Cutting Edge Legal Issues Relating To Mobile Devices Nick Akerman Dorsey & Whitney LLP
|
|
- Loren Nora Robertson
- 5 years ago
- Views:
Transcription
1 Cutting Edge Legal Issues Relating To Mobile Devices Nick Akerman Dorsey & Whitney LLP
2 Companies can mitigate their risk by re-evaluating 7 areas of their business Hiring Practices Company Rules Appropriate Agreements Use of Technology Termination Practices Protocols for Response Company Compliance Program
3 HIRING PRACTICES
4 The Hiring Process Honor Prior Employment Agreements Explain Company Obligations Company Policy Employment Agreements Criminal Exposure for the Company
5 COMPANY RULES
6 The Computer Fraud and Abuse Act
7 Overview of the Federal Computer Crime Statute The statute and its scope Legal requirements How the courts have interpreted the statute Current issues in play regarding employees Proactive steps a company can take to be able to use the statute to protect its data
8 Computer Fraud and Abuse Act Title 18 U.S.C Enacted in 1984 Federal computer crime statute including data theft Civil remedy in 1994 amendment Computers used in interstate commerce Amended in 2001 and 2008 Computers in foreign countries Provides for damages and injunction
9 Various Causes of Action Stealing valuable computer data Schemes to defraud Trafficking in a computer password or similar information with intent to defraud Damaging computer data Hacking Extortion Sending computer viruses
10 Legal Requirements Protected computer Lack of authorization or exceeding authorization to access computer Theft of information or anything of value Damage to data permanent $5,000 loss Limited to economic damages Compensatory damages Two-year statute of limitations
11 The $5,000 Jurisdictional Limit Loss during any 1 year period aggregating at least $5,000 Loss is defined in the statute as any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service. 1030(e)(11).
12 Responding to an Offense Conducting a damage assessment Restoring computer system to its condition prior to the offense U.S. Middleton, 231 F.3d 1207 (9th Cir. 2000) Investigating and repairing damage Lost Revenue to the business caused by employee responding to offense Use of outside investigator to determine whether computer compromised
13 Lost Revenue, Costs or Damages Incurred Because of Loss of Service Must be interruption of service Nexans Wires S.A. v. Sark-USA Inc., 166 Fed. Appx, 559 (2d Cir. 2006) Plaintiff claimed theft of confidential information caused it to lose at least $10 million in profits Does not apply to loss of profits from theft of data
14 Key Issue is an Unauthorized Access Section 1030(a)(2)(C) - Whoever intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains information from any protected computer [commits a crime]
15 Ways to Establish Lack of Authorization Hacking by outsider who breaks into computer Violating company policies and rules Exceeding expected norms of intended use Employee terminating agency relationship with employer by disloyal conduct Accessing for non-business purpose
16 International Airport Centers v. Citrin, 440 F.3d 418 (7th Cir. 2006) Employee destroyed data on company laptop Authorization based on law of agency Authorization terminates with disloyal act Judge Posner found that authorization terminated when employee resolved to destroy files that incriminated himself and other files that were also the property of his employer.
17 U.S. v. Tolliver, 2011 WL (3rd Cir. 2011) Regina Tolliver, a former bank teller for Citizen s Bank, provided customer account information to check runners who cashed fraudulent checks Employee policies not at issue Court found there was sufficient evidence to convict Tolliver of the CFAA violation because she exceeded her authorized access to the bank computers because she did not have a business purpose to access the customers accounts
18 U.S. v. Rodriquez, 628 F.3d 1258 (11 th Cir. 2010) Court affirmed the CFAA conviction of a Social Security Administration employee Access social security information for personal reasons Violated Agency s policy against obtaining Information from its databases without a business reason.
19 EF Cultural Travel v. Explorica, 274 F.3d 577(1st Cir. 2001) Ex-employees set up competing student travel company Information was accessed through public website Robot created with confidential information Used robot to download pricing data First Circuit upheld injunction based on confidentiality agreement Authorization established by contract Pricing data was valuable
20 Authorization as Defined by Company Policies First Circuit: the CFAA is primarily a statute imposing limits on access and enhancing control by information providers Companies can set predicate for CFAA violation Rules on limiting authorized access Agreements can set limits Similar to criminal trespass
21 U.S. v. Nosal, 676 F.3d 854 (9 th Cir. 2012) Employees cannot access without authorization since they are authorized to access the company computers CFAA does not extend to violations of use restrictions but is limited to circumvention of technological barriers Concern over criminalizing common violations of terms of use and rules Followed: WEC Carolina Energy Solutions LLC v. Miller, 687 F.3d 199 (2012)
22 Company Rules Employee Handbook Compliance Code of Conduct Terms of Use on company Web site Place in Agreements Training
23 Doe v. Darthmouth Hitchcock Medical Center, 2001 WL (D.N.H. July 19, 2001) Hospital s Graduate Training Manual prohibited intern from accessing patient records absent need to know Hospital and resident sued Court dismissed hospital holding that it had been victimized by its own policies and that it would be inconsistent with the purpose of the CFAA to find the hospital vicariously liable for resident s actions
24 APPROPRIATE AGREEMENTS
25 Agreements Officers/Employees/Third Parties Among related companies Confidentiality/Non-Disclosure Agreement to search personal computers Permissions re scope of access Post employment restrictive covenants Anti-Raiding Covenants
26 Working with Vendors Warranty and representation on compliance Indemnification Certification of compliance with EU Safe Harbor Framework Adequate insurance coverage General due diligence
27 Terms of Use Require users to provide accurate registration information Limit use of account to registered user at one computer at a time Prohibit use of web crawlers, robots and similar devices Post acceptable use guidelines that prohibit abuse, harassment and similar conduct Specify limitations on use of materials obtained (e.g., no commercial use)
28 PROTOCOLS FOR RESPONSE
29 City of Ontario, Ca. v. Quon (S.Ct. 2010) Police officers texted messages on City pagers Quon exceeded character limit and reimbursed the City rather than be audited City s computer policy stated and Internet usage would be monitored Supervisor s statements negated policy by making audits of the texts unnecessary if officers paid for the overages A later audit to determine if limit on texts was tood low found Quon had texted sexually explicit messages and was disciplined Texts in one month reflected 57 work related messages out of 456
30 City of Ontario, Ca. v. Quon (S.Ct. 2010) 9th Circuit held there was no reasonable expectation of privacy based on employer s operational realities and the search was unreasonable Supreme Court reversed holding that on the facts the search was reasonable despite expectation of privacy Search was justified by noninvestigatory work-related purpose of determining whether the character limit was sufficient to meet the City s needs Highlights importance of employer s policies reasonable expectation of privacy and other technology-related policies and the need for enforcing those policies
31 Riley v. California Supreme Court held that the police must obtain a search warrant to review a cellphone a cell phone search would typically expose to the government far more than the most exhaustive search of a house: A phone not only contains in digital form many sensitive records previously found in the home; it also contains a broad array of private information never found in a home in any form unless the phone is. Access to cloud storage
32 Pietrylo v. Hillstone Restaurant Group (D.N.J. 2009) Restaurant employees created an invitation-only Myspace group where employees could vent Management found out about,asked for password, viewed the page and fired two employees Employer found liable for violation of the Stored Communications Act
33 Using Technology to Capture Evidence Audit trail Retention Imaging computers Forensic review
34 USE OF TECHNOLOGY
35 Use of Technology Risks re transportable media Password protection is simplest Two step verification Access based on need to know Encryption
36 TERMINATION PRACTICES
37 The Termination Process Employees must return all company property Standard Exit Interview Form Explain post employment obligations Retain evidence
38 COMPANY COMPLIANCE PROGRAM
39 Compliance New York Stock Exchange listed company compliance program must protect confidential information that might be of use to competitors, or harmful to the company or its customers, if disclosed. Effective as of October 31, 2004 Part of Compliance standards and procedures Annual CEO certification Massachusetts Cover competitively sensitive data and personal data
40 State Data Compliance Statutes Nevada personal information must be encrypted when it is transferred effective October 1, 2008 Connecticut businesses must safeguard the data, computer files and documents containing the information from misuse by third parties. effective October 1, 2008 Massachusetts Data Compliance rules effective March 1, 2010 Applies to a business located anywhere that stores or maintains personal information about a Massachusetts resident Mandates a compliance program consistent with the Federal Sentencing Guidelines Washington State personal information encrypted effective July 1, 2010
41 Massachusetts Administrative, Technical and Physical Safeguards Develop Security Policies that are enforced through encryption Appoint Security Coordinator Minimize risks from third parties terminated access to former employees and ensuring compliance by vendors Train the workforce on importance of personal information security Conduct regular audits at least annually Enforce the policies through disciplinary measures and document responsive actions Respond to incidents encouraging employees to report violations
42 Nick Akerman Dorsey & Whitney LLP For On-going Updates Go to
INFORMATION AND CYBER SECURITY POLICY V1.1
Future Generali 1 INFORMATION AND CYBER SECURITY V1.1 Future Generali 2 Revision History Revision / Version No. 1.0 1.1 Rollout Date Location of change 14-07- 2017 Mumbai 25.04.20 18 Thane Changed by Original
More informationInsuring your online world, even when you re offline. Masterpiece Cyber Protection
Insuring your online world, even when you re offline Masterpiece Cyber Protection Protect your online information from being an open network 97% of Chubb clients who had a claim paid were highly satisfied
More informationH 7789 S T A T E O F R H O D E I S L A N D
======== LC001 ======== 01 -- H S T A T E O F R H O D E I S L A N D IN GENERAL ASSEMBLY JANUARY SESSION, A.D. 01 A N A C T RELATING TO INSURANCE - INSURANCE DATA SECURITY ACT Introduced By: Representatives
More informationCOMPLIANCE TRAINING 2015 C O M P L I A N C E P R O G R A M - F W A - H I P A A - C O D E O F C O N D U C T
COMPLIANCE TRAINING 2015 QUALITY MANAGEMENT COMPLIANCE DEPARTMENT 2015 C O M P L I A N C E P R O G R A M - F W A - H I P A A - C O D E O F C O N D U C T Compliance Program why? Ensure ongoing education
More informationSAFEGUARDING YOUR CHILD S FUTURE. Child Identity Theft. Protecting Your Child s Identity
SAFEGUARDING YOUR CHILD S FUTURE Child Identity Theft Child identity theft happens when someone uses a minor s personal information to commit fraud. A thief may steal and use a child s information to get
More informationInsuring! Agreement Claim! Scenario Coverage! Response Network &! Information! Security Liability A hacker successfully obtains sensitive, personal information from the insured s computer system. As a
More informationHEALTHCARE BREACH TRIAGE
IAPP Privacy Academy September 30 October 2, 2013 HEALTHCARE BREACH TRIAGE Theodore P. Augustinos EDWARDS WILDMAN PALMER LLP Kenneth P. Mortensen CVS/CAREMARK 2013 Edwards Wildman Palmer LLP & Edwards
More informationDATA COMPROMISE COVERAGE FORM
DATA COMPROMISE DATA COMPROMISE COVERAGE FORM Various provisions in this policy restrict coverage. Read the entire policy carefully to determine rights, duties and what is and is not covered. Throughout
More informationMANITOBA OMBUDSMAN PRACTICE NOTE
MANITOBA OMBUDSMAN PRACTICE NOTE Practice notes are prepared by Manitoba Ombudsman to assist persons using the legislation. They are intended as advice only and are not a substitute for the legislation.
More informationBest Practice: Responding to a Privacy Breach
Best Practice: Responding to a Privacy Breach Introduction The Access to Information and Protection of Privacy Act (ATIPP Act or Act) has a dual purpose: to make public bodies more accountable to the public
More informationDATA COMPROMISE COVERAGE RESPONSE EXPENSES AND DEFENSE AND LIABILITY
THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ IT CAREFULLY. DATA COMPROMISE COVERAGE RESPONSE EXPENSES AND DEFENSE AND LIABILITY Coverage under this endorsement is subject to the following: PART 1 RESPONSE
More informationLICENSE AGREEMENT. Security Software Solutions
LICENSE AGREEMENT Security Software Solutions VERIS ACTIVE ID SERVICES AGREEMENT between Timothy J. Rollins DBA Security Software Solutions, having an office at 5215 Sabino Canyon Road and 4340 N Camino
More informationCENTURYLINK ELECTRONIC AND ONLINE PAYMENT TERMS AND CONDITIONS
CENTURYLINK ELECTRONIC AND ONLINE PAYMENT TERMS AND CONDITIONS Effective June 1, 2014 The following terms and conditions apply to electronic and online delivery and presentation of your invoices by CenturyLink
More informationD E B R A S C H U C H E R T, C O M P L I A N C E O F F I C E R
D E B R A S C H U C H E R T, C O M P L I A N C E O F F I C E R INTEGRATED CARE ALLIANCE, LLC CORPORATE COMPLIANCE PROGRAM It is the policy of Integrated Care Alliance to comply with all laws governing
More informationEvaluating Your Company s Data Protection & Recovery Plan
Evaluating Your Company s Data Protection & Recovery Plan CBIA Cybersecurity Webinar Series 11AM 12PM Part V. Presented by: Stewart Tosh Charles Bellingrath Date: December 7, 2017 Today s presenters Stewart
More informationAnti-Kickback Statute: Are Per-Patient Referral Fee Arrangements Permissible?
REFERRAL COMPENSATION GREGORY S. SAIK.IN/NATHANIEL C. KUMMERFELD* Anti-Kickback Statute: Are Per-Patient Referral Fee Arrangements Permissible? Federal Judge's Decision in United States v. Crinel Allows
More informationSouth Carolina General Assembly 122nd Session,
South Carolina General Assembly 122nd Session, 2017-2018 R184, H4655 STATUS INFORMATION General Bill Sponsors: Reps. Sandifer and Spires Document Path: l:\council\bills\nbd\11202cz18.docx Companion/Similar
More informationRed Flag Rule Procedures Under Princeton University s Identity Theft Prevention Program Effective: December 31, 2010
Red Flag Rule Procedures Under Princeton University s Identity Theft Prevention Program Effective: December 31, 2010 Princeton University employees are responsible for detecting Red Flags consistent with
More informationClaims Made Basis. Underwritten by Underwriters at Lloyd s, London
APPLICATION for: NetGuard Plus Claims Made Basis. Underwritten by Underwriters at Lloyd s, London tice: The Policy for which this Application is made applies only to Claims made against any of the Insureds
More informationUser Agreement 1. Your Rights.
User Agreement This User Agreement ("Agreement"), and the terms and conditions set forth herein, are a legal contract governing your use of the RSMeans Online TM Website ("Website"), both as a paid subscriber
More informationDetermining Whether You Are a Business Associate
The HIPAApotamus in the Room: When Lawyers and Law Firms are Subject to HIPAA Enforcement, And How to Comply with the Law by Leslie R. Isaacman, J.D., M.B.A. The Omnibus Final Rule 1 of the Health Information
More informationACCESS TO ELECTRONIC HEALTH RECORDS AGREEMENT WITH THE DOCTORS CLINIC, PART OF FRANCISCAN MEDICAL GROUP
ACCESS TO ELECTRONIC HEALTH RECORDS AGREEMENT WITH THE DOCTORS CLINIC, PART OF FRANCISCAN MEDICAL GROUP and THIS AGREEMENT ( Agreement ) is made and entered into this day of, 20, by and between The Doctors
More informationOLD DOMINION UNIVERSITY PCI SECURITY AWARENESS TRAINING OFFICE OF FINANCE
OLD DOMINION UNIVERSITY PCI SECURITY AWARENESS TRAINING OFFICE OF FINANCE August 2017 WHO NEEDS PCI TRAINING? THE FOLLOWING TRAINING MODULE SHOULD BE COMPLETED BY ALL UNIVERSITY STAFF THAT: - PROCESS PAYMENTS
More informationAnti-Fraud Policy. The following non-exhaustive list provides a few examples of fraud that this Policy is designed to prevent and detect:
Introduction Anti-Fraud Policy In some instances, Medicaid pays for some or all of the services provided. It is the policy of Helper s Inc. to comply with all applicable federal, state and local laws and
More informationAPPLICATION for: TechGuard Liability Insurance Claims Made Basis. Underwritten by Underwriters at Lloyd s, London
APPLICATION for: TechGuard Liability Insurance Claims Made Basis. Underwritten by Underwriters at Lloyd s, London SECTION I. GENERAL INFORMATION 1. Name of Applicant: Physical Address: (as it should appear
More informationU.S. Eagle Federal Credit Union Mobile Banking Agreement
U.S. Eagle Federal Credit Union Mobile Banking Agreement Please read these Agreements carefully before accessing or using this service. By accessing or using the service, you agree to be bound by the terms
More informationAS PASSED BY HOUSE AND SENATE H Page 1 of 37 H.764. An act relating to data brokers and consumer protection
2018 Page 1 of 37 H.764 An act relating to data brokers and consumer protection It is hereby enacted by the General Assembly of the State of Vermont: Sec. 1. FINDINGS AND INTENT (a) The General Assembly
More informationUniversity Data Policies
BACKGROUND Data are valuable institutional assets of Washington State University. Data policies are needed to ensure that these resources are carefully managed, maintained, protected, and used appropriately.
More informationEXCERPT. Do the Right Thing R1112 P1112
MD A n d e r s o n s S t a n d a r d s O f C o n d u c t: EXCERPT Do the Right Thing R1112 P1112 Privacy and Confidentiality At MD Anderson, we are committed to safeguarding the privacy of our patients
More informationCYBER LIABILITY: TRENDS AND DEVELOPMENTS: WHERE WE ARE AND WHERE WE ARE GOING
CYBER LIABILITY: TRENDS AND DEVELOPMENTS: WHERE WE ARE AND WHERE WE ARE GOING 2015 Verizon Data Breach Report 79,790 security incidents 2,122 confirmed data breaches Top industries affected: Public, Information,
More informationCode of Ethics for Directors
Code of Ethics for Directors 2 Table of Contents 1. Introduction... 3 1.1. Application... 3 1.2. Following these principles... 3 1.3. Other requirements... 3 1.4. Waivers... 3 1.5. Revisions... 3 1.6.
More informationTrade Secret Theft: Protecting the Crown Jewels March 25, 2015
Trade Secret Theft: Protecting the Crown Jewels March 25, 2015 Presented by: Dan Rubinstein Today s elunch Presenter Dan Rubinstein Litigation Chicago, Los Angeles drubinstein@winston.com 2 Trade Secret
More informationTruro Police Department IDENTITY THEFT. Policy Number: OPS-6.06A Effective Date: April 20, 2008 REFERENCE: I. GENERAL CONSIDERATIONS AND GUIDELINES
Truro Police Department IDENTITY THEFT Policy Number: Effective Date: April 20, 2008 REFERENCE: Accreditation Standards: Other: I. GENERAL CONSIDERATIONS AND GUIDELINES Identity theft is the unlawful use
More informationDEPARTMENT OF HEALTH AND HUMAN SERVICES. Office of Inspector General s Use of Agreements to Protect the Integrity of Federal Health Care Programs
United States Government Accountability Office Report to Congressional Requesters April 2018 DEPARTMENT OF HEALTH AND HUMAN SERVICES Office of Inspector General s Use of Agreements to Protect the Integrity
More informationGeorgia Health Information Network, Inc. Georgia ConnectedCare Policies
Georgia Health Information Network, Inc. Georgia ConnectedCare Policies Version History Effective Date: August 28, 2013 Revision Date: August 2014 Originating Work Unit: Health Information Technology Health
More informationHIPAA AND YOU 2017 G E R A L D E MELTZER, MD MSHA
HIPAA AND YOU 2017 G E R A L D E MELTZER, MD MSHA ALLISON SHUREN, J D, MSN Financial Disclosure Gerald Meltzer is a consultant for imedicware Allison Shuren co-chairs the Life Sciences and Healthcare Regulatory
More informationDear Colleague, In the steadfast pursuit of excellence, I remain, Sincerely yours,
Dear Colleague, Every employee, manager and physician plays a vital role in realizing Lifespan s mission: Delivering health with care. Essential to achieving this mission is Lifespan s continuous commitment
More informationVirus Protection and Personal Internet & Identity Theft Coverage Terms and Conditions
Virus Protection and Personal Internet & Identity Theft Coverage Terms and Conditions Total Internet Protection Plan Summary: Identity Theft Coverage and Virus Protection Coverage is aggregately valued
More information100 AVA Terms & Conditions
100 AVA Terms & Conditions THIS IS A LEGAL AGREEMENT. BY ACCESSING THIS WEB SITE OR USING ANY SERVICE PROVIDED HEREIN, YOU ACCEPT AND AGREE TO BE BOUND BY ALL THE TERMS AND CONDITIONS OF THIS AGREEMENT.
More informationHIPAA COMPLIANCE ROADMAP AND CHECKLIST FOR BUSINESS ASSOCIATES
HIPAA COMPLIANCE ROADMAP AND CHECKLIST FOR BUSINESS ASSOCIATES The Health Information Technology for Economic and Clinical Health Act (HITECH Act), enacted as part of the American Recovery and Reinvestment
More informationTERMS AND CONDITIONS OF USE
TERMS AND CONDITIONS OF USE Thank you for visiting the Society of Actuaries ( SOA ) Web site. Please be aware that visitors are subject to the following Terms and Conditions of Use (these Terms ) established
More informationTERMS OF USE. Unless otherwise noted, all tickets, goods, and services sold on the TicketBiscuit platform adhere to a NO REFUNDS, NO EXCHANGES policy.
TERMS OF USE Hello & welcome, ticket purchasers! The following Terms of Use govern the use of this site, www.ticketbiscuit.com, www.tututix.com, www.whistletix.com, www.statechamps.com, and www.battlepass.com,
More informationELECTRONIC FUND TRANSFERS DISCLOSURE. and MOBILE BANKING AGREEMENT YOUR RIGHTS AND RESPONSIBILITIES IMPORTANT! IF YOU DISCOVER YOUR
ELECTRONIC FUND TRANSFERS DISCLOSURE and MOBILE BANKING AGREEMENT YOUR RIGHTS AND RESPONSIBILITIES IMPORTANT! IF YOU DISCOVER YOUR VISA DEBIT CARD OR MAC CARD IS LOST OR STOLEN, PLEASE REPORT IT IMMEDIATELY
More informationHOW TO REGISTER ON THE OECD ESOURCING PORTAL
HOW TO REGISTER ON THE OECD ESOURCING PORTAL Bidder - User Guide OECD all rights reserved Create your Organisation Profile Access the esourcing Portal following the link: https://oecd.bravosolution.com
More informationCybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do
ARTICLE Cybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do By Gene Griggs and Saad Gul This article analyzes cybersecurity issues for retirement plans. Introduction
More informationWilson Bank & Trust Mobile Deposit Terms and Conditions
Wilson Bank & Trust Mobile Deposit Terms and Conditions This Addendum ( Addendum ) to the Wilson Bank & Trust Online Banking and Bill Payment Agreement and Wilson Bank & Trust Mobile Banking Agreement
More informationData Protection Agreement
Data Protection Agreement This Data Protection Agreement (the DPA ) becomes effective on May 25, 2018. The Customer shall make available to GURTAM and the Customer authorizes GURTAM to process information
More informationHIPAA Compliance Guide
This document provides an overview of the Health Insurance Portability and Accountability Act (HIPAA) compliance requirements. It covers the relevant legislation, required procedures, and ways that your
More informationCredit Card Handling Security Standards
Credit Card Handling Security Standards Overview This document is intended to provide guidance regarding the processing of charges and credits on credit and/or debit cards. These standards are intended
More informationFirst National Bank of Middle Tennessee Mobile Deposit Terms and Conditions
First National Bank of Middle Tennessee Mobile Deposit Terms and Conditions This Addendum ( Addendum ) to the First National Bank of Middle Tennessee Online Banking and Bill Payment Agreement between you
More informationUniversity of Illinois Community Credit Union Consumer Remote Deposit Anywhere Terms & Conditions
Description: University of Illinois Community Credit Union Consumer Remote Deposit Anywhere Terms & Conditions The remote deposit capture services ("Mobile Deposit" or "Services") are designed to allow
More informationA GUIDE TO CYBER RISKS COVER
A GUIDE TO CYBER RISKS COVER Cyber risk the daily business threat to SMEs Cyber risks and data security breaches are a daily threat to everyday business. Less than 10% of UK companies have cyber insurance
More informationTallgrass Energy Partners, LP. Code of Business Conduct and Ethics
Tallgrass Energy Partners, LP Code of Business Conduct and Ethics Adopted as of May 13, 2013 Table of Contents Overview... 1 Compliance with Laws and Regulations... 2 Conflicts of Interest... 3 Related
More informationCompliance Fraud, Waste and Abuse HIPAA Privacy and Security
2017 Compliance Fraud, Waste and Abuse HIPAA Privacy and Security Table of Contents/Agenda Welcome to General Compliance Training for Providers! Training Objectives: Understand why you need Compliance
More informationAETNA BETTER HEALTH OF KENTUCKY
AETNA BETTER HEALTH OF KENTUCKY Provider Secure Web Portal & Member Care Information Portal registration form Thank you for your interest in registering for the Aetna Better Health Provider Secure Web
More informationStudy Abroad Program - Code of Conduct and Guidelines
Study Abroad Program - Code of Conduct and Guidelines While enrolled in a JCC Study Abroad Program, you are an ambassador for the US and JCC at all times. You agree to abide by the Code of Conduct. You
More informationUNDERSTANDING HIPAA & THE HITECH ACT. Heather Deixler, Esq. Associate, Morgan, Lewis & Bockius LLP
UNDERSTANDING HIPAA & THE HITECH ACT Heather Deixler, Esq. Associate, Morgan, Lewis & Bockius LLP 1 Objectives of Presentation Learn what HIPAA is Learn the purpose of HIPAA Understand who HIPAA regulates
More informationThe Wild West Meets the Future: Key Tips for Maximizing Your Cyber and Privacy Insurance Coverage
The Wild West Meets the Future: Key Tips for Maximizing Your Cyber and Privacy Insurance Coverage James P. Bobotek james.bobotek@pillsburylaw.com (202) 663-8930 Pillsbury Winthrop Shaw Pittman LLP DOCUMENT
More informationNegotiating Business Associate Agreements
Negotiating Business Associate Agreements February 19, 2015 William J. Roberts, Esq. Shipman & Goodwin LLP 2015. All rights reserved. HARTFORD STAMFORD GREENWICH WASHINGTON, DC About HIPAA HIPAA is a federal
More informationADDENDUM TO UNIVEST ONLINE BANKING AGREEMENT
ADDENDUM TO UNIVEST ONLINE BANKING AGREEMENT This Addendum ( Addendum ) to the Univest Online Banking Agreement (the "Online Banking Agreement") between you and Univest Bank and Trust Company ("Univest")
More informationPart 6: Participant Records, Recertification, Exit Procedure and Termination
SSAI SCSEP Policy and Procedure Manual Part 6: Participant Records, Recertification, Exit Procedure and Termination 600 Personnel / Participant Records A. Personnel / Participant Record Required B. Required
More informationPublic Act No
Public Act No. 18-90 AN ACT CONCERNING SECURITY FREEZES ON CREDIT REPORTS, IDENTITY THEFT PREVENTION SERVICES AND REGULATIONS OF CREDIT RATING AGENCIES. Be it enacted by the Senate and House of Representatives
More informationMEMORANDUM. Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know
1801 California Street Suite 4900 Denver, CO 80202 303-830-1776 Facsimile 303-894-9239 MEMORANDUM To: Adam Finkel, Assistant Director, Government Relations, NCRA From: Mel Gates Date: December 23, 2013
More informationCyber Risks & Insurance
Cyber Risks & Insurance Bob Klobe Asst. Vice President & Cyber Security Subject Matter Expert Chubb Specialty Insurance Legal Disclaimer The views, information and content expressed herein are those of
More informationPRIVACY AND CYBER SECURITY
PRIVACY AND CYBER SECURITY Presented by: Joe Marra, Senior Account Executive/Producer Stoya Corcoran, Assistant Vice President Presented to: CIFFA Members September 20, 2017 1 Disclaimer The information
More informationMobile Banking Services Agreement
Mobile Banking Services Agreement Thank you for using the Santa Ana Federal Credit Union ( Credit Union ) Mobile Banking Services ( Services ). The Credit Union offers their Members mobile access to their
More information(1) "Consumer" means an individual who resides in the District of Columbia.
District of Columbia Code Title 28 Commercial Instruments and Transactions Chapter 38 Consumer Protections 28-3861. Definitions For the purposes of this subchapter, the term: (1) "Consumer" means an individual
More informationContingent Worker Code of Conduct
Contingent Worker Code of Conduct Introduction HP is committed to the highest standards of business ethics and regulatory compliance. We gain trust by treating others with integrity, respect and fairness.
More informationPermitted Mobile Banking Transfers Mobile Deposit Capture
TERMS AND CONSENT APPLICABLE TO ONLINE BANKING, ELECTRONIC SIGNATURES, EMAIL, FACSIMILE, AND OTHER ELECTRONIC SERVICES, COMMUNICATIONS, AND TRANSACTIONS Introduction The use of Patriot Federal Credit Union
More informationHIPAA Privacy & Security. Transportation Providers 2017
HIPAA Privacy & Security Transportation Providers 2017 HIPAA Privacy & Security As a non emergency medical transportation provider, you deal directly with Medicare and Medicaid Members healthcare information
More informationSelected Terms & Conditions for Wells Fargo Consumer Debit and ATM Cards
Selected Terms & Conditions for Wells Fargo Consumer Debit and ATM s Terms and Conditions effective 04/24/2017. Introduction page 1 Using Your page 2 Using Your Through a Mobile Device page 4 One-Time
More informationHIPAA PRIVACY REQUIREMENTS. Dana L. Thrasher Robert S. Ellerbrock, III Constangy, Brooks & Smith, LLP
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Robert S. Ellerbrock, III Constangy, Brooks & Smith, LLP dthrasher@constangy.com (205) 226-5464 1 Reasons for HIPAA Privacy Rules Perceived need for protection
More informationEMPLOYEE PRIVACY STATEMENT
EMPLOYEE PRIVACY STATEMENT 1 INTRODUCTION This is SBM Offshore s Privacy Statement for employee data. This Privacy Statement provides information on the processing of personal data of the employees of
More informationMain Street Bank EXTERNAL FUNDS TRANSFER AGREEMENT
Main Street Bank EXTERNAL FUNDS TRANSFER AGREEMENT ACCEPTANCE OF TERMS This Agreement sets out the terms and conditions (Terms) upon which Main Street Bank (Bank) will provide the ability to perform external
More informationRegenstrief Center for Healthcare Engineering HIPAA Compliance Policy
Regenstrief Center for Healthcare Engineering HIPAA Compliance Policy Revised December 6, 2017 Table of Contents Statement of Policy 3 Reason for Policy 3 HIPAA Liaison 3 Individuals and Entities Affected
More informationCODE OF BUSINESS CONDUCT FOR THE LIFETIME HEALTHCARE COMPANIES
CODE OF BUSINESS CONDUCT FOR THE LIFETIME HEALTHCARE COMPANIES Approved January 29, 1999 Revised and Approved May 19, 2000, March 30, 2006 Welcome to The Lifetime Healthcare Companies. I am pleased to
More informationHIPAA / HITECH. Ed Massey Affiliated Marketing Group
HIPAA / HITECH Agent Understanding And Compliance Presented By: Ed Massey Affiliated Marketing Group It s The Law On February 17, 2010 the Health Information Technology for Economic and Clinical Health
More informationOMNIBUS COMPLIANT BUSINESS ASSOCIATE AGREEMENT RECITALS
OMNIBUS COMPLIANT BUSINESS ASSOCIATE AGREEMENT Effective Date: September 23, 2013 RECITALS WHEREAS a relationship exists between the Covered Entity and the Business Associate that performs certain functions
More informationSUNY DOWNSTATE MEDICAL CENTER POLICY AND PROCEDURE. No:
SUNY DOWNSTATE MEDICAL CENTER POLICY AND PROCEDURE Subject: Complying with the Deficit Reduction Act of 2005: Detection & Prevention of Fraud, Waste & Abuse Page 1 of 4 Prepared by: Shoshana Milstein Original
More informationNATIONAL RECOVERY AGENCY COMPLIANCE INFORMATION GRAMM-LEACH-BLILEY SAFEGUARD RULE
NATIONAL RECOVERY AGENCY COMPLIANCE INFORMATION GRAMM-LEACH-BLILEY SAFEGUARD RULE As many of you know, Gramm-Leach-Bliley requires "financial institutions" to establish and implement a Safeguard Rule Compliance
More informationCyber Liability A New Must Have Coverage for Your Soccer Organization
Cyber Liability A New Must Have Coverage for Your Soccer Organization Presented By: Pat Pullen Jeanne Zabuska President Underwriting Manager February 17, 2012 Why do you need Cyber Liability? Have a web
More information1) Introduction 4 2) Definition.4 3) Objective..4 4) Classification of Insurance Frauds..5 5) Fraud Monitoring and its Control..6
ANTI FRAUD POLICY 1 2 Table of Contents 1) Introduction 4 2) Definition.4 3) Objective..4 4) Classification of Insurance Frauds..5 5) Fraud Monitoring and its Control..6 6) Communication Channel/Reporting
More informationPO Box Providence, RI Toll Free Phone: ONLINE BANKING DISCLOSURE & AGREEMENT
PO Box 6808 - Providence, RI 02940 Toll Free Phone: 1-800-398-8472 ONLINE BANKING DISCLOSURE & AGREEMENT General Online Banking: You may: Perform account inquiries on checking, savings, certificate and
More informationRESTRICTIONS ON USE OF INFORMATION AND CONTENT
Bicksdrive.com Terms of Use Agreement Bicksdrive.com (the Website ) is owned and operated by Bick s Driving School of Eastern Cincinnati ( Bick s, we, or us ). Bick s values your interest in its goods
More informationDoes the Applicant provide data processing, storage or hosting services to third parties? Yes No
BEAZLEY BREACH RESPONSE APPLICATION NOTICE: THIS POLICY S LIABILITY INSURING AGREEMENTS PROVIDE COVERAGE ON A CLAIMS MADE AND REPORTED BASIS AND APPLY ONLY TO CLAIMS FIRST MADE AGAINST THE INSURED DURING
More informationCYBER AND INFORMATION SECURITY COVERAGE APPLICATION
NOTICE: THIS APPLICATION IS FOR CLAIMS-MADE AND REPORTED COVERAGE, WHICH APPLIES ONLY TO CLAIMS FIRST MADE AND REPORTED IN WRITING DURING THE POLICY PERIOD, OR ANY EXTENDED REPORTING PERIOD. THE LIMIT
More informationIt s as AWESOME as You Think It Is!
It s as AWESOME as You Think It Is! Fine Print This presentation and any materials and/or comments are training and educational in nature only. They do not establish an attorney-client relationship, are
More informationEMPLOYEE NOTICE OF DATA PRIVACY POLICIES AND PROCEDURES
... 1 A. Ecolab s Commitment to Data Privacy... 3 B. Definitions... 3 C. Scope... 4 D. Data Privacy Principles... 4 E. Application of Local Law... 5 F. Human Resources Data Collected... 6 G. Purposes of
More informationPrivacy Policy. Pursuant to U.S. State & Federal Laws the following is a statement of your legal rights.
General Disclaimer Privacy Policy Pursuant to U.S. State & Federal Laws the following is a statement of your legal rights. Disclaimer & Legal Rights No Warranties ALL WEB SITES, PRODUCTS AND SERVICES ARE
More informationElectronic Commerce and Cyber Risk
Electronic Commerce and Cyber Risk Fifth Third Bank All Rights Reserved Reality and Solutions Objectives for Today What I will cover How banks are changing How the public is changing How the laws are changing
More informationWhat is a Compliance Program?
Course Objectives Learn about the most important elements of the compliance program; Increase awareness and effectiveness of our compliance program; Learn about the important laws and what the government
More informationGLOBAL CODE OF CONDUCT AND ETHICS
Author: Legal Department Updated by: Global Compliance Release Date: 10 September 2014 Last Reviewed: 10 September 2014 Status: Approved Owner: Legal Department Version: 2.0 Custodian: Global Compliance
More informationCommercial Banking Online Service Agreement
Effective November 1, 2017 Commercial Banking Online Service Agreement Download PDF Welcome to Commercial Banking Online at Washington Federal. This Commercial Banking Online Service Agreement ( Agreement
More informationMobile Check Deposit Disclosure & Agreement
MOBILE CHECK DEPOSIT Mobile Check Deposit Disclosure & Agreement This disclosure and agreement is being provided by Allegany County Teachers Federal Credit Union in connection with your enrollment for
More informationTHE CORPORATION OF THE CITY OF WINDSOR POLICY
THE CORPORATION OF THE CITY OF WINDSOR POLICY Service Area: Office of the CAO Policy No.: Department: Chief Administrative Office Approval Date: April 20, 2015 Division: Approved By: M140-2015 Effective
More informationSureRent 2020 Private Landlord Tenant Screening Application Package
Page 1 of 9 SureRent 2020 Private Landlord Tenant Screening Application Package Welcome to Alliance 2020. Your membership packet includes several forms that you must complete before service can be started,
More informationCategory: BOARD POLICY ADMINISTRATIVE PARAMETERS
Category: BOARD POLICY ADMINISTRATIVE PARAMETERS Title: Theft, Fraud, Corruption, and Non-Compliant Activities Policy Reference Number: AB 630 1. POLICY OBJECTIVES Last Approved: February 22, 2017 Last
More informationYour defence toolkit. How to combat the cyber threat
Your defence toolkit How to combat the cyber threat Contents The threat of cyber crime 4 How UK businesses are targeted 6 Case studies 8 Why cyber security is so important to manufacturers now 10 The
More informationCity National Bank & Trust Mobile Check Deposit Agreement
City National Bank & Trust Mobile Check Deposit Agreement This City National Bank & Trust Mobile Check Deposit Agreement ( Mobile Check Deposit Agreement or mrdc Agreement ) sets forth the terms and conditions
More informationSEC. 2. FINDINGS AND STATEMENT OF PURPOSE.
Organized Retail Crime Act of 2008 (Introduced in House) HR 6491 IH 110th CONGRESS 2d Session H. R. 6491 To amend title 18, United States Code, to combat, deter, and punish individuals and enterprises
More information