next steps: Update coming to the Data Protection and Security Policy; will include new data classifications Updated guidance coming as to specific cloud services and their appropriate use based on the new data classifications Where appropriate, more due-diligence during contract reviews to include information security/risk assessment prior to contract execution Coordination with HIPAA Security Officer and Privacy Officer to ensure a coordinated message to Campus and the Health System
MCGRAW-HILL SCHOOL EDUCATION GROUP. License Agreement
TERMS OF SERVICE MCGRAW-HILL SCHOOL EDUCATION GROUP License Agreement During the term of this Agreement, McGraw-Hill School Education Group agrees to provide Subscriber with a subscription to the service
More informationIT Forum 2-11-2013 UW-Madison Records Management Program. UW Archives and Records Management
IT Forum 2-11-2013 UW-Madison Records Management Program Records facilitate and sustaining day-to-day university operations. Records support organizational activities such as student admissions, research
More informationMicrosoft Online Subscription Agreement/Open Program License Agreement Business Associate Amendment Amendment ID MOS13
Microsoft Online Subscription Agreement/Open Program License Agreement Business Associate Amendment Amendment ID To be valid, Customer must have accepted this Amendment as set forth in the Microsoft Online
More informationInformation Security: Roles, Responsibilities, and Data Classification. Technology Services 1/4/2013
Information Security: Roles, Responsibilities, and Data Classification Technology Services 1/4/2013 Roles, Responsibilities, and Data Classification The purpose of this session is to: Establish that all
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement and is made between BEST Life and Health Insurance Company ( BEST Life ) and ( Business Associate ). RECITALS WHEREAS, the U.S.
More informationInformation security, compliance and the grant life cycle. October 10, 2013
Information security, compliance and the grant life cycle October 10, 2013 Presenters Beth Chancellor, Chief Information Security Officer, Division of IT Jeremy Cox, Lead Accountant, Office of Sponsored
More informationInformation Security Guideline: Cloud Computing Services. Information Security and Privacy Committee Draft version 8/1/2012
Information Security Guideline: Cloud Computing Services Information Security and Privacy Committee Draft version 8/1/2012 Table of Contents Introduction... 1 Purpose... 2 Scope... 2 Risks and Concerns
More informationIndex .700 FORMS - SAMPLE INCIDENT RESPONSE FORM.995 HISTORY
Information Security Section: General Operations Title: Information Security Number: 56.350 Index POLICY.100 POLICY STATEMENT.110 POLICY RATIONALE.120 AUTHORITY.130 APPROVAL AND EFFECTIVE DATE OF POLICY.140
More informationDATA SECURITY AGREEMENT. Addendum # to Contract #
DATA SECURITY AGREEMENT Addendum # to Contract # This Data Security Agreement (Agreement) is incorporated in and attached to that certain Agreement titled/numbered and dated (Contract) by and between the
More informationFlorida Health Information Exchange Subscription Agreement for Direct Secure Messaging Services
Florida Health Information Exchange Subscription Agreement for Direct Secure Messaging Services This Subscription Agreement, is a multi-party agreement by and between the undersigned vendor, Harris Corporation,
More informationCloud Computing Policy 1.0 INTRODUCTION 2.0 PURPOSE. Effective Date: July 28, 2015
Cloud Computing Policy Effective Date: July 28, 2015 1.0 INTRODUCTION Cloud computing services are application and infrastructure resources that users access via the Internet. These services, contractually
More informationData Management Standard
Data Management Standard Revision: Version 1.0 Date: 11/2015 Status: Approved by ISAC, Reviewed by Chancellor s Cabinet 1. Objectives Page 1 2. Scope Statement. Page 1 3. Requirements..Page 1 4. Definitions
More informationInstrument Used to Analyze the DMPs at the University of Minnesota
Instrument Used to Analyze the DMPs at the University of Minnesota Contributors: Lisa Johnston, Carolyn Bishoff, John McGrory, Christine Storino, and Anders Swendsrud (University of Minnesota Libraries)
More informationHIPAA Business Associate Agreement
HIPAA Business Associate Agreement If Customer is a Covered Entity or a Business Associate and includes Protected Health Information in Customer Data (as such terms are defined below), execution of a license
More informationInformation Security Program
Stephen F. Austin State University Information Security Program Revised: September 2014 2014 Table of Contents Overview... 1 Introduction... 1 Purpose... 1 Authority... 2 Scope... 2 Information Security
More informationØ Externally Hosted Computing Services Appropriate Use Guidelines Ø Matrix for Appropriate Use
Ø Externally Hosted Cputing Services Ø Matrix for Appropriate Use 3/31/2015 1 Externally Hosted Cputing Services This overview is intended to provide information for faculty, staff and students about the
More informationINDEPENDENT CONTRACTOR CONSULTING AGREEMENT INSTRUCTIONS, ROUTING AND APPROVAL COVER SHEET
INDEPENDENT CONTRACTOR CONSULTING AGREEMENT INSTRUCTIONS, ROUTING AND APPROVAL COVER SHEET I. The requesting department should complete the following Independent Contractor Consulting Agreement ( Agreement
More informationData Security and Identity Management
Data Security and Identity Management Leading Change Data Pre-Conference June 16, 2014 Ed Jung Chief Technology Officer Arizona Department of Education DATA SECURITY Are you prepared Likelihood of a data
More informationEthics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015
Ethics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015 Katherine M. Layman Cozen O Connor 1900 Market Street Philadelphia, PA 19103 (215) 665-2746
More informationHow to Process Software Agreements at Penn State
How to Process Software Agreements at Penn State SEPTEMBER 3, 2015 PRESENTED BY: DANNA BRESSLER, PURCHASING AGENT RICHEL PERRETTI, CONTRACT MANAGER, RISK MANAGEMENT Overview Important Policies Contract
More informationHealthcare Compliance and Hybrid Entity Designation
[New OP initial posting 8/28/14] Operating Policy and Procedure : Healthcare Compliance and Hybrid Entity Designation DATE: August 28, 2014 PURPOSE: The purpose of this Texas Tech Operating Policy and
More informationThird Party Security: Are your vendors compromising the security of your Agency?
Third Party Security: Are your vendors compromising the security of your Agency? Wendy Nather, Texas Education Agency Michael Wyatt, Deloitte & Touche LLP TASSCC Annual Conference 3 August 2010 Agenda
More informationWelcome. This presentation focuses on Business Associates under the Omnibus Rule of 2013.
Welcome. This presentation focuses on Business Associates under the Omnibus Rule of 2013. Business Associates have been part of the focus of the HIPAA regulations since 2003 when the privacy rule went
More informationConnecting the dots from automated software discovery to asset management
Connecting the dots from automated software discovery to asset management Drive Business Value with Service & Portfolio Management PS113SN Connecting the dots from automated software discovery to asset
More informationKeweenaw Holistic Family Medicine Patient Registration Form
Keweenaw Holistic Family Medicine Patient Registration Form How did you first learn of our Clinic? Circle one: Attended Lecture Internet KHFM website Newspaper Sign in window Yellow Pages Physician Friend
More informationHIPAA Employee Training Guide. Revision Date: April 11, 2015
HIPAA Employee Training Guide Revision Date: April 11, 2015 What is HIPAA? The Health Insurance Portability and Accountability Act of 1996 (also known as Kennedy- Kassebaum Act ). HIPAA regulations address
More informationCHAMPAIGN COUNTY NURSING HOME VOLUNTEER INFORMATION FORM
CHAMPAIGN COUNTY NURSING HOME VOLUNTEER INFORMATION FORM If you are required to perform COURT DIRECTED COMMUNITY SERVICE hours please contact the Director of Environmental Services. You cannot volunteer
More informationCompliance Plan Required for ACO Participation
Compliance Plan Required for ACO Participation Presented by: Angela Miller Medical Auditing Solutions LLC 2012 (c)2012 Medical Auditing Solutions LLC 1 Experience Angela Miller over 18 years experience
More informationHEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) BUSINESS ASSOCIATE AGREEMENT
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( BAA ) is by and between the National Association of Boards of Pharmacy
More informationFirstCarolinaCare Insurance Company Business Associate Agreement
FirstCarolinaCare Insurance Company Business Associate Agreement THIS BUSINESS ASSOCIATE AGREEMENT ("Agreement"), is made and entered into as of, 20 (the "Effective Date") between FirstCarolinaCare Insurance
More informationHIPAA INFORMATION FOR METLIFE GROUP DENTAL and/or VISION INSURANCE CUSTOMERS
HIPAA INFORMATION FOR METLIFE GROUP DENTAL and/or VISION INSURANCE CUSTOMERS Dear Group Dental and/or Vision Customer : This letter relates to privacy requirements contained in federal regulations under
More informationUNIVERSITY PHYSICIANS OF BROOKLYN HIPAA BUSINESS ASSOCIATE AGREEMENT CONTRACT NO(S):
UNIVERSITY PHYSICIANS OF BROOKLYN HIPAA BUSINESS ASSOCIATE AGREEMENT CONTRACT NO(S): THIS AGREEMENT is made by and between UNIVERSITY PHYSICIANS OF BROOKLYN, INC., located at 450 Clarkson Ave., Brooklyn,
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) by and between (hereinafter known as Covered Entity ) and Office Ally, LLC. (hereinafter known as Business Associate ), and
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT ( Agreement ) by and between OUR LADY OF LOURDES HEALTH CARE SERVICES, INC., hereinafter referred to as Covered Entity, and hereinafter referred
More informationOnline Lead Generation: Data Security Best Practices
Online Lead Generation: Data Security Best Practices Released September 2009 The IAB Online Lead Generation Committee has developed these Best Practices. About the IAB Online Lead Generation Committee:
More informationSTATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM
STATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM BETWEEN The Division of Health Care Financing and Policy Herein after referred to as the Covered Entity and (Enter Business
More informationAGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND
AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND THIS AGREEMENT for Access to Protected Health Information ( PHI ) ( Agreement ) is entered
More informationUniversity of Tennessee's Identity Theft Prevention Program
IDENTITY THEFT PREVENTION PROGRAM 1. BACKGROUND The University of Tennessee (UT) developed this Identity Theft Prevention Program pursuant to the Federal Trade Commission s Red Flags Rule, Section 114
More informationP02.07.066. Mobile Device Security.
P02.07.066. Mobile Device Security. A. University employees and students using a laptop computer or mobile device (e.g. portable hard drives, USB flash drives, smartphones, tablets) are responsible for
More informationVirginia Commonwealth University Information Security Standard
Virginia Commonwealth University Information Security Standard Title: Scope: Data Classification Standard This document provides the classification requirements for all data generated, processed, stored,
More informationOIT OPERATIONAL PROCEDURE
OIT OPERATIONAL PROCEDURE Title: DATA CLASSIFICATION GUIDELINES Identification: OIT 1 Page: 1 of 5 Effective Date: 3/31/2014 Signature/Approval: Guidelines and Handling Procedure (9 10 ) specifies that
More informationReleasing Information
Releasing Information There are 3 kinds of release situations now: our original Release of Information and it s uses under Colorado Law and Professional Ethical Standards; HPAA s Consent to release information
More informationTitle: Data Security Policy Code: 1-100-200 Date: 11-6-08rev Approved: WPL INTRODUCTION
Title: Data Security Policy Code: 1-100-200 Date: 11-6-08rev Approved: WPL INTRODUCTION The purpose of this policy is to outline essential roles and responsibilities within the University community for
More informationBillTracker Subscription Agreement.
BillTracker Subscription Agreement Please carefully read the information included in this BillTracker Subscription Agreement, a service of Nebraska.gov. Complete pages 1 and 2 of this Agreement, sign and
More informationReport on. 2011 Inspection of Kabani & Company, Inc. (Headquartered in Los Angeles, California) Public Company Accounting Oversight Board
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2011 Inspection of Kabani & Company, Inc. (Headquartered in Los Angeles, California)
More informationTHE 2012 IT REFERENCE GUIDE
THE 2012 IT REFERENCE GUIDE 1872 VirginiaTech Invent the Future Essentials Whether you re new to Virginia Tech or just reviewing your computing and communications needs, the list below points to some essential
More informationHOWARD UNIVERSITY POLICY
HOWARD UNIVERSITY POLICY Policy Number: 300-001 Policy Title: ACCOUNTS PAYABLE: PAYMENTS TO VENDORS Responsible Officer: Chief Financial Officer Responsible Office: Office of the Chief Financial Officer
More information1/23/2015. MSBO Technology Committee January 22, 2015. Examples of Online Educational Services
MSBO Technology Committee January 22, 2015 Technology Policies Online Educational Services 2015 Mika Meyers Beckett & Jones PLC All Rights Reserved Presented by: Jennifer A. Puplava Mika Meyers Beckett
More informationAPPLICATION FOR EMPLOYMENT FOR DEPUTY ATTORNEYS GENERAL
State of New Jersey Department of Law and Public Safety Division of Criminal Justice APPLICATION FOR EMPLOYMENT FOR DEPUTY ATTORNEYS GENERAL The State of New Jersey is an Equal Opportunity Employer APPLICATION
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( Agreement ) is by and between ( Covered Entity ) and Xelex Digital, LLC ( Business Associate ), and is effective as of. WHEREAS,
More informationOffice 365 Data Processing Agreement with Model Clauses
Enrollment for Education Solutions Office 365 Data Processing Agreement (with EU Standard Contractual Clauses) Amendment ID Enrollment for Education Solutions number Microsoft to complete 7392924 GOLDS03081
More informationHow To Address Data Sovereignty In The Cloud
DATA SOVEREIGNTY & THE CLOUD Whitepaper Data Sovereignty & The Cloud Organizations looking to benefit from the scalability, agility, and capital cost savings of cloud computing inevitably encounter the
More informationwww.pwc.com Third Party Risk Management 12 April 2012
www.pwc.com Third Party Risk Management 12 April 2012 Agenda 1. Introductions 2. Drivers of Increased Focus on Third Parties 3. Governance 4. Third Party Risks and Scope 5. Third Party Risk Profiling 6.
More informationMemorandum of Understanding for Financial Co Sponsorship of the IEEE Transactions on Cloud Computing June 2012
Memorandum of Understanding for Financial Co Sponsorship of the IEEE Transactions on Cloud Computing June 2012 Introduction This document serves as an agreement between the IEEE Computer Society, the IEEE
More informationIdentity Theft Prevention Program (Approved by the Board of Trustees)
Administrative Regulation 8:8 Responsible Office: EVPFA Date Effective: 9/15/2009 Supersedes Version: No previous version Identity Theft Prevention Program (Approved by the Board of Trustees) Major Topics
More informationGlenmeadow, Inc. Terms and Conditions of Use Legal Notices/ Privacy Policy
Glenmeadow, Inc. Terms and Conditions of Use Legal Notices/ Privacy Policy Medical Disclaimer Glenmeadow is a senior living retirement community providing assisted and independent senior living options
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the Agreement ), is made effective as of the sign up date on the login information page of the CarePICS.com website, by and between CarePICS,
More informationROLE OF CONTRACT MANAGEMENT IN A HEALTHCARE COMPLIANCE PROGRAM DESIGN
ROLE OF CONTRACT MANAGEMENT IN A HEALTHCARE COMPLIANCE PROGRAM DESIGN John Riley Vice President of Sales MediTract, Inc. Session Overview Overview of Compliance Regulations affecting Contract Management
More informationPrincipal Investigator Responsibilities for Education and Social/Behavioral Researchers
Principal Investigator Responsibilities for Education and Social/Behavioral Researchers Introduction The purpose of this module is to provide a basic understanding of the responsibilities of the principal
More informationInformation Security Manager Training
Information Security Manager Training Kent Swagler CCEP Director, Corporate Compliance Direct line (314) 923-3097 Cell (314) 575-8334 kswagler@metrostlouis.org Information Security Manager Training Overview
More informationTop Ten Technology Risks Facing Colleges and Universities
Top Ten Technology Risks Facing Colleges and Universities Chris Watson, MBA, CISA, CRISC Manager, Internal Audit and Risk Advisory Services cwatson@schneiderdowns.com April 23, 2012 Overview Technology
More informationHIT Audit Workshop. Jeffrey W. Short. jshort@hallrender.com
HIT Audit Workshop Jeffrey W. Short jshort@hallrender.com 1 Audits and Investigations to be Discussed Meaningful Use Audits HIPAA Audits Data Breach Investigations Software Vendor Audits FTC Investigations
More informationEnrollment for Education Solutions Addendum Microsoft Online Services Agreement Amendment 10 EES17 --------------
w Microsoft Volume Licensing Enrollment for Education Solutions Addendum Microsoft Online Services Agreement Amendment 10 Enrollment for Education Solutions number Microsoft to complete --------------
More informationPurchasing Card. Policies & Procedures. University of Nebraska (Revised 2014)
Purchasing Card Policies & Procedures University of Nebraska (Revised 2014) Purchasing Card Policies and Procedures Table of Contents Purchasing Card Policies Basis of the Policy 3 Purpose 3 Authority
More informationUNIVERSITY OF MIAMI CONSULTING/ SERVICE AGREEMENT
UNIVERSITY OF MIAMI CONSULTING/ SERVICE AGREEMENT THIS AGREEMENT made this day of 20, by and between the University of Miami located in Coral Gables, Florida, 33124, hereinafter referred to as the University
More informationWELCOME TO PCCMA. We look forward to being of service to you and helping you to be healthier in the future.
Phone: 717-234-2561 Franklyn J. Myers, III, M.D., F.C.C.P. Alexis B. Aaronson, M.S.N, C.R.N.P. Michele M. Knepper, C.R.N.P. WELCOME TO PCCMA Welcome to our practice. We are specialists in the treatment
More informationWhat s the Path? Information Life-cycle part of Vendor Management
Disclaimer The materials provided in this presentation and any comments or information provided by the presenter are for educational purposes only and nothing conveyed or provided should be considered
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT Express Scripts, Inc. and one or more of its subsidiaries ( ESI ), and Sponsor or one of its affiliates ( Sponsor ), are parties to an agreement ( PBM Agreement ) whereby ESI
More informationWRITTEN CONSENT OF THE MANAGING MEMBER OF SM/STRATFOR PARTNERS, LLC. July 30, 2011
WRITTEN CONSENT OF THE MANAGING MEMBER OF SM/STRATFOR PARTNERS, LLC July 30, 2011 The undersigned, being the managing member (the Managing Member ) of SM/Stratfor Partners, LLC (the Company ), a limited
More informationMicrosoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Security Amendment Amendment ID MOS10
Microsoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Security Amendment Amendment ID This Microsoft Online Services Security Amendment ( Amendment ) is between
More informationInformation Integrity & Data Management
Group Standard Information Integrity & Data Management Serco recognises its responsibility to ensure that any information and data produced meets customer, legislative and regulatory requirements and is
More informationPolicy No: TITLE: EFFECTIVE DATE: CANCELLATION: REVIEW DATE:
Policy No: TITLE: AP-AA-17.2 Data Classification and Data Security ADMINISTERED BY: Office of Vice President for Academic Affairs PURPOSE EFFECTIVE DATE: CANCELLATION: REVIEW DATE: August 8, 2005 Fall
More informationSecurity Awareness Training
CALIFORNIA DEPARTMENT OF AGING The CDA Information Security Office Security Awareness Training Presents California Department of Aging (CDA), 1300 National Drive, Suite 200, Sacramento, CA 95834 www.aging.ca.gov
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement is effective September 1, 2013 and made between Community Health Solutions of America, Inc., a Florida corporation ( CHS ) and ( Company ).
More informationHIPAA/HITECH Compliance Using VMware vcloud Air
Last Updated: September 23, 2014 White paper Introduction This paper is intended for security, privacy, and compliance officers whose organizations must comply with the Privacy and Security Rules of the
More informationAPPLICATION FOR EMPLOYMENT
APPLICATION FOR EMPLOYMENT OREGON EPISCOPAL SCHOOL PRACTICES EQUAL EMPLOYMENT OPPORTUNITY IN ALL JOB OPENINGS. ALL QUALIFIED APPLICANTS WILL RECEIVE CONSIDERATION FOR EMPLOYMENT WITHOUT REGARD TO SEX,
More informationHealth Plan Select, Inc. Business Associate Privacy Addendum To The Service Agreement
This (hereinafter referred to as Addendum ) by and between Athens Area Health Plan Select, Inc. (hereinafter referred to as HPS ) a Covered Entity under HIPAA, and INSERT ORG NAME (hereinafter referred
More informationGreenScreen. Certified Practitioner Program. Detailed Program Description
GreenScreen Certified Practitioner Program Detailed Program Description Last Updated January 2014 GreenScreen for Safer Chemicals (GreenScreen ) is a method for chemical hazard assessment and benchmarking
More informationBats Global Markets, Inc. U.S. Market Data Policies
Bats Global Markets, Inc. U.S. Market Data Policies Updated February 19, 2016 Page 1 of 13 Table of Contents 1 Definitions... 3 2 Display Requirements... 4 3 Record Retention Requirements... 4 4 Data Recipient
More informationplantemoran.com What School Personnel Administrators Need to know
plantemoran.com Data Security and Privacy What School Personnel Administrators Need to know Tomorrow s Headline Let s hope not District posts confidential data online (Tech News, May 18, 2007) In one of
More informationState of New Jersey Department of Banking & Insurance. Annual Report Worksheet for Home Repair Contractors. Year Ending December 31, 2014
State of New Jersey Department of Banking & Insurance for Home Repair Contractors New Jersey Department of Banking & Insurance Division of Banking Attn: Kristen Graham -- 5 th floor 20 West State Street
More informationWritten Information Security Programs: Compliance with the Massachusetts Data Security Regulation
View the online version at http://us.practicallaw.com/7-523-1520 Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP
More informationIDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy Use and Disclosure of Psychotherapy Notes 10130
IDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy Use and Disclosure of Psychotherapy Notes 10130 POLICY INFORMATION Major Functional Area (MFA): MFA X - Office of General Counsel &
More informationCredentialing Telemedicine Providers
BUSINESS ATTORNEYS FOR BUSINESS SUCCESS Credentialing Telemedicine Providers Provider Credentialing requirements raise important considerations in any telemedicine arrangement. The facility where care
More information[Company Name] HIPAA Security Awareness and Workforce Training Program Manual
[Company Name] HIPAA Security Awareness and Workforce Training Program Manual The Importance of Security Awareness Training 4 Data Security Breaches 5 What is Information Security? 6 Roles and Responsibilities
More informationFlorida Health Information Exchange Subscription Agreement for Patient Look-Up and Delivery Services
Florida Health Information Exchange Subscription Agreement for Patient Look-Up and Delivery Services This Florida Health Information Exchange Subscription Agreement for Patient Look-Up and Delivery Services
More informationPurchase College Information Security Program Charter January 2008
January 2008 Introduction When an organization implements an information security program, it raises the question of what is to be written, and how much is sufficient. SUNY Information Security Initiative
More informationDocuments Required. $400 due diligence check per company made payable to Capstone Business Funding, LLC
Legal Business Name Date Documents Required Current Accounts Receivable Aging Report Company Information Application and Origination Statement (Have your signature notarized under Origination Statement
More informationINFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION
INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Information security is a critical issue for institutions of higher education (IHE). IHE face issues of risk, liability, business continuity,
More information13.4 PHI Air Medical Code of Conduct
I. PURPOSE PHI Air Medical continually strives to provide high quality emergency care and medical transportation services to our patients, and to maintain high standards of integrity in our dealings with
More informationDATA USE AGREEMENT RECITALS
DATA USE AGREEMENT This Data Use Agreement (the Agreement ), effective as of the day of, 20, is by and between ( Covered Entity ) and ( Limited Data Set Recipient or Recipient ) (collectively, the Parties
More informationDeveloping a Mobile Medical App? How to determine if it is a medical device and get it cleared by the US FDA
Developing a Mobile Medical App? How to determine if it is a medical device and get it cleared by the US FDA In this presentation: App stats: Explosive growth Examples already cleared by the US FDA Is
More informationDOCUMENT RETENTION STRATEGIES FOR HEALTHCARE ORGANIZATIONS
Overview. DOCUMENT RETENTION STRATEGIES FOR HEALTHCARE ORGANIZATIONS A comprehensive and consistently applied document retention policy is necessary to reduce the risk of being charged with spoliation
More informationCUSTOMER DETAILS Corporation Partnership Sole Proprietorship. City: State: Zip: D & B #: Tax ID / EIN #: City: State: Zip:
Type: Trade Name: CUSTOMER DETAILS Corporation Partnership Sole Proprietorship D & B #: Tax ID / EIN #: Officer s Name: e-mail Parent Company: Credit Line Requested: BILL-TO ADDRESS, IF DIFFERENT FROM
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the BAA ) is made and entered into as of the day of, 20, by and between Delta Dental of California (the Covered Entity ) and (the Business
More informationACCESS TO ELECTRONIC HEALTH RECORDS AGREEMENT
ACCESS TO ELECTRONIC HEALTH RECORDS AGREEMENT THIS AGREEMENT ( Agreement ) is made and entered into this day of, 20, by and between Franciscan Health System ( Hospital ), and ( Community Partner ). RECITALS
More informationPartner: Address: Tel. No.: Contact: Contact Title: Contact s email: Effective Date: Partner s Web Site(s):
Partner: Address: Tel. No.: Contact: Contact Title: Contact s email: Effective Date: Partner s Web Site(s): This Partner Program Agreement (the "Partner Agreement") is made and entered into between Register.com.
More informationResearch Support Council (RSC) - What Data is Sensitive and How
Research Support Council (RSC) - What Data is Sensitive and How Do We Keep it Private? John L. Baines, AD IT Policy & Compliance Tuesday, May 14, 2013 9:00 am 9:30 am Witherspoon Student Center John_Baines@ncsu.edu
More informationBUSINESS ASSOCIATE AGREEMENT
Note: This form is not meant to encompass all the various ways in which any particular facility may use health information and should be specifically tailored to your organization. In addition, as with
More information