COUNTY OF SACRAMENTO Consumer Information Disposal Policy
|
|
- Katrina Rodgers
- 6 years ago
- Views:
Transcription
1
2 COUNTY OF SACRAMENTO Consumer Information Disposal Policy Effective 12/12/ Purpose of the Policy As part of the federal effort to combat identify theft and other forms of consumer fraud, Congress passed the Fair and Accurate Credit Transaction Act (FACTA). In compliance with FACTA s mandate, the Federal Trade Commission (FTC) has issued regulations governing the disposal of consumer credit information (Disposal Rule). The regulations require that reasonable measures be taken to protect against unauthorized access to or use of consumer credit information in connection with its disposal. The County of Sacramento is committed to reducing identity theft and other fraud through protection of individually identifiable information. This document states the Consumer Information Disposal Policy for the County of Sacramento. 2.0 Definitions 1. A consumer report under the Fair Credit Reporting Act (FCRA) means any oral, paper, computer, or other communication of any information by a consumer reporting agency regarding a consumer s creditworthiness, credit standing, credit capacity, character, general reputation, personal characteristics, or mode of living which is used as a fact or to establish the consumer s eligibility for employment. 2. A consumer reporting agency under the FCRA means any person which, for monetary fees, dues, or on a cooperative nonprofit basis, regularly engages in whole or in part in the practice of assembling or evaluating consumer credit information or other information on consumers for the purpose of furnishing consumer reports to third parties. 3. The Disposal Rule defines consumer information as any record about an individual, whether in paper, electronic or other form, that is a consumer report or is derived from consumer reports. 4. The workforce is defined as employees, volunteers, trainees, and other persons whose conduct, in the performance of work for the County of Sacramento, is under the direct control of the County of Sacramento, whether or not they are paid by the County of Sacramento. 3.0 Scope of this Policy These regulations apply only to disposal of narrowly defined consumer report information, obtained from third party consumer reporting agencies, that identifies particular individuals. To the extent that members of the County workforce conduct credit and/or background checks, the regulations are not applicable. However, any consumer report or information derived from the report of a third party consumer reporting agency, as that term is defined by federal law, is subject to the regulations. 4.0 Policy for Disposal of Consumer Information It shall be the policy of the County of Sacramento that consumer report information will be disposed of in such a way that personal information is unreadable or incapable of being reconstructed. It is the responsibility of departments and agencies to become familiar with the standards for compliance and to apply these standards in the disposal of consumer report information. Sacramento County Consumer Information Disposal Policy Effective December 12, 2005 Page 1 of 4
3 Each department that utilizes consumer credit information shall document written procedures to track and dispose of paper or electronic media used for consumer information. 5.0 Effective Date of this Policy The effective date of the Disposal Rule is June 1, The effective date of this policy is December 12, Compliance Review for this Policy The Countywide Services Agency, Department of Compliance or its designated representatives will conduct a periodic review for compliance with this policy. This policy will be updated as required when new regulations (or court cases) impacting the disposal of consumer information are released. 7.0 Standards in Order to Comply with the Policy The standard is one of reasonableness. It requires implementation and monitoring compliance with adopted policies and procedures relating to the destruction of consumer information. There are a number of accepted methods of document destruction so that the information cannot be practicably read or reconstructed: 7.1 Paper Paper with consumer information must be disposed of by burning, pulverizing or shredding so that the information cannot practicably be read or reconstructed. 7.2 Electronic media Computer equipment that previously contained consumer information must be disposed of by destroying or erasing the information. A. If erased, the method shall meet the Department of Defense (DOD) standards, which states, the method of destruction shall preclude recognition or reconstruction of the classified information or material. All computer equipment shall be tested to ensure information cannot be retrieved. B. All other media shall have all the consumer information removed (the mechanism may vary depending on the media type) and tested to ensure the information cannot be retrieved. C. If the media is not technology capable of being erased, the media shall be overwritten or destroyed. 7.3 Use of a third party to dispose of consumer information The reasonableness measures standard requires monitoring compliance of any contract with another party who has been contracted to dispose of consumer information. Due diligence must be exercised in monitoring compliance, including: A. Any contracts entered into with a third party for the purpose of destroying consumer information shall include language requiring vendors to adhere to the County s Disposal Policy. A copy of the Policy shall be included in the bid solicitation (if applicable) and contract. B. Reviewing an independent audit of the disposal company s operations and/or its compliance; C. Obtaining information about the disposal company from references or other reliable sources; D. Requiring that the disposal be certified; E. Reviewing and evaluating of the disposal company s information security measures to determine the competency and integrity of the potential disposal company. Sacramento County Consumer Information Disposal Policy Effective December 12, 2005 Page 2 of 4
4 8.0 Policy Responsibilities: The following responsibilities are required of Managers and Supervisors, IT Support, the general County workforce, the Department of General Services, Contract and Purchasing Division, the Department of General Services, Support Services Division, Surplus Property and the Department of Compliance. 8.1 Responsibilities of Managers & Supervisors: A. Ensure that reasonable measures are taken to protect against unauthorized access to or use of consumer credit information in connection with its disposal. B. Ensure that any workforce members that access consumer credit information are aware of this policy and associated responsibilities. C. Monitor compliance by the workforce. D. Ensure that any third party who has been contracted to dispose of consumer credit information does so in a manner consistent with this policy and departmental procedures. E. Ensure that procedures to track and dispose of paper and electronic media use for consumer information are developed, documented and submitted to the Department of Compliance for review. Any procedures developed by departments shall be consistent with the County s Consumer Information Disposal Policy and not deviate from the County standard. 8.2 Responsibilities of IT Support: A. Ensure all hard drives are wiped clean before disposal or reuse. B. Test hard drives to ensure they are clean. C. Maintain an inventory and a record of movements of hardware and electronic media such as workstations, servers, or backup tapes. D. Ensure that a disposal tag is applied to PCs sent to Surplus subsequent to confirmation that the hard drive meets DOD standards. E. Ensure that identifying tags, such as names or phone numbers, have been removed. 8.3 Responsibilities of General Workforce: A. Workforce members shall follow their department procedures and adhere to County policy when disposing of consumer information. B. Protect against unauthorized access to or use of information in connection with its disposal. 8.4 Responsibilities of Department of General Services, Contract and Purchasing Division: A. Workforce members shall ensure that any contracts entered into with a third party for the purpose of destroying consumer information shall include language requiring vendors to adhere to the County s Disposal Policy. A copy of the Policy shall be included in the bid solicitation (if applicable) and contract. B. Workforce shall maintain due diligence, including reviewing an independent audit of the company s operations for compliance with the Disposal Rule, obtaining information from references or other reliable sources, taking appropriate measures to determine the competency and integrity of the potential disposal company. 8.5 Responsibilities of Department of General Services, Support Services Division, Surplus Property: A. Workforce members shall ensure computer equipment is authorized for surplus. Sacramento County Consumer Information Disposal Policy Effective December 12, 2005 Page 3 of 4
5 8.6 Responsibilities of Department of Compliance: A. Review all new and revised procedures submitted by the departments that utilize consumer credit information for approval and ongoing evaluation. Any procedures developed by Departments shall be consistent with the County s Consumer Information Disposal Policy and not deviate from the County standard. B. Work with Department of General Services, Contract and Purchasing Division ensuring that appropriate measures are taken to determine the competency and integrity of the potential disposal company. C. The Department of Compliance or its designated representatives will conduct periodic reviews for compliance with this policy. Sacramento County Consumer Information Disposal Policy Effective December 12, 2005 Page 4 of 4
SAFE DESTRUCTION OF DOCUMENTS
SAFE DESTRUCTION OF DOCUMENTS Federal and State Requirements for Proper Disposal of Information Contained in Consumer Reports OVERVIEW With the growth in popularity for organizations to utilize electronic
More informationSureRent 2020 Private Landlord Tenant Screening Application Package
Page 1 of 9 SureRent 2020 Private Landlord Tenant Screening Application Package Welcome to Alliance 2020. Your membership packet includes several forms that you must complete before service can be started,
More informationFinding Red Flags Without Raising Any
Date: January 13, 2016 By: Joseph H. Guffey Kaytlin E. Kopen Finding Red Flags Without Raising Any Employee Background Checks Under The Fair Credit Reporting Act The material in these slides was prepared
More informationNAPBS BACKGROUND SCREENING AGENCY ACCREDITATION PROGRAM ACCREDITATION STANDARD AND AUDIT CRITERIA Version 2.0. Potential Verification for Onsite Audit
Page 1 of 24 NAPBS BACKGROUND SCREENING AGENCY ACCREDITATION PROGRAM ACCREDITATION STANDARD AND AUDIT CRITERIA Version 2.0 (Glossary provided at end of document.) Information Security 1.1 Information Security
More informationFOR COMMENT PERIOD NOT YET APPROVED AS NEW STANDARD
UPDATED STANDARD FOR COMMENT OCT 2017 Page 1 of 23 NAPBS BACKGROUND SCREENING AGENCY ACCREDITATION PROGRAM ACCREDITATION STANDARD AND AUDIT CRITERIA (Glossary provided at end of document.) Information
More informationBeer and Basics: Overview of the FCRA
Beer and Basics: Overview of the FCRA Consumer Financial Services Committee ABA Business Law Section August 8, 2013 Andrew Owens Davis Wright Tremaine LLP Roadmap What is a Consumer Report? What is a Consumer
More informationFair Credit Reporting Act (2012)
University of Tennessee, Knoxville Trace: Tennessee Research and Creative Exchange MTAS Publications: Full Publications Municipal Technical Advisory Service (MTAS) 11-15-2012 Fair Credit Reporting Act
More informationAuthorization for Release Form for Potential Tenant to Complete and Residential Rental Application (either form may be used)
METROPOLITAN TENANT Phone: 847-993-0114 Fax: 847-993-0115 Nikki@Tenant-Screening.com 350 S Northwest Hwy, Suite 300, Park Ridge, IL 60068 www.tenant-screening.com Contents of Non-Corporate Individual Membership
More informationHIPAA P11 Retention and Destruction of Protected Health Information
HIPAA P11 Retention and Destruction of Protected Health Information FULL POLICY CONTENTS Scope Reason for Policy Definitions Policy Statement Sanctions ADDITIONAL DETAILS Additional Contacts Forms Related
More informationH E A L T H C A R E L A W U P D A T E
L O U I S V I L L E. K Y S E P T E M B E R 2 0 0 9 H E A L T H C A R E L A W U P D A T E L E X I N G T O N. K Y B O W L I N G G R E E N. K Y N E W A L B A N Y. I N N A S H V I L L E. T N M E M P H I S.
More informationThe Cost of Identity Theft to Business What Business Owners Must Know Now
The Cost of Identity Theft to Business What Business Owners Must Know Now An Introduction to the Fair and Accurate Credit Reporting Act (FACTA): What Business Owners Must Know Now It often seems that there
More informationFINAL REPORT PERSONAL INFORMATION DISPOSAL PRACTICES IN SELECTED FEDERAL INSTITUTIONS. Audit Report of the Privacy Commissioner of Canada
Office of the Privacy Commissioner of Canada PERSONAL INFORMATION DISPOSAL PRACTICES IN SELECTED FEDERAL INSTITUTIONS Audit Report of the Privacy Commissioner of Canada Section 37 of the Privacy Act FINAL
More informationSubject: Protecting cardholder data in support of the Payment Card Industry (PCI) Data Security Standards
University Policy: Cardholder Data Security Policy Category: Financial Services Subject: Protecting cardholder data in support of the Payment Card Industry (PCI) Data Security Standards Office Responsible
More informationCounty of Riverside OFFICE OF THE AUDITOR-CONTROLLER STANDARD PRACTICE MANUAL
County of Riverside OFFICE OF THE AUDITOR-CONTROLLER STANDARD PRACTICE MANUAL SECTION: 5 POLICY NUMBER: 505 SUBJECT: CATEGORY: ACCOUNTING FOR: EQUIPMENT CAPITAL ASSET POLICIES REVISED DATE: 07/01/17 APPROVED
More informationNATIONAL RECOVERY AGENCY COMPLIANCE INFORMATION GRAMM-LEACH-BLILEY SAFEGUARD RULE
NATIONAL RECOVERY AGENCY COMPLIANCE INFORMATION GRAMM-LEACH-BLILEY SAFEGUARD RULE As many of you know, Gramm-Leach-Bliley requires "financial institutions" to establish and implement a Safeguard Rule Compliance
More informationRecord Management & Retention Policy
POLICY TYPE: Corporate Divisional EFFECTIVE DATE: INITIAL APPROVAL DATE: NEXT REVIEW DATE: POLICY NUMBER: May 15, 2010 May - 2010 March 2015 REVISION APPROVAL DATE: 5/10, 3/11, 5/12, 9/13, 4/14, 11/14
More informationGlaxoSmithKline Consumer Healthcare Limited
GlaxoSmithKline Consumer Healthcare Limited POLICY ON PRESERVATION OF RECORDS 1 CONTENTS S. No. PARTICULARS 1. PURPOSE 2. SCOPE 3. RESPONSIBILITY 4. OBJECTIVE 5. RETENTION & DISPOSITION OF RECORDS 6. ADMINISTRATION
More informationAUDIT AND FINANCE COMMITTEE Wednesday, June 17, 2009
Item: AF: A-1 AUDIT AND FINANCE COMMITTEE Wednesday, June 17, 2009 SUBJECT: REQUEST FOR APPROVAL OF FLORIDA ATLANTIC UNIVERSITY S IDENTITY THEFT PREVENTION PROGRAM. PROPOSED COMMITTEE ACTION Recommend
More informationSCOPE AND APPLICABILITY: This policy is applicable to all University faculty and staff.
SUBJECT: DETECTION OF AND RESPONSE TO IDENTITY THEFT RED FLAGS NUMBER: 412 AUTHORIZING BODY: RESPONSIBLE OFFICE: PRESIDENT S EXECUTIVE COUNCIL FINANCE AND ADMINISTRATION DATE ISSUED: OCTOBER 29, 2008 LAST
More informationNational Crime Search (NCS) provides our customers a link to Pre-Adverse and
National Crime Search (NCS) provides our customers a link to Pre-Adverse and Adverse Action Letters from each search report that is ran through the NCS system. These letters are pre-populated and are provided
More informationEastern Iowa Mental Health and Disability Services. HIPAA Policies and Procedures Manual
Eastern Iowa Mental Health and Disability Services HIPAA Policies and Procedures Manual This HIPAA Master Manual has been reviewed, accepted and approved by: Eastern Iowa MH/DS Region Governing Board of
More informationPERSONAL INFORMATION Last Name First Name Middle Initial Preferred Name Date of Application
We appreciate your interest in our organization! Please complete all sections in ink (or type) and indicate not applicable where needed. Attaching and referencing a resume without a completed application
More informationSubject: Protecting cardholder data in support of the Payment Card Industry (PCI) Data Security Standards
University Policy: Cardholder Data Security Policy Category: Financial Services Subject: Protecting cardholder data in support of the Payment Card Industry (PCI) Data Security Standards Office Responsible
More informationApplication for lnstascreen Access
Application for lnstascreen Access Fill out, sign, and return to: Richard@AccuratePublicRecords.com Date of Application: ---------- Accurate Public Records P.O. Box 72185 Albany, Georgia 31708 Impo rtant:
More informationUniversity Centre for IT Services Infrastructure Management. Circular
University Centre for IT Services Infrastructure Management Room No.314, Admin Block Guru Gobind Singh Indraprastha University Kashmere Gate Delhi-110403 Circular Dated: 28-01-2010 Guidelines for Condemnation
More informationARE YOU HIP WITH HIPAA?
ARE YOU HIP WITH HIPAA? Scott C. Thompson 214.651.5075 scott.thompson@haynesboone.com February 11, 2016 HIPAA SECURITY WHY SHOULD I CARE? Health plan fined $1.2 million for HIPAA breach. Health plan fined
More informationUniversity of Connecticut IDENTITY THEFT PREVENTION PROGRAM
University of Connecticut IDENTITY THEFT PREVENTION PROGRAM I. BACKGROUND II. III. IV. PURPOSE AND SCOPE DEFINITIONS IDENTIFICATION & DETECTION OF RED FLAGS V. APPROPRIATELY RESPONDING WHEN RED FLAGS ARE
More informationFAIR CREDIT REPORTING ACT (FCRA) DISCLOSURE
FAIR CREDIT REPORTING ACT (FCRA) DISCLOSURE In considering you for volunteering and, if you are already a volunteer, in considering you for subsequent promotion, assignment, reassignment, retention, discipline,
More informationUsing Consumer Reports: What Employers Need to Know BC...
Page 1 of 6 Federal Trade Commission BCP Business Center Using Consumer Reports: What Employers Need to Know Your company has job vacancies to fill. You're also thinking about promoting some employees
More informationSUMMARY: The Federal Trade Commission has completed its regulatory review of its rule
This document is scheduled to be published in the Federal Register on 11/15/2017 and available online at https://federalregister.gov/d/2017-24728, and on FDsys.gov [BILLING CODE: 6750-01S] FEDERAL TRADE
More informationDAWSON PUBLIC POWER DISTRICT 300 South Washington Street P. O. Box Lexington, Nebraska Tel. No.- 308/324/2386 Fax No.
DAWSON PUBLIC POWER DISTRICT 300 South Washington Street P. O. Box 777 - Lexington, Nebraska - 68850 Tel. No.- 308/324/2386 Fax No.-308/324/2907 CUSTOMER POLICY IDENTITY THEFT PREVENTION I. OBJECTIVE Page
More informationThe Guild for Exceptional Children HIPAA Breach Notification Policy and Procedure
The Guild for Exceptional Children HIPAA Breach Notification Policy and Procedure Purpose To provide for notification in the case of breaches of Unsecured Protected Health Information ( Unsecured PHI )
More informationFair Credit Reporting Act
Fair Credit Reporting Act Compliance Bankers for Compliance School DEPOSITS 2016 This publication is designed to provide information in regard to the subject matter covered. It is provided with the understanding
More informationHIPAA AND ONLINE BACKUP WHAT YOU NEED TO KNOW ABOUT
WHAT YOU NEED TO KNOW ABOUT HIPAA AND ONLINE BACKUP Learn more about how KeepItSafe can help to reduce costs, save time, and provide compliance for online backup, disaster recovery-as-a-service, mobile
More informationIDENTITY THEFT DETECTION POLICY
IDENTITY THEFT DETECTION POLICY PC 6.9 Date of Last Update: May 05, 2009 Approved By: President's Cabinet Responsible Office: Business and Finance POLICY STATEMENT Grand Valley State University (GVSU)
More informationDELHAIZE AMERICA PHARMACIES AND WELFARE BENEFIT PLAN HIPAA SECURITY POLICY (9/1/2016 VERSION)
DELHAIZE AMERICA PHARMACIES AND WELFARE BENEFIT PLAN HIPAA SECURITY POLICY (9/1/2016 VERSION) Delhaize America, LLC Pharmacies and Welfare Benefit Plan 2013 Health Information Security and Procedures (As
More informationYMCA of Metropolitan Denver Volunteer Requirements
YMCA of Metropolitan Denver Volunteer Requirements Thank you for considering volunteering with our YMCA sports program. Listed below is a checklist of what any prospective coach in our program will be
More informationOLD DOMINION UNIVERSITY PCI SECURITY AWARENESS TRAINING OFFICE OF FINANCE
OLD DOMINION UNIVERSITY PCI SECURITY AWARENESS TRAINING OFFICE OF FINANCE August 2017 WHO NEEDS PCI TRAINING? THE FOLLOWING TRAINING MODULE SHOULD BE COMPLETED BY ALL UNIVERSITY STAFF THAT: - PROCESS PAYMENTS
More informationModification #4, Extension #2 January 5, 2017 Recycling Electronics (Surplus) Duration: February 1, 2017 January 31, 2019
Modification #4, Extension #2 January 5, 2017 Recycling Electronics (Surplus) Duration: February 1, 2017 January 31, 2019 Pro Computers & Consulting Procurement Mgr. I: Lynn Crawford 6532 Manchester Avenue
More informationIF YOU DO NOT AGREE TO ALL OF THESE TERMS, YOU SHOULD NOT USE BACKGROUND RESEARCH SOLUTIONS, LLC.
This Screening Policy ("Policy") governs all background screening services ("Screening Services") provided by Background Research Solutions, LLC ("we", "us", "our", BRS ). You ("you", your") must agree
More informationIdentity Theft Prevention Program (DRAFT)
Identity Theft Prevention Program (DRAFT) Subject: Revised: Effective date: Review date: Responsible Party: Financial Affairs N/A TBD Annually TBD MSU-Bozeman Vice President for Administration & Finance
More informationContaining the Outbreak: HIPAA Implications of a Data Breach. Jason S. Rimes. Orlando, Florida
Containing the Outbreak: HIPAA Implications of a Data Breach Orlando, Florida www.lowndes-law.com Jason S. Rimes 2013 Lowndes, Drosdick, Doster, Kantor & Reed, P.A. All Rights Reserved Protected Health
More informationNew Development Bank Corporate Procurement Policy
New Development Bank Corporate Procurement Policy Owner: Administration Department Version: 2016 V2 Date: [16] March 2016 Corporate Procurement Policy All rights reserved. Any unauthorized use, duplication
More informationNew. To comply with HIPAA notice requirements, all Providence covered entities shall follow, at a minimum, the specifications described below.
Subject: Protected Health Information Breach Notification Policy Department: Enterprise Risk Management Services Executive Sponsor: SVP/Chief Risk Officer Approved by: Rod Hochman, MD President/CEO Policy
More informationPolicy Number: FA-PO-1211 Date of Last Review: 9/7/2017. Oversight Department: Facilities Management Next Review Date: 9/1/2020
Policy Title: Surplus Property Management Policy Effective Date: 6/18/2015 Policy Number: FA-PO-1211 Date of Last Review: 9/7/2017 Oversight Department: Facilities Management Next Review Date: 9/1/2020
More informationNational PTA Finance Policy & Procedures Manual (Approved by the National PTA Board of Directors on June 15, 2017)
National PTA Finance Policy & Procedures Manual ( the National PTA Board of Directors on June 15, 2017) This manual is intended for the sole use of National Congress of Parents and Teachers ( National
More informationFederal Property Management Standards
Responsible Executive: Controller Responsible Department: A&FS Review Date: February, 2015 Accounting & Financial Services Federal Property Management Standards POLICY STATEMENT The Controller s Office,
More informationThe Starke County Youth Club, Inc. NOTICE TO VOLUNTEERS REGARDING BACKGROUND INVESTIGATION AUTHORIZATION
The Starke County Youth Club, Inc. NOTICE TO VOLUNTEERS REGARDING BACKGROUND INVESTIGATION I understand that a consumer report (background screening report) and/or an investigative consumer report (reference
More informationPre-Employment Background Screening and the Fair Credit Reporting Act
Pre-Employment Background Screening and the Fair Credit Reporting Act (An online version of presentation at the PRRN conference in Long Beach, Feb. 2002.) Speaker: Les Rosen, Attorney at Law and President
More informationVIII 6.1. VIII. Privacy FCRA. Fair Credit Reporting Act 1. Introduction. Structure and Overview of Examination Modules.
Fair Credit Reporting Act 1 Introduction The Fair Credit Reporting Act (FCRA) (15 USC 1681-1681u) became effective on April 25, 1971. The FCRA is a part of a group of acts contained in the Federal Consumer
More informationPrinciples. Bison Transport will implement policies and procedures to give effect to this policy, including:
Principles The ten principles that form this policy are interrelated, and Bison Transport will adhere to the ten principles as a whole. This policy, then, applies to personal information about Bison Transport
More informationHIPAA Breach Notice Rules New notice requirements for HIPAA covered entities when there is a breach of Protected Health Information (PHI)
HIPAA Breach Notice Rules New notice requirements for HIPAA covered entities when there is a breach of Protected Health Information (PHI) On August 24, 2009, the Department of Health and Human Services
More informationJack Byrne Ford & Mercury Identity Theft Program (ITPP)
Jack Byrne Ford & Mercury Identity Theft Program (ITPP) PART ONE BACKGROUND 1. Effective Date All affected employees of Jack Byrne Ford & Mercury ( Dealership ) must comply with the terms of this policy
More informationYOUR DUTIES UNDER THE FAIR CREDIT REPORTING ACT
YOUR DUTIES UNDER THE FAIR CREDIT REPORTING ACT As amended by Public Law 104-208 The staff of the Federal Trade Commission (FTC) has prepared the following required notices in compliance with the recently
More informationCMA # 5809 MANAGING PERSONAL PROPERTY AND CONSUMABLE SUPPLIES. [Effective Date: October 10, 2006; Revised: October 1, 2008, December 15, 2014]
MANAGING PERSONAL PROPERTY AND CONSUMABLE SUPPLIES [Effective Date: October 10, 2006; Revised: October 1, 2008, December 15, 2014] 5809-1. Purpose. The purpose of this Instruction is to establish a property
More informationSection. General Policies. Accounting Policies. Treasury Policies. Certification of Adoption. Policy No.: Table of Contents
Accounting Policies Policy No.: N/A Table of Contents Section Policy Policy Ref. General Policies Internal Control Summary 1-01 Delegation of Authority 1-02 Account Reconciliation and Documentation 1-03
More informationAuditing for HIPAA Compliance: Evaluating security and privacy compliance in an organization that provides health insurance benefits to employees
Auditing for HIPAA Compliance: Evaluating security and privacy compliance in an organization that provides health insurance benefits to employees San Antonio IIA: I HEART AUDIT CONFERENCE February 24,
More informationStandard Operating Procedure. Director of Finance
TRUST WIDE DOCUMENT Standard Operating Procedure DOCUMENT TITLE: Procedure for Transfer, Disposal & Sale of Surplus Assets DOCUMENT NUMBER: DOCUMENT REPLACES LEAD EXECUTIVE DIRECTOR DGM AUTHOR(S): ELHT/F03
More informationRe: Comments of 50 Organizations on DHS Notice of Proposed Rulemaking on Public Charge Determinations (DHS Docket No.
December 10, 2018 Samantha Deshommes Chief, Regulatory Coordination Division Office of Policy and Strategy U.S. Citizenship and Immigration Services Department of Homeland Security 20 Massachusetts Avenue.,
More informationAFTER THE OMNIBUS RULE
AFTER THE OMNIBUS RULE 1 Agenda Omnibus Rule Business Associates (BAs) Agreement Breach Notification Change Breach Reporting Requirements (Federal and State) Notification to Care1st Health Plan Member
More informationAudit Report for Meadowland Elementary PTO - June 2016
Audit Report for Meadowland Elementary PTO - June 2016 Prepared at the request of President Marc Raphael and the Board of Directors by Allen Jackson The following structure was used: Area of Review, STANDARD,
More informationCredential Check Corporation Adverse Action Program
Credential Check Corporation Adverse Action Program Client agrees that it will consult with its own legal or other counsel regarding the use of background screening information, including but not limited
More information(1) "Consumer" means an individual who resides in the District of Columbia.
District of Columbia Code Title 28 Commercial Instruments and Transactions Chapter 38 Consumer Protections 28-3861. Definitions For the purposes of this subchapter, the term: (1) "Consumer" means an individual
More informationHIPAA Compliance Guide
This document provides an overview of the Health Insurance Portability and Accountability Act (HIPAA) compliance requirements. It covers the relevant legislation, required procedures, and ways that your
More information2016 Business Associate Workforce Member HIPAA Training Handbook
2016 Business Associate Workforce Member HIPAA Training Handbook Using the Training Handbook The material in this handbook is designed to deliver required initial, and/or annual HIPAA training for all
More informationHOME COUNSELOR ONLINE BULLETIN
HCO-06-01 Effective Date: April 23, 2006 HOME COUNSELOR ONLINE BULLETIN This Bulletin is issued in accordance with the section of the Fannie Mae Software Subscription Agreement (the Agreement ) entitled
More informationCONSTRUCTION BID DOCUMENT ORDER FORM
.New York City Transit CONSTRUCTION BID DOCUMENT ORDER FORM RFQ 10#: 0000077319 SOLICITATION TITLE: 5-48004 Communications-Based Train Control (CBTC) Queens Boulevard West Phase I PRICE OF BID PACKAGE:
More information(2) Detect red flags that have been incorporated into the program;
3341-6-56 Theft Prevention Policy (Red Flag Rules). Applicability All University units Responsible Unit Policy Administrator The Vice President for Finance and Administration and Chief Financial Officer
More informationPRIVACY AND SECURITY GUIDELINES
PRIVACY AND SECURITY GUIDELINES Concerning Compliance with the Health Insurance Portability and Accountability Act ( HIPAA ), the Health Information Technology for Economic and Clinical Health Act ( HITECH
More information[Name of Organization] HIPAA Incident/Breach Investigation Procedure 4
Addendum II [Name of Organization] HIPAA Incident/Breach Investigation Procedure 4 I. Purpose To distinguish between (1) cases in which our HIPAA policy was not correctly followed but such violation did
More informationFranklin County Finance Policies & Procedures Manual For Franklin County, Tennessee
Franklin County Finance Policies & Procedures Manual For Franklin County, Tennessee Issued 11-27-2001 Revised 11-23-2004 (Budget, Purchasing & Forms) Revised 1-4-2007 (Travel & Cooperative Purchasing)
More informationLAFOURCHE PARISH GOVERNMENT PURCHASING POLICIES AND PROCEDURES
LAFOURCHE PARISH GOVERNMENT PURCHASING POLICIES AND PROCEDURES The mission of Lafourche Parish Government Department of Finance is to develop and implement sound procurement practices in accordance with
More informationNFA Self-Exam Checklist - General (All Firms Complete)
NFA Self-Exam Checklist - General (All Firms Complete) 2010 Introduction Each NFA Member Firm must complete a yearly self-examination checklist and maintain the completed checklist as part of the firm
More informationSSI Sensitive Security Information Processes and Procedures
SSI Sensitive Security Information Processes and Procedures Table of Contents Introduction; What is SSI? CFR 49, Part 1520 and Part 15; SSI at DEN; Project Limitations; If SSI ; SSI Requirements; Best
More informationGENERAL ASSEMBLY OF NORTH CAROLINA SESSION 2005 S 2 SENATE BILL 1048 Judiciary I Committee Substitute Adopted 5/23/05
GENERAL ASSEMBLY OF NORTH CAROLINA SESSION 00 S SENATE BILL Judiciary I Committee Substitute Adopted //0 Short Title: Identity Theft Protection Act of 00. Sponsors: Referred to: March, 00 (Public) 0 A
More informationHIPAA STUDENT ASSOCIATE AGREEMENT
HIPAA STUDENT ASSOCIATE AGREEMENT This Agreement dated as of, 20 is made by and between Petaluma Health Center (Hereinafter Covered Entity ) and (Hereinafter Student ). INTRODUCTION This Agreement governs
More informationDetective and Security Services 114
www.revenue.state.mn.us Detective and Security Services 114 Sales Tax Fact Sheet 114 Fact Sheet What s New in 2018 We clarified when sellers are required to collect local sales taxes. See Local Sales and
More informationCredit Card Handling Security Standards
Credit Card Handling Security Standards Overview This document is intended to provide guidance regarding the processing of charges and credits on credit and/or debit cards. These standards are intended
More informationSEALED BID REQUEST FOR ASBESTOS REMOVAL & PROPOSED FORM OF CONTRACT
SEALED BID REQUEST FOR ASBESTOS REMOVAL & PROPOSED FORM OF CONTRACT PROJECT: 404 HMGP Acquisition Program- or 403 Immediate Threat Program Asbestos Abatement For the County of Cedar Contractor: Address:
More informationClark University's PCI Compliance Policy
ï» Clark University's PCI Compliance Policy Who Should Read this Policy: All persons who have access to credit card information, including: Every employee that accesses handles or maintains credit card
More informationIT Data Destruction Risks vs. Rewards. Corey Dehmey Director of Sustainability AERC Recycling Solutions
IT Data Destruction Risks vs. Rewards Corey Dehmey Director of Sustainability AERC Recycling Solutions Overview What is IT Data Destruction Risks vs. Rewards Review of Data Destruction Methods Process
More informationCampus Administrative Policy
Campus Administrative Policy Policy Title: Credit Card Acceptance Policy Number: 2019 Functional Area: Finance Effective: February 1, 2011 Date Last Amended/Reviewed: February 1, 2011 Date Scheduled for
More informationBeans and Rice, Inc. ACCOUNTING POLICIES AND PROCEDURES MANUAL
Beans and Rice, Inc. ACCOUNTING POLICIES AND PROCEDURES MANUAL TABLE OF CONTENTS 1.00 BACKGROUND INFORMATION 1.01 Tax Status and Purpose... 1 1.02 Service Area... 1 2.00 CHART OF ACCOUNTS 2.01 Assets...
More informationTHE FAIR CREDIT REPORTING ACT
THE FAIR CREDIT REPORTING ACT As a public service, the staff of the Federal Trade Commission (FTC) has prepared the following complete text of the Fair Credit Reporting Act (FCRA), 15 U.S.C. 1681 et seq.
More informationWAKA-TV APPLICATION FOR EMPLOYMENT
An Equal Opportunity Employer WAKA-TV APPLICATION FOR EMPLOYMENT WAKA-TV does not discriminate on the basis of race, color, religion, national origin, sex, age, or disability. It is our intention that
More information11/14/ FNBT FACT ACT
1 FNBT FACT ACT This class addresses the Fair Credit Reporting Act which governs the collection and use of information considered in connection with granting credit, providing insurance or offering employment.
More informationNOTICES TO FURNISHERS OF INFORMATION: OBLIGATIONS OF FURNISHERS UNDER THE FCRA
NOTICES TO FURNISHERS OF INFORMATION: OBLIGATIONS OF FURNISHERS UNDER THE FCRA The federal Fair Credit Reporting Act ( FCRA ), as amended, imposes responsibilities on all persons who furnish information
More informationDOCUMENT RETENTION GUIDELINES
DOCUMENT RETENTION GUIDELINES A RISK MANAGEMENT WHITE PAPER THE CONTENTS OF THIS PUBLICATION ARE PROVIDED FOR INFORMATIONAL PURPOSES ONLY. CONSULTATION WITH LEGAL COUNSEL IS RECOMMENDED FOR USE OF THIS
More informationREQUEST FOR PROPOSAL/QUALIFICATIONS FOR MUNICIPAL PROFESSIONALS
REQUEST FOR PROPOSAL/QUALIFICATIONS FOR MUNICIPAL PROFESSIONALS Issued by the Township of Waterford Date Issued: November 8 th, 2017 Responses Due by: December 8th, 2017 Request for Proposal for Professional
More informationInterim Date: July 21, 2015 Revised: July 1, 2015
HIPAA/HITECH Page 1 of 7 Effective Date: September 23, 2009 Interim Date: July 21, 2015 Revised: July 1, 2015 Approved by: James E. K. Hildreth, Ph.D., M.D. President and Chief Executive Officer Subject:
More informationPAYMENT CARD INDUSTRY
DATA SECURITY POLICY Page 1 of 1 I. PURPOSE To provide guidelines and procedures to ensure that all money paid to the College in the form of cash, checks or payment cards is properly receipted, accounted
More informationNOTICE TO USERS OF CONSUMER REPORTS: OBLIGATIONS OF USERS UNDER THE FCRA
All users of consumer reports must comply with all applicable regulations. Information about applicable regulations currently in effect can be found at the Consumer Financial Protection Bureau s website,
More informationNOTICE TO USERS OF CONSUMER REPORTS: OBLIGATIONS OF USERS UNDER THE FCRA. As ordered by a court or a federal grand jury subpoena.
All users of consumer reports must comply with all applicable regulations. Information about applicable regulations currently in effect can be found at the Consumer Financial Protection Bureau s website.
More informationAdverse action is your requirement as an employer under the FCRA Please consult with your legal counsel on your adverse action letters and process.
Adverse action is your requirement as an employer under the FCRA Please consult with your legal counsel on your adverse action letters and process. State requirements also need to be considered for your
More informationHIPAA COMPLIANCE ROADMAP AND CHECKLIST FOR BUSINESS ASSOCIATES
HIPAA COMPLIANCE ROADMAP AND CHECKLIST FOR BUSINESS ASSOCIATES The Health Information Technology for Economic and Clinical Health Act (HITECH Act), enacted as part of the American Recovery and Reinvestment
More informationTo: Our Clients and Friends January 25, 2013
Life Sciences and Health Care Client Service Group To: Our Clients and Friends January 25, 2013 Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules under the Health
More informationRobinson Nevada Mining Company EMPLOYMENT APPLICATION
Robinson Nevada Mining Company PO Box 382 Ruth, NV 89319 ~ RNMC.Recruiting@kghm.com EMPLOYMENT APPLICATION Robinson Nevada Mining Company / KGHM International maintains a drug free work environment. We
More informationSENATE, No STATE OF NEW JERSEY. 217th LEGISLATURE INTRODUCED JUNE 9, 2016
SENATE, No. STATE OF NEW JERSEY th LEGISLATURE INTRODUCED JUNE, 0 Sponsored by: Senator NICHOLAS P. SCUTARI District (Middlesex, Somerset and Union) SYNOPSIS Authorizes parent or guardian to place security
More information2005/2006 INDIRECT COST RATES. and COUNTYWIDE COST ALLOCATION PLAN
2005/2006 INDIRECT COST RATES and COUNTYWIDE COST ALLOCATION PLAN Multnomah County, Oregon FISCAL YEAR 2005/2006 Indirect Cost Rates and Consolidated Countywide Cost Allocation Plan Based on the Year Ending
More informationCybersecurity Privacy and Network Security and Risk Mitigation
Ask the Experts at fi360 2016 Cybersecurity Privacy and Network Security and Risk Mitigation Gary Sutherland, NAPLIA CEO Brian Edelman, Financial Computer Inc. CEO Paul Smith, AIF NAPLIA SVP SEC s 1st
More information