Sensitive Data Retention and Destruction Policy
|
|
- Tracey Holmes
- 6 years ago
- Views:
Transcription
1 Sensitive Data Retention and Destruction Policy Institutional Policy Title: Sensitive Data Retention and Destruction Policy Responsible Officer: Director, Research Informatics Effective Date: Revised Date: 3/6/2014 Supersedes: New Policy Approved By: Table of Contents 1 Purpose Scope Definitions Policy Statement Procedures Data Use Agreement Tracking Notification Process Project Closeout Storage Facilities Physical Content Electronic Content Long Term Storage Tracking Destruction Process Permanent Retention Related Policies Reference Materials Appendix Document Properties... 5 Sensitive Data Retention and Destruction Policy 1/6
2 1 Purpose The purpose of this policy is to protect the privacy of sensitive data collected from and about research participants. The aim is to be in compliance with good data practice and all applicable Federal and State laws on protecting data security. This policy provides deference to HSL corporate data retention policy, but establishes guidance for data handling with regards to data use and data sharing agreements, which may conflict with existing HSL policy. 2 Scope This policy applies to all faculty and staff of Hebrew SeniorLife Institute for Aging Research (HSL/IFAR) working on research projects involving sensitive data (SD) and/or projects with explicit data use or data sharing agreements. 3 Definitions Term: Sensitive Data Any data which contains Social Security Numbers or other personal identification numbers, confidential personal or financial information, protected health information, student educational records, proprietary customer data or information that is otherwise deemed to be protected by HSL corporate policy, state, federal, or international laws, statutes, or regulations or explicitly identified in a contract. 4 Policy Statement Sensitive data are to be destroyed by the date specified by corporate rules unless otherwise stipulated in the Data Use Agreement (DUA), Data Sharing Agreement (DSA), Contract or Grant Guidelines (federal and non-federal). 5 Procedures Data obtained via a DUA or DSA must be destroyed upon the date or point in time specified in those agreements. If not otherwise governed by a DUA/DSA or another type of contractual agreement, investigators and staff should follow the HSL IRB data retention policies and HSL IT policies for appropriate destruction dates and methods. The project principal investigator is responsible for directing and certifying data destruction and completing any required forms (e.g., CMS Certificate of Data Destruction). 5.1 Data Use Agreement Tracking IFAR administration, which includes the Informatics Core, will assist investigators in tracking destruction deadlines by maintaining a database of data use and sharing agreements. It is the Sensitive Data Retention and Destruction Policy 2/6
3 responsibility of the principal investigator to provide the Director of Research Informatics with relevant information (e.g. project title, IRB number, deadline date, etc.) to assist the Institution in tracking projects maintained in this database Notification Process The Director of Research Informatics will query the tracking database monthly for projects with expiring DUAs/DSAs or approaching the "destroy by" date for paper and electronic data files. The Director will inform investigators 90 days before destroy by dates to confirm and facilitate data destruction, or if an application to extend a DUA/DSA is required. 5.2 Project Closeout All investigators and project directors should develop and execute project closeout activities. This process should be executed at the end of primary data analysis and before IRB authorization expires. Closeout activities might include creating de-identified data sets and clear result set documentation as well as aggregating study communications, meeting minutes, casebooks and other related materials. These artifacts should be stored in preapproved locations on the HSL corporate network for electronic content or in designated long term storage facilities for paper-based materials. Content containing sensitive data or data related to a DUA, DSA, Grant or Contract should be clearly marked or organized in a way to facilitate permanent data destruction. 5.3 Storage Facilities Physical Content IFAR maintains three physical locations for storing project content. The use of these locations must be preapproved by Vice President of Research Administration. Name 6 th Floor Roslindale Patio Roslindale (gated) B2 Roslindale (gated) Container Access Restrictions Type Cabinet Requires IFAR floor access, Keys controlled by project director or her designee Storage Box Requires preapproval from Director of Research Informatics Keys are maintained by HSL security Storage Box Requires preapproval from Director of Research Informatics Keys are maintained by HSL security Storage Type Active Projects Long Term Long Term Projects may also employ third party long term storage facilities (e.g. Iron Mountain) at their own expense. Approval from the VP of Research Administration and Director of Research Informatics must be obtained prior to engaging in a contract or transmitting content to this Sensitive Data Retention and Destruction Policy 3/6
4 third party. Certification of all materials stored must be obtained and retained by the Informatics group. Projects using long term storage must be registered with Informatics Core and incorporated into its database. See description below. All paper content must be stored in appropriate, sturdy containers preapproved by administration. Clear labels must be applied to assist staff in recovery and destruction Electronic Content IFAR maintains a dedicated project archive network file share for permanent storage of electronic content. Project teams are encouraged to organize and store sensitive data and accompanying materials in this location. Access to the IFAR project archives is strictly prohibited and requires preapproval with the Director of Research Informatics and assistance from the HSL IT Department Long Term Storage Tracking The Informatics Core maintains a database of all projects using long term on-site physical storage. The database contains a list of all projects, investigator and administrative contact information, destroy dates and grant information. Furthermore, each project asset (i.e. storage box) is tracked with a label and minor details. Access to this database is controlled by the Director of Research Informatics. 5.4 Destruction Process The investigator is responsible for organizing or directing his/her staff to destroy paper and electronic (source and derivative) data files on the deadline date where there is no pending amendment or exception to a DUA. The Director of Research Informatics will provide assistance or additional resources to execute relevant tasks. The following resources may be destroyed in this process. Electronic data files located on any active or archived network file share locations. These include Windows file shares, document management systems (e.g. SharePoint), or distributed file systems (e.g. Dropbox, Accellion, etc). Electronic data sets stored in database systems (e.g. Microsoft SQL Server, MySQL) or dedicated analytical systems (e.g. SAS server, Hadoop, etc.). Paper records stored on site in IFAR long term storage (e.g. Patio) or off site commercial storage (e.g. Iron Mountain). All electronic equipment (e.g. hard drives) must be turned over to IT for destruction (see below). The investigator is responsible for certifying, with assistance and documentation from third parties (e.g. IT, off-site storage, etc.), that all sensitive data have been destroyed properly Electronic Equipment The investigator or her designee is responsible for turning over all electronic equipment to IT for destruction. The IT department uses a certified data destruction company that adheres to HIPAA policies on data and equipment destruction. Sensitive Data Retention and Destruction Policy 4/6
5 Equipment no longer in use should relinquished to IT as soon as possible The investigator must schedule equipment pickup or drop off through the help desk system o Server equipment destruction is handled by IT Operations staff o Mobile (tablets, laptops, etc.) and desktop equipment is handled by Help Desk staff The IT department schedules equipment destruction biannually or on an as needed basis o Equipment queued for destruction is stored in a secured, locked room with card control access All equipment (servers, workstations, etc.) is bar-coded by IT staff prior to deployment o Barcodes are referenced at end-of-life and cross referenced before destruction All storage components (i.e. hard drives, integrated devices) are shredded on site by vendor o A master list of devices destroyed (receipt) is provided and cross-referenced 5.5 Permanent Retention Once a project is complete, investigators may not maintain project files that contain identifiable research data, including statistical package scripts, project documentation, grant applications, etc. Investigators may retain de-identified data sets with no mechanism or scheme that may re-identify research participants. 6 Related Policies The document author(s) have attempted to identify policies that may be applicable or related to this policy. This is not an exhaustive list. All HSL employees are expected to abide by all active policies of the organization at all times. As such, employees are encouraged to review any and all potentially applicable policies regardless of whether they are identified below. HSL reserves the right to modify, cancel, or enact new policies at anytime, without notice. HSL Policy: Record Management, Retention, Disposition and Destruction Guidelines HSL IRB Policies and Procedures (Section 3 Investigator and Research Personnel Requirements, and Section 14 Record Management) 7 Reference Materials NA 8 Appendix NA 9 Document Properties Title: Sensitive Data Retention and Destruction Policy Sensitive Data Retention and Destruction Policy 5/6
6 Author: Version: File Name: Jason Rightmyer Sensitive Data Retention Policy.docx Sensitive Data Retention and Destruction Policy 6/6
Minor/technical revision ofexisting policy Major revision ofexisting policy Reaffirmation of existing policy
Name ofpolicy: Technology Asset Management Policy Policy Number: 3364-65-05 TIIK IINIVKIIM I Y C)V TOLEDO Approving Officer: President Responsible Agent: Vice President, CIO/CTO Effective Date: January
More informationDePaul University Records Management Manual October 1, 2016
Records Management Manual October 1, 2016 A Note from the Director October 1, 2016 Dear Community Member, On behalf of the Department of Records Management, I welcome you to our vibrant community. As the
More informationediscovery at the University of Michigan
Guideline number: Title DM-08 ediscovery at the University of Michigan Date issued: August 10, 2010 Date last reviewed: February 13, 2017 Version number: 3.0 Approval authority: Responsible office: Vice
More informationScope Policy Statement Reason For Policy Procedure Definitions Sanctions Additional Contacts History. Scope. University Policies.
Management of Human Resource Records: Personnel Records for Staff and Temporary Employees and Benefit Program Records for All Employees, Retirees, and COBRA Participants About This Policy Effective Date:
More informationApproved by Board: 22/06/2016. Records Management Policy
Approved by Board: 22/06/2016 Records Management Policy 1. Introduction 1.1 The information that University records contain serves as evidence of functions executed and activities performed. University
More informationHSCIC Audit of Data Sharing Activities:
Directorate / Programme Data Dissemination Services Project Data Sharing Audits Status Approved Director Terry Hill Version 1.0 Owner Rob Shaw Version issue date 20/04/2016 HSCIC Audit of Data Sharing
More informationMedical University of South Carolina University Records Center User Guide
Medical University of South Carolina University Records Center User Guide University Records Center User Guide Contents Overview... 2 Record Storage Facilities... 2 About Records Management... 2 MUSC and
More informationCollaboration with Business Associates on Compliance
Collaboration with Business Associates on Compliance HCCA Compliance Institute April 19, 2016 Balancing risk management, compliance responsibility and business growth Responsibility of entities as they
More informationInformation Technology Policy and Procedure Manual
UNIVERSITY OF NORTH CAROLINA School of Information & Library Science Information Technology Policy and Manual Table of Contents Introduction... 3 Desktop and Laptop Computers... 4 Desktop and Laptop Computers:
More informationAsset Tracking Solutions. Partial Controls and Features
Partial Controls and Features Cloud Hosting and Data Storage- No servers required - Allows you to focus on running your business. GPS On scan GPS location data captured Audit Data Timestamped to ensure
More informationService Level Agreement - REDCap University of Alabama at Birmingham Department of Medicine
Service Level Agreement - REDCap University of Alabama at Birmingham Department of Medicine Document Title: DOM IT REDCap SLA Document number: DOM_IT_REDCap_01 Created on: 11-15-2018 Effective Date: 01-01-2019
More informationSection II: Schedule of Requirements
Section II: Schedule of Requirements Background UNOPS supports the successful implementation of its partners peacebuilding, humanitarian and development projects around the world. Our mission is to serve
More informationInformation is important to the operation of a company. A system. Records Management. C h a p t e r Introduction to Records Management
C h a p t e r 11 Records Management 11-1 Introduction to Records Management 11-2 Managing Physical Records 11-3 Managing Electronic Records Wire_man/Shutterstock.com Heath Korvola/Digital Vision/Jupiter
More informationUniversity College Cork National University of Ireland, Cork Records Management Policy Version 1.0
University College Cork National University of Ireland, Cork Records Management Policy Version 1.0 UCC Records Management Policy, v1.0 1 Table of Contents 1 Purpose... 3 2 Scope... 3 3 Policy Requirements...
More informationIBM Tealeaf Customer Experience on Cloud
Service Description IBM Tealeaf Customer Experience on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients
More informationDo You Know What Your Business Associates Subcontractors & Vendors Are Doing With Your PHI & ephi?
Do You Know What Your Business Associates Subcontractors & Vendors Are Doing With Your PHI & ephi? Web Hull Privacy, Data Protection, & Compliance Advisor Web.Hull@icloud.com HCCA 2017 Compliance Institute
More informationDo You Know What Your Business Associates Subcontractors & Vendors Are Doing With Your PHI & ephi?
Do You Know What Your Business Associates Subcontractors & Vendors Are Doing With Your PHI & ephi? Web Hull Privacy, Data Protection, & Compliance Advisor Web.Hull@icloud.com HCCA 2017 Compliance Institute
More informationKWANLIN DÜN FIRST NATION. Records Management Policy
Amended on June 13, 2018 1.0 Definitions In this policy active records means records that are required for day to day operations of Kwanlin Dün First Nation and kept in the office that created them; archives
More informationGOVERNANCE AES 2012 INFORMATION TECHNOLOGY GENERAL COMPUTING CONTROLS (ITGC) CATALOG. Aut. / Man. Control ID # Key SOX Control. Prev. / Det.
GOVERNANCE 8.A.1 - Objective: Information Technology strategies, plans, personnel and budgets are consistent with AES' business and strategic requirements and goals. Objective Risk Statement(s): - IT Projects,
More informationRecords Management Plan
Records Management Plan October 2014 1 2 Document control Title The Scottish Funding Council Records Management Plan Prepared by Information Management and Security Officer Approved internally by Martin
More informationAll equipment and instruments will be ordered by the Special Agent In Charge.
4.1 Equipment and Instruments 4.1.1 Procurement All equipment and instruments will be ordered by the Special Agent In Charge. 4.1.2 Equipment Inventory Log An inventory log will be maintained on each piece
More informationGlobal Supplier Code of Business Conduct & Ethics
Global Supplier Code of Business Conduct & Ethics Version 2.0 2/15/2017 Contents Document Statement... 3 Scope... 3 1.0 Related or Referenced Policies... 3 2.0 Compliance with Laws, Regulations and the
More informationOutside Employment. such non-cash economic benefit shall not have a present value significantly in excess of POLICY NUMBER: -'S=L=C=C--'-'H=R-=-5=-0=8
POLICY NUMBER: -'S=L=C=C--'-'H=R-=-5=-0=8 POLICY AND PROCEDURES MEMORANDUM Title: Outside Employment Effective Date: Fall 2011 Date of Last Revision: Cancellation: Office: Outside Employment SLCC recognizes
More informationBUSINESS PRACTICE BULLETIN The School Board of Broward County, Florida
BUSINESS PRACTICE BULLETIN The School Board of Broward County, Florida SUBJECT: PROCEDURE FOR PROPERTY & INVENTORY CONTROL BULLETIN NO.: O-100 PAGE: 1 OF 12 DATE: 6/22/2017 GENERAL: Florida Statutes (Ch.
More informationIBM Tealeaf Customer Experience on Cloud
Service Description IBM Tealeaf Customer Experience on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the contracting party and its authorized users and
More informationProject Procedure 1.0 PURPOSE 2.0 SCOPE 3.0 REFERENCES. No.: P /21/2012 PAGE 1 OF 12 PROJECT RECORDS MANAGEMENT
Project Procedure PROJECT RECORDS MANAGEMENT 09/21/2012 PAGE 1 OF 12 1.0 PURPOSE The purpose of this procedure is to establish the methods and responsibilities for identifying, collecting, indexing, storing,
More informationIdeal Instrument Company, Inc.
Ideal Instrument Company, Inc. Quality Control Manual Prepared By: Richard Ballantyne Quality Control Department Ideal Instrument Company, Inc. 863 Washington Canton, Ma. 020212513 Cage Code OOEU5 MCTDA
More informationProperty Classification, Accountability, and Responsibility
Property Classification, Accountability, and Responsibility I. The purpose of this regulation is to define classification, responsibility, and accountability for managing property in Prince William County
More informationDIOMED DEVELOPMENTS LIMITED DATA PRIVACY NOTICE FOR APPLICANTS
DIOMED DEVELOPMENTS LIMITED DATA PRIVACY NOTICE FOR APPLICANTS 1. ABOUT THIS DATA PRIVACY NOTICE 1.1 Diomed Developments Limited, and companies within the group controlled by Diomed Developments Limited
More informationTECHNICAL RELEASE TECH 05/14BL. Data Protection Handling information provided by clients
TECHNICAL RELEASE TECH 05/14BL Data Protection Handling information provided by clients ABOUT ICAEW ICAEW is a world leading professional membership organisation that promotes, develops and supports over
More informationPolicies and Procedures Date: January 22, 2015
No. 4303 Rev.: 1 Policies and Procedures Date: January 22, 2015 Subject: Asset Control and Management 1. Purpose... 1 2. Policy... 1 3. Responsibilities... 2 4. Procedures... 2 4.1. Identifying New Assets...
More informationB. Consequences for Accessing E-Verify Without Authorization. C. Conditions for Use of E-Verify by Authorized Users
Verification of Work Eligibility The Haywood County school system uses E-verify to electronically verify the identity and work eligibility of new employees as required by G.S. 126-7.1(i). E-Verify is an
More informationLOYOLA MARYMOUNT UNIVERSITY POLICIES AND PROCEDURES
LOYOLA MARYMOUNT UNIVERSITY POLICIES AND PROCEDURES DEPARTMENT: CONTROLLER S OFFICE SUBJECT: UNIVERSITY CASH HANDLING POLICY Policy Number: BF021.01 Effective Date: June 1, 2013 Approvals: Business & Finance
More informationStudy Files and Filing
Study Files and Filing The current version of all Hillingdon Hospital R&D Guidance Documents and Standard Operating Procedures are available from the R&D Intranet and Internet sites: www.ths.nhs.uk/departments/research/research.htm
More informationPurchase Card Program
Purchase Card Program POLICIES AND PROCEDURES South Puget South Community College has established a Purchase Card Program in accordance with the Office of Financial Management and the Department of Enterprise
More informationBrasenose College Data Protection Policy Statement v1.2
Brasenose College Data Protection Policy Statement v1.2 1. Introduction All documents referred to in this policy can be found online at the address below: https://www.bnc.ox.ac.uk/privacypolicies 1.1 Background
More informationREQUEST FOR PROPOSAL INFORMATION TECHNOLOGY SUPPORT SERVICES
REQUEST FOR PROPOSAL INFORMATION TECHNOLOGY SUPPORT SERVICES Family Service Center of Galveston County (hereinafter FSC) is requesting proposals from qualified, professional technology vendors for Information
More informationInformation Technology Services Procedures
Page 1 of 17 Table of Contents 1 General Scope and Responsibilities... 2 2 Entities Affected by this Procedure... 2 3 Definitions... 2 4 Requirements... 3 4.1 Access Control Requirements... 3 4.2 Personnel
More informationX.XX Wireless Communication Devices (Cell Phones) I. POLICY STATEMENT II. RATIONALE III. SCOPE IV. WEBSITE ADDRESS FOR THIS POLICY
The University of Texas at San Antonio Handbook of Operating Procedures Chapter 9 General Provisions X.XX Wireless Communication Devices (Cell Phones) I. POLICY STATEMENT The University of Texas at San
More informationConflicts of Interest and Conflicts of Commitment Policy and Approval Guidelines
Conflicts of Interest and Conflicts of Commitment Policy and Approval Guidelines 8.2.18.2 Conflicts of Interest and Conflicts of Commitment 8.2.18.2.1 Conflicts of Interest and Appearances of Conflicts
More informationIBM Tealeaf Customer Experience on Cloud
Service Description IBM Tealeaf Customer Experience on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients
More informationInstitutional Biosafety Committee
Northern Illinois University Institutional Biosafety Committee Policy Office of Research Compliance, Integrity and Safety 2017 Northern Illinois University Institutional Biosafety Committee Purpose...
More informationPROCEDURE (Essex) / Linked SOP (Kent) Asbestos Management. Number: U 1005 Date Published: 22 July 2015
1.0 Summary of Changes 1.1 This is a new joint procedure/sop for Essex Police and Kent Police. 2.0 What this Procedure is about 2.1 This document identifies how Essex Police and Kent Police shall manage
More informationBusiness Practice for Personal Computer Inventory
Page 1 of 5 PURPOSE: To facilitate communication regarding the portfolio of personal computers (PCs) at CSU Channel Islands and to provide for a uniform process for maintenance of the portfolio. BACKGROUND:
More informationSalt Lake Community College Policies and Procedures
COLLEGE PROCUREMENT POLICY Board of Trustees Approval: 04/12/2017 POLICY 10.01 Page 1 of 1 I. POLICY All products and services purchased by the College shall be procured in compliance with applicable statutes,
More informationHarbinger Escrow Services Backup and Archiving Policy. Document version: 2.8. Harbinger Group Pty Limited Delivered on: 18 March 2015
Document version: 2.8 Issued to: Harbinger Escrow Services Issued by: Harbinger Group Pty Limited Delivered on: 18 March 2015 Harbinger Group Pty Limited, Commercial in Confidence Table of Contents 1 Introduction...
More informationSOP SF SOP for Controlled Document Management
SOP SF-1-6.05 SOP for Controlled Document Management Page 2 of 13 freezer RQs has been revised to reflect retention guidelines for freezer alarm testing worksheets. 1.1.6.6. Procedure for retaining Freezer
More informationIBM Emptoris Contract Management on Cloud
Service Description IBM Emptoris Contract Management on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients
More informationSecure Document Storage and Management Services
Secure Document Storage and Management Services In association with Off-site - Physical Document Storage & Management File Tracking Software (Docu-Track) Electronic archiving On-site (customer premises)
More informationControl Self Assessment Questionnaire
Control Self Assessment Questionnaire (31 Questions) 1. The department documents the monthly reconciliation of its Lynx finance accounts and reports. A yes answer indicates that the department has written
More informationUniversity of Louisiana System
Policy Number: FS-III.VII.-1 University of Louisiana System Title: OUTSIDE EMPLOYMENT/ PROCEDURES Effective Date: February, 1995 Cancellation: None Chapter: Faculty and Staff I. INTRODUCTION Policy and
More informationPA TURNPIKE COMMISSION POLICY
POLICY SUBJECT: PA TURNPIKE COMMISSION POLICY This is a statement of official Pennsylvania Turnpike Policy RESPONSIBLE DEPARTMENT: NUMBER: 3.06 APPROVAL DATE: 10-07-1975 EFFECTIVE DATE: 10-07-1975 Driver
More informationNHS Digital Audit of Data Sharing Activities: Derby Teaching Hospitals NHS Foundation Trust - Renal Department
Directorate / Programme Care Services Project Data Sharing Audits Status Approved Director Catherine O Keeffe Version 1.0 Owner Sean Walsh Version issue date 13/10/2017 NHS Digital Audit of Data Sharing
More informationQUALITY MANUAL DISTRIBUTION. Your Logo Here. Page 1 1 of 57. Rev.: A
Page 1 1 of 57 President Design Engineering Production Production Engineering Materials Control Purchasing Service Marketing Sales Contracts Human Resources Quality Assurance Quality Control Production
More informationLOUISIANA COMMUNITY & TECHNICAL COLLEGE SYSTEM Policy No
LOUISIANA COMMUNITY & TECHNICAL COLLEGE SYSTEM Policy No. 6.018 Title: Outside Employment of LCTCS Employees Authority: LCTCS Board Action Original Adoption: 12/12/01 Board of Regents Action Effective
More informationCREDIT CARD MERCHANT PROCEDURES MANUAL. Effective Date: 04/29/2016
CREDIT CARD MERCHANT PROCEDURES MANUAL Effective Date: 04/29/2016 Updated: April 29, 2016 TABLE OF CONTENTS Introduction... 1 Third-Party Vendors... 1 Merchant Account Set-up... 2 Personnel Requirements...
More informationLOUISIANA COMMUNITY & TECHNICAL COLLEGE SYSTEM Policy No
LOUISIANA COMMUNITY & TECHNICAL COLLEGE SYSTEM Policy No. 6.018 Title: Outside Employment of LCTCS Employees Authority: LCTCS Board Action 06/13/07 Board of Regents Action 08/23/07 Ethics Board Action
More informationInformation Policy of the Minnesota Historical Society
Information Policy of the Minnesota Historical Society Adopted January 17, 2007 Revised January 20, 2011 I. Introduction The Minnesota Historical Society is a non-profit educational institution supported
More informationSchedule UNIVERSITY OF NEBRASKA BOARD OF REGENTS
Schedule 170-3 UNIVERSITY OF NEBRASKA BOARD OF REGENTS ACCOUNTING RECORDS April 5, 2011 Nebraska Records Management Division 440 South 8 th Street, Suite 210 Lincoln, NE 68508 (402) 471-2559 INSTRUCTIONS
More informationGOODWILL INDUSTRIES OF COLORADO SPRINGS
GOODWILL INDUSTRIES OF COLORADO SPRINGS CORPORATE COMPLIANCE PROGRAM ADOPTED : By the Board of Directors Date: October 25, 2005 Attachment 2 Memorandum 10-41 TABLE OF CONTENTS Corporate Compliance Program
More informationOilfield Service Co.
Oilfield Service Co. Peak Oilfield Service Company Code of Business Ethics and Compliance From the President Our role in supporting the oil and gas industry is simple: we provide capable, satisfi ed employees
More informationAudits must be conducted with due concern for employee safety and environmental protection.
Standard Operating Procedure Title: GMP Audit Procedure Related Documents TEM-080 Internal Audit Report Template TEM-120 Vendor Audit Report Template Form-385 Vendor Audit Questionnaire Form-445 EHS Workplace
More informationNewspaper Association of America
Prepared For: Newspaper Association of America RFI Response August 11, 2009 Confidential Internal Document This document, any amendments hereto, and the information contained herein is confidential, sensitive,
More informationprotect data! Important facts about the new GDPR Guideline for the safe shredding of paper documents containing personalised data.
protect data! about the new GDPR Important facts Guideline for the safe shredding of paper documents containing personalised data. Be careful with paper Do you know how you can protect your documents?
More informationOP-H-7 University Cellular Communication Services Allowance Policy
OP-H-7 University Cellular Communication Services Allowance Policy Responsible Executive: Approving Official: Effective Date: Revision History: New ----- Revised I. INTRODUCTION A. PURPOSE This policy
More informationStandard Operating Policy & Procedure
Standard Operating Policy & Procedure A-008 Medical Campus Public Safety Policy Scope: Medical Campus Effective Date: 10/17/1990 Supersedes Policy: N/A Review/ Revision Date(s): 03/19/1996, 11/13/1998,
More informationGetting to know Zendesk Business Associate Agreements
Getting to know Zendesk Business Associate Agreements Getting to know: Zendesk Business Associate Agreements Zendesk Confidential 1 This is the beginning of a beautiful relationship. And, we d like to
More informationState of Florida Department of Health Request for Information RFI Integrated Florida Environmental Health Information System
Pursuant to 60A-1.042, an agency may request information by issuing a written Request for Information. Agencies may use Requests for Information in circumstances including, but not limited to, determining
More informationIDEA Part B, IDEA Preschool, and ECEA Fiscal Responsibilities
IDEA Part B, IDEA Preschool, and ECEA Fiscal Responsibilities Self-Audit AU Name Date Name of person responsible for completing form: Title: Name of person responsible for completing form: Title: Name
More informationBOWIE STATE UNIVERSITY ASSET MANAGEMENT POLICY & PROCEDURES MANUAL
BOWIE STATE UNIVERSITY ASSET MANAGEMENT POLICY & PROCEDURES MANUAL Effective: July 2015 TABLE OF CONTENTS I. Purpose..3 II. General Information.4 III. Property Control....5-11 A. Tagged Items B. Non-Tagged
More informationUniversity Internal Audit
University Internal Audit Compliance Audit Overview Bill Abplanalp Audit Manager Agenda Introductions What is Internal Audit Compliance Review Questions Internal Audit Mission Provide independent, objective
More informationLOUGHBOROUGH UNIVERSITY RESEARCH OFFICE STANDARD OPERATING PROCEDURE. Loughborough University (LU) Research Office
LOUGHBOROUGH UNIVERSITY RESEARCH OFFICE STANDARD OPERATING PROCEDURE Loughborough University (LU) Research Office SOP 1024 LU Study Closedown and End of Study Reporting for NHS Research Sponsored by Loughborough
More informationRisk Mitigation in a Core Banking Conversion
Risk Mitigation in a Core Banking Conversion Greg Meidt, chief information officer Chemical Bank Dick Smies, vice president IBS Conversion Services 1 800 822 6758 Introduction A core banking migration
More informationQuality Manual. Specification No.: Q Revision 07 Page 1 of 14
Page 1 of 14 Quality Manual This Quality Manual provides the overall quality strategy and objectives of Pyramid Semiconductor s quality system. It is based on the requirements of ISO 9000. This manual
More informationStandard Statement and Purpose
Personnel Security Standard Responsible Office: Technology Services Initial Standard Approved: 10/23/2017 Current Revision Approved: 10/23/2017 Standard Statement and Purpose Security of information relies
More information1.1 IDENTIFYING INFORMATION REQUIRING CAPTURE
ADMINISTRATIVE PROCEDURES Administrative Procedure Section FOI/RECORDS MANAGEMENT Administrative Procedure Number AP-FOI-305 Policy Number 305 Page 1 of 16 ADMINISTRATIVE PROCEDURE TITLE Records and Information
More informationTEXAS DEPARTMENT OF TRANSPORTATION GENERAL SERVICES DIVISION REMOVAL OF RECYCLABLE MATERIALS SCRAP PAPER, ALUMINUM CANS, AND PLASTIC BOTTLES
TEXAS DEPARTMENT OF TRANSPORTATION GENERAL SERVICES DIVISION SPECIFICATION NO. * REMOVAL OF RECYCLABLE MATERIALS SCRAP PAPER, ALUMINUM CANS, AND PLASTIC BOTTLES PUBLICATION This specification is a product
More informationINFORMATION TECHNOLOGY Administrative Policies and Procedures Last Updated 2/7/2013
2/7/2013 INFORMATION TECHNOLOGY Administrative Policies and Procedures Last Updated 2/7/2013 I. Cash Receipts Cash should never be accepted. When checks are received, they should be endorsed For Deposit
More informationUNIVERSITY STANDARD. Title UNIVERSITY OF NORTH CAROLINA AT CHAPEL HILL STANDARD ON ENTERPRISE DATA GOVERNANCE. Introduction
UNIVERSITY STANDARD Issuing Office Responsible University Title UNIVERSITY OF NORTH CAROLINA AT CHAPEL HILL STANDARD ON ENTERPRISE DATA GOVERNANCE PURPOSE Introduction This Standard to the Policy on Enterprise
More informationBUSINESS POLICIES AND PROCEDURES MANUAL Revised 7-18 Property Inventory
BUSINESS POLICIES AND PROCEDURES MANUAL PROPERTY 20.50.1 OVERVIEW INVENTORY RECORDS This section provides requirements and procedures for maintaining records of equipment possessed by and transferred from
More informationEnd of Study Notification, Close-Out and Reporting Sponsored Research. Noclor/Spon/S11/01. SOP Reference ID:
End of Study Notification, Close-Out and Sponsored Research SOP Reference ID: Noclor/Spon/S11/01 Version Number 1.0 Effective Date: 6 th June 2016 It is the responsibility of all users of this SOP to ensure
More informationPercival Aviation Limited 15 Barnes Wallis Road, Segensworth, Hampshire, PO15 5TT, UK Tel: + 44 (0)
TABLE OF CONTENTS INTRODUCTION... 4 1. Purpose... 4 2. Scope... 4 3. References... 4 4 Terminology and Definitions... 5 4.1.1 Subcontractor... 5 4.1.2 Significant Subcontractor... 5 4.1.3 Manufacturers...
More informationUniversity of New Mexico Health Sciences Center Office of Research Policy for the Oversight of Human Tissue in Research
1. Applicability This policy applies to all tissues collected from volunteers and from nonliving human subjects for the purpose of research. Oversight of this policy and these tissues are the responsibility
More information1.) Does the $100,000 figure reflect the first year through June 2013 or the complete term of the contract through June 2014?
RFP 2012 6 Gas Safety Inspection Management System Questions and Answers 1.) Does the $100,000 figure reflect the first year through June 2013 or the complete term of the contract through June 2014? It
More informationGirl Scouts of Central Texas Delegation of Authority Policy Reviewed and approved by GSCTX Finance Committee: March 21, 2017
Girl Scouts of Central Texas Delegation of Authority Policy Reviewed and approved by GSCTX Finance Committee: March 21, 2017 PURPOSE This Delegation of Authority Policy outlines limits of authority for
More informationLiving Our Purpose and Core Values CODE. Code of Business Ethics and Conduct for Vendors
Living Our Purpose and Core Values CODE Code of Business Ethics and Conduct for Vendors December 2016 HCSC Vendor Code of Business Ethics and Conduct Since 1936, Health Care Service Corporation, a Mutual
More informationInstitutional Biosafety Committee (IBC) Charter
Institutional Biosafety Committee (IBC) Charter Table of Contents I. Purview of the Wayne State University IBC... 1 A. Purpose... 1 B. IBC Authority... 2 C. IBC Responsibilities... 2 II. Principal Investigators
More informationSOFTWARE LICENSING POLICY
SOFTWARE LICENSING POLICY Version 12/12/2012 University of Birmingham 2012 David Deighton, IT Services CONTENTS 1. Policy on Software Licensing... 3 1.1 Software Licensing Compliance... 3 1.2 Software
More informationRequest for Proposal. Request for Proposal for IT Services RFP Number: CRDF-IT0418 Date of Issue: May 8, 2018 Closing: May 25, 2018
Request for Proposal Request for Proposal for IT Services RFP Number: CRDF-IT0418 Date of Issue: May 8, 2018 Closing: May 25, 2018 RFP Coordinator: J. Todd Jennings (tjennings@crdfglobal.com) 1 Contents
More informationSupplier Security Directives
Page 1 (8) Supplier Directives 1 Description This document (the Directives ) describes the security requirements applicable to Suppliers (as defined below) and other identified business partners to Telia
More informationMOBILE COMMUNICATIONS AND HOME COMPUTING POLICY
Responsible University Officials: Vice President for Financial Operations and Treasurer, Controller Responsible Office: Office of Financial Operations Origination Date: January 1, 2009 MOBILE COMMUNICATIONS
More informationRecords & Information Management More Than Just Retention
Records & Information Management More Than Just Retention College and University Auditors of Virginia, 2017 Conference May 2, 2017 G. Mark Walsh CA, CRM Records Management Information Technology Services
More informationOklahoma State University Policy and Procedures
Oklahoma State University Policy and Procedures INVENTORY OF FIXED ASSETS 3-0125 ADMINISTRATION & FINANCE December 2011 INTRODUCTION AND GENERAL STATEMENT 1.01 Asset Management maintains a fixed assets
More informationGOVERNMENT OF ONTARIO COMMON RECORDS SERIES POLICY AND PLANNING FUNCTIONS. November 17, 2008
GOVERNMENT OF ONTARIO COMMON RECORDS SERIES November 17, 2008 These series will assist Ontario Government ministries in managing the retention and disposition of public records created, received and used
More informationBrumund Foundry Inc.
QUALITY ASSURANCE 1st TIER MANUAL Brumund Foundry Inc. 4400 West Carroll Ave. Chicago, IL 773-287-9250 PER ANSI/ASQC Q9002-1994 Page 1 of 7 THE PRESIDENT HAS DIRECTED THAT THE FOLLOWING POLICIES BE IMPLEMENTED
More informationOracle Customer Service and Support Cloud Services Descriptions and Metrics October, 2017
Oracle Customer Service and Support Cloud Services Descriptions and Metrics October, 2017 V101917 1 of 164 Table of Contents Glossary of Terms... 6 Appointment... 6 Certificate... 6 Connection... 6 20K
More informationRailroad Commission of Texas Mentor Protégé Program
Railroad Commission of Texas Mentor Protégé Program December 3, 2002 1 1.0 Description The Railroad Commission of Texas Mentor/Protégé Program is developed in accordance with Government Code 2161.065 and
More informationAlameda Countywide. Care Council. Manual
Alameda Countywide InHOUSE Alameda Countywide InHOUSE Alameda Countywide InHOUSE Alameda Countywide InHOUSE Alameda Countywide InHOUSE Alameda Countywide InHOUSE Alameda Countywide InHOUSE Alameda Countywide
More informationHuman Resources Policy Title: Form I-9 (Employment Eligibility) Policy Effective: June 1, 2017
Human Resources Policy Title: Form I-9 (Employment Eligibility) Policy Effective: June 1, 2017 PURPOSE: In compliance with the Immigration Reform and Control Act of 1986 ( IRCA ) and any other applicable
More information