Guidelines for the Stage of Implementation - Self-Assessment Activity
|
|
- Tracy Johns
- 6 years ago
- Views:
Transcription
1 GUIDELINES FOR PRIVACY AND INFORMATION MANAGEMENT (PIM) PROGRAM SELF-ASSESSMENT ACTIVITY Guidelines for the Stage of Implementation - Self-Assessment Activity PURPOSE This tool is for the use of school board/authority members to identify where on the continuum their department/school or board/authority is with respect to each of the program elements identified through the PIM Toolkit. Note: It is suggested that participants read the referenced documents prior to undertaking the self-assessment in order to gain an understanding of the expectations of the categories and, therefore, to have a context for the self-assessment activity. Process Protocol 1. Start by having each team member independently identify (by placing a dot using a coloured marker) where on the team continuum the department/school or system is with respect to each of the program elements identified down the far left column. 2. Have participating team members independently provide an example of evidence to support their stage selection in each of the blank boxes corresponding to the program element and stage selected. 3. Next, have each participant transfer his/her stage selection to the Team Self-Assessment Activity Template. Post the sheet on a wall or centre on the table for a group review. The markers allow all team members to see how much they are in agreement with one another. 4. When all dots/marks have been placed on the team continuum, have team members reflect/brainstorm on where there is agreement or disagreement among the ratings. 5. Start with the first principle element and have team members discuss why they believe the department/school/system is where they rated it. Have team members continue this discussion until the team comes to a consensus on one stage that reflects where the department/school/ system is right now. 6. Have team members brainstorm on possible next steps for moving toward the next stage along the continuum. Self-Assessment 1
2 PRIVACY AND INFORMATION MANAGEMENT (PIM) PROGRAM SELF-ASSESSMENT ACTIVITY SELF-ASSESSMENT ACTIVITY Program Elements Level 1 Level 2 Level 3 Level 4 The system has not yet begun to address the program element. An effort has been made to address the program element, but the effort impact a critical mass. endorsed the program element. Members are beginning to modify their thinking and practice as they attempt to implement the program element. The program element is deeply embedded in the system s culture. It represents a driving force in the daily work of the system. It is so internalized that it can survive changes in keypersonnel. Foundational Program Elements Privacy Standard The privacy standard helps to foster a culture of privacy with respect to the way Ontario school boards/authorities collect, use, disclose, secure, retain, and dispose of personal information. DR DRAFT Record and Information Management Framework The record and information on management framework establishes a vision, goals, objectives, principles, and practices which are guided Dd d by legislation, policies, standards, and guidelines Dto support effective information management Dt in school boards. RAF Self-Assessment 2
3 PRIVACY AND INFORMATION MANAGEMENT (PIM) PROGRAM SELF-ASSESSMENT ACTIVITY SELF-ASSESSMENT ACTIVITY Program Elements Level 1 Level 2 Level 3 Level 4 The system has not yet begun to address the program element. An effort has been made to address the program element, but the effort impact a critical mass. endorsed the program element. Members are beginning to modify their thinking and practice as they attempt to implement the program element. The program element is deeply embedded in the system s culture. It represents a driving force in the daily work of the system. It is so internalized that it can survive changes in keypersonnel. Data and Information Management Privacy Policy A written declaration that spells out the details of a school board s/authority s policy on the type of personal information it collects, how it uses that information, and how the information can be shared with third parties. DRAFT Access and Control The access and control matrices Datrices are frameworks that will guide boards in Dtheir journey to identify, inventory, understand, and manage the requirements for access to personal information Dormation and personal information banks in support Dport of the varied roles and duties within the organization. anizationḋanization. Self-Assessment 3
4 PRIVACY AND INFORMATION MANAGEMENT (PIM) PROGRAM SELF-ASSESSMENT ACTIVITY SELF-ASSESSMENT ACTIVITY Program Elements Level 1 Level 2 Level 3 Level 4 The system has not yet begun to address the program element. An effort has been made to address the program element, but the effort impact a critical mass. endorsed the program element. Members are beginning to modify their thinking and practice as they attempt to implement the program element. The program element is deeply embedded in the system s culture. It represents a driving force in the daily work of the system. It is so internalized that it can survive changes in keypersonnel. Data and Information Management (cont d) Model Classification Scheme and Retention Schedule The model classification scheme and retention schedule is intended to provide a recommended classification methodology, legal citation table of retention periods, and recommended retention guidelines for school board/authority recorded information. DRAFT Electronic Documents Dnd and Records Management System The electronic information Don landscape is growing rapidly school boards/authorities need to consider effective ways to manage Delectronic and records. documentsraft Self-Assessment 4
5 PRIVACY AND INFORMATION MANAGEMENT (PIM) PROGRAM SELF-ASSESSMENT ACTIVITY SELF-ASSESSMENT ACTIVITY Program Elements Level 1 Level 2 Level 3 Level 4 The system has not yet begun to address the program element. An effort has been made to address the program element, but the effort impact a critical mass. endorsed the program element. Members are beginning to modify their thinking and practice as they attempt to implement the program element. The program element is deeply embedded in the system s culture. It represents a driving force in the daily work of the system. It is so internalized that it can survive changes in keypersonnel. Information Protection/Operational Control Password Procedures In a school board/authority environment, it is not uncommon for most employees to have multiple passwords for access to , voice mail, computer applications, and portals. Every school board/authority should have a password strategy in place as part of the overall security strategy. DRAFT Privacy and Information DSecurity Guidelines School boards/authorities should have a variety of policies and/or procedures to guide the identification of areas of risk and strategies for the development of in internal procedure or regulation (e.g., guidelines for working outside the office, for cross-panel sharing of student information, for the use of Privacy and Confidentiality ty agreements and website, for videosurveillance, and for video conferencing guidelines). guidelines)ṛaft Self-Assessment 5
6 PRIVACY AND INFORMATION MANAGEMENT (PIM) PROGRAM SELF-ASSESSMENT ACTIVITY SELF-ASSESSMENT ACTIVITY Program Elements Level 1 Level 2 Level 3 Level 4 The system has not yet begun to address the program element. An effort has been made to address the program element, but the effort impact a critical mass. endorsed the program element. Members are beginning to modify their thinking and practice as they attempt to implement the program element. The program element is deeply embedded in the system s culture. It represents a driving force in the daily work of the system. It is so internalized that it can survive changes in keypersonnel. Information Protection/Operational Control (cont d) Data Encryption Encryption is a secure process for keeping personal and confidential information private. It is a process by which bits of data are mathematically jumbled using a password key. The encryption process makes the data unreadable unless or until decrypted. DRAFT Information Technology DEquipment Hardware Disposal and Redistribution Dtion Guidelines All school board/authority computer systems, electronic devices, and electronic storage media should be purged of sensitive personal or confidential data when it is no longer needed or before reuse of such equipment to ensure the continued protection of personal and corporate privacy. privacyṙaft Self-Assessment 6
7 PRIVACY AND INFORMATION MANAGEMENT (PIM) PROGRAM SELF-ASSESSMENT ACTIVITY SELF-ASSESSMENT ACTIVITY Program Elements Level 1 Level 2 Level 3 Level 4 The system has not yet begun to address the program element. An effort has been made to address the program element, but the effort impact a critical mass. endorsed the program element. Members are beginning to modify their thinking and practice as they attempt to implement the program element. The program element is deeply embedded in the system s culture. It represents a driving force in the daily work of the system. It is so internalized that it can survive changes in keypersonnel. Risk Management Privacy Impact Assessment (PIA) A PIA is an assessment framework used to identify the actual or potential risks that a proposed or existing information system, technology, or program may have on an individual s privacy. Privacy Breach Protocol DRAFT The protocol is designed to help Ontario school boards/ authorities contain and respond to incidents involving unauthorized disclosure Df of personal information.raft Self-Assessment 7
8 PRIVACY AND INFORMATION MANAGEMENT (PIM) PROGRAM SELF-ASSESSMENT ACTIVITY SELF-ASSESSMENT ACTIVITY Program Elements Level 1 Level 2 Level 3 Level 4 The system has not yet begun to address the program element. An effort has been made to address the program element, but the effort impact a critical mass. endorsed the program element. Members are beginning to modify their thinking and practice as they attempt to implement the program element. The program element is deeply embedded in the system s culture. It represents a driving force in the daily work of the system. It is so internalized that it can survive changes in keypersonnel. Risk Management (cont d) Privacy Notification Privacy notification statements explain how personal information will be treated as individuals interact with a school board/authority or school. These statements assure both internal and external publics that the personal and confidential information they provide will be handled appropriately. DRAFT Self-Assessment 8
9 PRIVACY AWARENESS CHECKLIST PURPOSE Ontario school boards/authorities should use this checklist as they feel appropriate as a means of gauging how aware staff are about protecting privacy. Staff should reflect upon their responses and act when they can. This is an awareness-enhancing exercise first. Introduction In accordance with the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA), the Personal Health Information Protection Act (PHIPA), and the Personal Information Protection and Electronic Documents Act (PIPEDA), all Ontario school board/authority employees are responsible for the protection of personal, confidential, and sensitive information entrusted to them. They should be aware of privacy policies, procedures, and practices. Personal information is secured and protected from unauthorized access, disclosure, and inadvertent destruction by adhering to safeguards appropriate to the sensitivity of the information. This tool is designed to raise your level of awareness of privacy issues. Do not hesitate to contact your school board s/authority s Freedom of Information Coordinator at telephone number if you have any questions. DO YOU FOLLOW YOUR PRIVACY POLICY AND/OR PROCEDURE? A. Security of Personal, Confidential, or Sensitive Information Yes No N/A 1. Are all hard copies of personal, confidential, or sensitive information stored in lockable filing cabinets? 2. Have I safeguarded all electronic personal information records maintained in password-protected databases? 3. Do I refrain from storing personal, confidential, or sensitive information on a Shared Network Drive? 4. Do I immediately pick up any personal, confidential, or sensitive records sent to printer, photocopier or received by fax? 5. If I notice personal, confidential, or sensitive information left at the printer/copier/fax machines, do I immediately retrieve them and/or return them to the owner? 6. Before sending personal, confidential, or sensitive information via , have I considered taking precautions such as removing personal information? Self-Assessment 9
10 PRIVACY AWARENESS CHECKLIST Yes No N/A 7. Have I considered alternatives to faxing personal, confidential, or sensitive information? If such information must be faxed, have the following precautions been taken: Ensure that a fax cover sheet is used that contains contact information of both the sender and recipient with the mention Confidential? Call the intended recipient immediately before and after sending the fax to ensure receipt and immediate pick-up? Print and check a confirmation activity sheet to ensure that the fax reached its intended recipient? Retrieve originals from the fax machine as soon as completed? 8. If it is necessary to take information out of the office, have all necessary precautions been taken to ensure that it is protected? Is it possible to only take non-confidential/ sensitive information? If not, do I have managerial approval to take personal, confidential, or sensitive information from the workplace? 9. Are computer access rights reviewed and updated regularly to ensure that I do not have access to personal information that I do not need to perform my duties and responsibilities? 10. Am I following the procedures in place for safeguarding personal information on laptops, memory sticks, personal digital assistants (PDAs, e.g., BlackBerry devices), etc.? Comments: B. Limitation of Collection, Use, Retention, and Disclosure of Personal Information Yes No N/A 1. Do I need to collect, use, or disclose identifiable personal information to perform my duties and responsibilities? 2. If I need identifiable personal information, do I need to obtain the consent of the individual to whom the information relates before collecting, using or disclosing their personal information? 3. Do I limit my collection, use, or disclosure of personal information to only that which I require to perform my duties and responsibilities? 4. Is there a clear purpose for each type of personal information that I collect, use, retain, or disclose? Self-Assessment 10
11 PRIVACY AWARENESS CHECKLIST Yes No N/A 5. Do I provide a notice to individuals whenever their personal information is collected, e.g., on forms, surveys, websites, etc.? 6. Is all the personal information that I use or disclose utilized for the purpose for which it was collected, or for a consistent purpose? 7. Do all notices of collection that I use provide the specific purposes of collection, the legal authority for collection, and the contact information for an official who can answer questions about the purposes of collection? 8. Do I know who in my workplace is responsible for maintaining records retention schedules? 9. Do I securely dispose of (i.e., destroy or store) personal, confidential, or sensitive information in accordance with established records retention schedules? 10. Do I know when it is appropriate to destroy personal, confidential, or sensitive information? When destroying such information, do I place it in the appropriate shredding bins? 11. Am I aware that all information stored in the memory of electronic devices (e.g., personal computers, printers, photocopiers, fax machines, etc.) has to be deleted permanently prior to their removal from the office? Comments: C. Workstation Security Yes No N/A 1. Am I using a password-protected screen saver and is it set to turn on after five minutes of inactivity? 2. Do I always log off or sign out of applications I am not using, and close the browser window? 3. Do I always shut down my computer at the end of the day? 4. Have I positioned my monitor so that casual observers cannot view personal, confidential or sensitive information? 5. Have I adopted a clean desk model so that no personal, confidential or sensitive information or material is left unsecured at my desk? 6. Do I make a habit of checking that my desk drawers, filing cabinets, and/or door are locked when I leave for the day? Comments: Self-Assessment 11
12 PRIVACY AWARENESS CHECKLIST D. Accuracy Yes No N/A 1. Am I following the procedures in place to update personal information to ensure that it is still accurate? 2. Am I following the procedures in place so that individuals can update their own personal information so that it is still accurate? 3. Am I following the procedures in place for informing third party service providers to whom personal information has been disclosed that the information has been updated? 4. Do I note on the record if individuals have disputed the accuracy of their personal information, so that subsequent users of the personal information are aware of it? Comments: E. Third-Party Service Providers Yes No N/A 1. When personal information is shared with, or collected, used or disclosed by a third party service provider under an arrangement with the Ontario school board/authority, am I making sure that the provider follow its own privacy policies, procedures, and practices? 2. Am I verifying that there is a written agreement in place with any third party service provider with which I am sharing personal information, or if the provider has permission to collect, use, or disclose personal information on behalf of the Ontario school board/authority? 3. If the answer to the question above is Yes, do I monitor compliance with any agreement with a third party service provider? Comments: F. School and Classroom Yes No N/A 1. Ontario Student Records (OSR) and Office Index Cards are securely stored in the main office of the school and are only accessible by authorized personnel in the main office of the school. 2. School staff have received training and are aware of the Ontario School Board/ Authority s Privacy and Access to Information Policy. 3. Teachers and administrators notes and other instruction-related information about students is secured in the classroom or office in the school. Self-Assessment 12
13 PRIVACY AWARENESS CHECKLIST Yes No N/A 4. Information about a student(s) is shared only with other staff in the school who are assigned to work with the student(s), and only as needed to improve the education of the student(s). 5. Full names of students and other personal information and/or photographs do not appear on work displayed in the school, on websites and/or in newsletters. 6. Information related to student(s) is shared outside the classroom for educational purposes only with consent or notification of parent(s) or guardian(s). Comments: G. Privacy Breaches Yes No N/A 1. I am aware of my obligation to immediately report a suspected or actual privacy breach to my supervisor and the school board s/authority s Freedom of Information Coordinator. 2. I am aware of the Ontario school board/authority s Responding to a Suspected Privacy Breach protocol? Comments: Self-Assessment 13
14 PRIVACY STANDARD ASSESSMENT ACTIVITY PURPOSE Use this tool in conjunction with the Privacy Standard to assess which stage your school board/authority has achieved for each of the 10 commitments. Commitments Privacy commitments are based on globally recognized fair information principles and are grounded in Ontario privacy legislation. The system has not yet begun to address the standard. An effort has been made to address the standard, but the effort has not yet begun to impact a critical mass. endorsed the standard. Members are beginning to modify their thinking and practice as they attempt to implement the standard. The standard is deeply embedded in the system s culture. It represents a driving force in the daily work of the system. It is so internalized that it can survive changes in key personnel. Accountability Personal information under our control has designated individual(s) who are accountable for the school board s/authority s compliance with privacy legislation. Identifying Purposes The purposes for which personal information is collected, used, retained, and disclosed, as well as for notifying individuals, is identified at or before the time the information is collected. Self-Assessment 14
15 PRIVACY STANDARD ASSESSMENT ACTIVITY Commitments Privacy commitments are based on globally recognized fair information principles and are grounded in Ontario privacy legislation. The system has not yet begun to address the standard. An effort has been made to address the standard, but the effort impact a critical mass. endorsed the standard. Members are beginning to modify their thinking and practice as they attempt to implement the standard. The standard is deeply embedded in the system s culture. It represents a driving force in the daily work of the system. It is so internalized that it can survive changes in key personnel. Consent The knowledge or consent of the individual is obtained for the collection, use or disclosure of personal information, except when not required by law. Limiting Collection The collection of personal information is limited to that which is necessary for the purposes identified by the organization. Information is collected by fair and lawful means. Limiting Use, Disclosure and Retention Personal information shall not be used or disclosed for purposes other than those for which is was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfilment of those purposes, or as required by law. Self-Assessment 15
16 PRIVACY STANDARD ASSESSMENT ACTIVITY Commitments Privacy commitments are based on globally recognized fair information principles and are grounded in Ontario privacy legislation. The system has not yet begun to address the standard. An effort has been made to address the standard, but the effort impact a critical mass. endorsed the standard. Members are beginning to modify their thinking and practice as they attempt to implement the standard. The standard is deeply embedded in the system s culture. It represents a driving force in the daily work of the system. It is so internalized that it can survive changes in key personnel. Accuracy Personal information is as accurate, complete, and up-to-date as is necessary to fulfill the specified purposes for which it is to be used. Safeguards Personal information is protected from unauthorized access, disclosure, and inadvertent destruction by adhering to safeguards appropriate to the sensitivity of the information. Openness Information about policies and practices relating to the management of personal information is made readily available to the public, including breach protocol. Self-Assessment 16
17 PRIVACY STANDARD ASSESSMENT ACTIVITY Commitments Privacy commitments are based on globally recognized fair information principles and are grounded in Ontario privacy legislation. The system has not yet begun to address the standard. An effort has been made to address the standard, but the effort impact a critical mass. endorsed the standard. Members are beginning to modify their thinking and practice as they attempt to implement the standard. The standard is deeply embedded in the system s culture. It represents a driving force in the daily work of the system. It is so internalized that it can survive changes in key personnel. Individual Access Upon request, an individual is informed of the existence, use, and disclosure of his/her personal information and is given access to that information. An individual may challenge the accuracy and completeness of the information and request that it be amended as appropriate or have a letter of objection retained on file. Challenging Compliance An individual shall be able to address a challenge concerning compliance with the above tenets to the designated individual(s) accountable for compliance. Self-Assessment 17
This policy sets out how Legacy Foresight and its Associates will seek to ensure compliance with the legislation.
Privacy Notice August 2018 Introduction The General Data Protection Regulation (GDPR) is European wide data protection legislation that requires organisations working with individuals based in the European
More informationPhotography and Videos at School Policy
Photography and Videos at School Policy Last updated: 25 May 2018 Contents: Statement of intent 1. Legal framework 2. Definitions 3. Roles and responsibilities 4. Parental consent 5. General procedures
More informationProtection of Privacy Policy
Protection of Privacy Policy Policy No. CIMS 006 Version No. 1.0 City Clerk's Office An Information Management Policy Subject: Protection of Privacy Policy Keywords: Information management, privacy, breach,
More informationPrivacy Policy SOP-031
SOP-031 Version: 2.0 Effective Date: 18-Nov-2013 Table of Contents 1. DOCUMENT HISTORY...3 2. APPROVAL STATEMENT...3 3. PURPOSE...4 4. SCOPE...4 5. ABBREVIATIONS...5 6. PROCEDURES...5 6.1 COLLECTION OF
More information2018 / Photography & Video Bell Lane Primary School & Children s Centre
2018 / 2019 Photography & Video Use @ Bell Lane Primary School & Children s Centre Bell Lane Primary School & Children s Centre Responsible: Headteacher & Governing Body Last reviewed: Summer 2018 Review
More informationHong Kong Personal Data Protection Regulatory Framework From Compliance to Accountability
Legal Week s Corporate Counsel Forum 2016 Renaissance Harbour View Hotel 23 June 2016 Hong Kong Personal Data Protection Regulatory Framework From Compliance to Accountability Stephen Kai-yi Wong Privacy
More informationCCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: Safeguarding Policy Data Protection Policy
CCTV Policy Policy reviewed by Academy Transformation Trust on June 2018 This policy links to: Located: Safeguarding Policy Data Protection Policy Review Date May 2019 Our Mission To provide the very best
More informationISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Privacy framework
INTERNATIONAL STANDARD ISO/IEC 29100 First edition 2011-12-15 Information technology Security techniques Privacy framework Technologies de l'information Techniques de sécurité Cadre privé Reference number
More information1 SERVICE DESCRIPTION
DNV GL management system ICP Product Certification ICP 4-6-3-5-CR Document number: ICP 4-6-3-5-CR Valid for: All in DNV GL Revision: 2 Date: 2017-05-05 Resp. unit/author: Torgny Segerstedt Reviewed by:
More informationCCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: T:Drive. Safeguarding Policy Data Protection Policy
CCTV Policy Policy reviewed by Academy Transformation Trust on June 2018 This policy links to: Safeguarding Policy Data Protection Policy Located: T:Drive Review Date May 2019 Our Mission To provide the
More informationViolent Intent Modeling System
for the Violent Intent Modeling System April 25, 2008 Contact Point Dr. Jennifer O Connor Science Advisor, Human Factors Division Science and Technology Directorate Department of Homeland Security 202.254.6716
More informationPrivacy by Design: Integrating Technology into Global Privacy Practices
Privacy by Design: Integrating Technology into Global Privacy Practices Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario, Canada Harvard Privacy Symposium August 23, 2007 Role of the IPC
More informationPersonal Data Protection Competency Framework for School Students. Intended to help Educators
Conférence INTERNATIONAL internationale CONFERENCE des OF PRIVACY commissaires AND DATA à la protection PROTECTION des données COMMISSIONERS et à la vie privée Personal Data Protection Competency Framework
More informationStaffordshire Police
Staffordshire Police ANPR ANPR Project Document Reference: Author: D PLATT Date: 16 TH NOV 2012 Change Control Record Date Document Reference Change By 16/11/12 Initial version, for review D PLATT Contents
More informationThis Privacy Policy describes the types of personal information SF Express Co., Ltd. and
Effective Date: 2017/05/10 Updated date: 2017/05/25 This Privacy Policy describes the types of personal information SF Express Co., Ltd. and its affiliates (collectively as "SF") collect about consumers
More informationVital Records Data Practices Manual
Vital Records Data Practices Manual FOR COUNTY VITAL RECORDS OFFICES Revised November 2016 OFFICE OF VITAL RECORDS Contents Vital Records Data Practices Manual... 0 Section I: Government Records... 2 Life
More informationPrivacy Procedure SOP-031. Version: 04.01
SOP-031 Version: 04.01 Effective Date: 01-Mar-2017 Table of Contents 1. DOCUMENT HISTORY... 3 2. APPROVAL STATEMENT... 3 3. PURPOSE... 4 4. SCOPE... 4 5. ABBREVIATIONS... 4 6. PROCEDURES... 5 6.1 COLLECTION
More informationWinthrop Primary School
Winthrop Primary School Information Communication Technology Plan & Scope and Sequence (DRAFT) 2015 2016 Aim: To integrate across all Australian Curriculum learning areas. Classroom teachers delivering
More informationDNVGL-CG-0214 Edition September 2016
CLASS GUIDELINE DNVGL-CG-0214 Edition September 2016 The content of this service document is the subject of intellectual property rights reserved by ("DNV GL"). The user accepts that it is prohibited by
More informationTHE UNIVERSITY OF AUCKLAND INTELLECTUAL PROPERTY CREATED BY STAFF AND STUDENTS POLICY Organisation & Governance
THE UNIVERSITY OF AUCKLAND INTELLECTUAL PROPERTY CREATED BY STAFF AND STUDENTS POLICY Organisation & Governance 1. INTRODUCTION AND OBJECTIVES 1.1 This policy seeks to establish a framework for managing
More informationPRIVACY IMPACT ASSESSMENT
PRIVACY IMPACT ASSESSMENT PRIVACY IMPACT ASSESSMENT The template below is designed to assist you in carrying out a privacy impact assessment (PIA). Privacy Impact Assessment screening questions These questions
More informationBank of England Framework for the Testing of Automatic Banknote Handling Machines
Bank of England Framework for the Testing of Automatic Banknote Handling Machines 1. Introduction Maintaining confidence in the currency requires that cash users trust the physical integrity of the Bank
More informationFIPPs Fair Information Practice Principles
FIPPs Fair Information Practice Principles T H E G O L D S TA N DA R D F O R P R OT EC T I N G P E R S O N A L I N F O R M AT I O N Learning Objectives Recognize the Fair Information Practice Principles
More informationNymity Demonstrating Compliance Manual: A Structured Approach to Privacy Management Accountability
A Structured Approach to Privacy Management Accountability Copyright 2016 by Nymity Inc. All rights reserved. All text, images, logos, trademarks and information contained in this document are the intellectual
More informationFiscal 2007 Environmental Technology Verification Pilot Program Implementation Guidelines
Fifth Edition Fiscal 2007 Environmental Technology Verification Pilot Program Implementation Guidelines April 2007 Ministry of the Environment, Japan First Edition: June 2003 Second Edition: May 2004 Third
More informationGDPR Implications for ediscovery from a legal and technical point of view
GDPR Implications for ediscovery from a legal and technical point of view Friday Paul Lavery, Partner, McCann FitzGerald Ireland Meribeth Banaschik, Partner, Ernst & Young Germany mccannfitzgerald.com
More informationTop 10 Reasons NOT to get Organized
Top 10 Reasons NOT to get Organized 1. Hunting for important documents adds excitement to a boring schedule. 2. Stacking papers on your desk protects it from ultraviolet radiation. 3. Being as confused
More informationPhotography Policy: Taking, storing and using images
Noted by Fernhurst Primary School October 2016 Next review October 2019 Photography Policy: Taking, storing and using images Introduction Our academies are busy, friendly and inclusive communities and
More informationDigital Preservation Policy
Digital Preservation Policy Version: 2.0.2 Last Amendment: 12/02/2018 Policy Owner/Sponsor: Head of Digital Collections and Preservation Policy Contact: Head of Digital Collections and Preservation Prepared
More informationJune 2014 For any information or queries relating to fundraising for headspace, please contact:
Fundraising Guidelines QLD June 2014 For any information or queries relating to fundraising for headspace, please contact: headspace Terms and Conditions for Conducting a Fundraising Event in Queensland
More informationClient s Statement of Rights & Responsibilities*
Client s Statement of Rights & Responsibilities* Notification to Clients of Their Rights and Responsibilities Preamble Good communication is essential to an effective attorney-client relationship. A lawyer
More informationPickens Savings and Loan Association, F.A. Online Banking Agreement
Pickens Savings and Loan Association, F.A. Online Banking Agreement INTERNET BANKING TERMS AND CONDITIONS AGREEMENT This Agreement describes your rights and obligations as a user of the Online Banking
More informationIET Guidelines for Volunteers: Data Protection
SERIAL NO: Issue No: 3.0 IET Guidelines for Volunteers: Protection Effective Date Approved by Author February 2012 Executive Committee Richard Best Date of Last Review Reviewed By Date of Next Review February
More informationGuidelines for Use/Disclosure of Photographic and Video Images of Children and Youth
Guidelines for Use/Disclosure of Photographic and Video Images of Children and Youth The following guidelines shall be adhered to, and an authorization form shall be obtained, when photographs or videos
More informationRULES AND REGULATIONS. Title 58 - RECREATION PENNSYLVANIA GAMING CONTROL BOARD [58 PA. CODE CH. 525] Table Game Internal Controls
RULES AND REGULATIONS Title 58 - RECREATION PENNSYLVANIA GAMING CONTROL BOARD [58 PA. CODE CH. 525] Table Game Internal Controls The Pennsylvania Gaming Control Board (Board), under its general authority
More informationStandards and privacy engineering ISO, OASIS, PRIPARE and Other Important Developments
Standards and privacy engineering ISO, OASIS, PRIPARE and Other Important Developments Antonio Kung, CTO 25 rue du Général Foy, 75008 Paris www.trialog.com 9 May 2017 1 Introduction Speaker Engineering
More informationF98-3 Intellectual/Creative Property
F98-3 (A.S. 1041) Page 1 of 7 F98-3 Intellectual/Creative Property Legislative History: At its meeting of October 5, 1998, the Academic Senate approved the following policy recommendation presented by
More informationInformation Governance Policy
Information Governance Policy Target Audience Brief Description (max 50 words) Action Required Board members, sub-committee members and all staff working for, or on behalf of, the NEE CCG This policy outlines
More informationLewis-Clark State College No Date 2/87 Rev. Policy and Procedures Manual Page 1 of 7
Policy and Procedures Manual Page 1 of 7 1.0 Policy Statement 1.1 As a state supported public institution, Lewis-Clark State College's primary mission is teaching, research, and public service. The College
More informationGuide to the Requirements for Public Information and Disclosure GD-99.3
Guide to the Requirements for Public Information and Disclosure GD-99.3 November 2010 Guide to the Requirements for Public Information and Disclosure Guidance Document GD-99.3 Minister of Public Works
More informationDiana Gordick, Ph.D. 150 E Ponce de Leon, Suite 350 Decatur, GA Health Insurance Portability and Accountability Act (HIPAA)
Diana Gordick, Ph.D. 150 E Ponce de Leon, Suite 350 Decatur, GA 30030 Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES I. COMMITMENT TO YOUR PRIVACY: DIANA GORDICK,
More informationPrivacy Law in Canada: Obligations and Risks in the Cyber Age Dina L. Maxwell Associate Lawyer
Privacy Law in Canada: Obligations and Risks in the Cyber Age Dina L. Maxwell Associate Lawyer Blaney McMurtry LLP - 2 Queen Street East, Suite 1500 - Toronto, Canada www.blaney.com Overview Private Sector
More informationDisposing of objects you may not own
Disposing of objects you may not own How is this different from disposal in general? The Museums Association and the Collections Trust provide guidelines and procedures for museums to follow when disposing
More informationDISPOSITION POLICY. This Policy was approved by the Board of Trustees on March 14, 2017.
DISPOSITION POLICY This Policy was approved by the Board of Trustees on March 14, 2017. Table of Contents 1. INTRODUCTION... 2 2. PURPOSE... 2 3. APPLICATION... 2 4. POLICY STATEMENT... 3 5. CRITERIA...
More informationOPINION Issued June 9, Virtual Law Office
OPINION 2017-05 Issued June 9, 2017 Virtual Law Office SYLLABUS: An Ohio lawyer may provide legal services via a virtual law office through the use of available technology. When establishing and operating
More informationDEPARTMENT OF PUBLIC SAFETY DIVISION OF FIRE COLUMBUS, OHIO. SOP Revision Social Media Digital Imagery
DEPARTMENT OF PUBLIC SAFETY DIVISION OF FIRE COLUMBUS, OHIO 17-007 SUBJECT: TITLE: Administration SOP Revision-04-05-07 Social Media 04-05-08 Digital Imagery Implementation Office of the Chief PURPOSE:
More informationThe European Securitisation Regulation: The Countdown Continues... Draft Regulatory Technical Standards on Content and Format of the STS Notification
WHITE PAPER March 2018 The European Securitisation Regulation: The Countdown Continues... Draft Regulatory Technical Standards on Content and Format of the STS Notification Regulation (EU) 2017/2402, which
More informationPrivacy by Design Assessment and Certification. For discussion purposes only
Privacy by Design Assessment and Certification For discussion purposes only Privacy by Design The Framework Privacy by Design 2 Adoption of Privacy by Design as an International Standard Landmark Resolution
More informationSTUDENT GUIDE Version 1.3 FINAL
STUDENT GUIDE Version 1.3 FINAL 4.3.06 2005 M. C. DEAN, INC.--ALL RIGHTS RESERVED. No part of this document may be copied, reproduced, stored in a retrieval system or transmitted, in any form or by any
More informationType Approval JANUARY The electronic pdf version of this document found through is the officially binding version
STANDARD FOR CERTIFICATION No. 1.2 Type Approval JANUARY 2013 The electronic pdf version of this document found through http://www.dnv.com is the officially binding version The content of this service
More informationDETERMINATION OF POPULATION REGULATION
Province of Alberta MUNICIPAL GOVERNMENT ACT DETERMINATION OF POPULATION REGULATION Alberta Regulation 63/2001 With amendments up to and including Alberta Regulation 198/2017 Office Consolidation Published
More informationSt. Philip Parish Richmond, ON
St. Philip Parish Richmond, ON Contact Information Policy 1. Objective The Contact Information Policy describes the background, principles, policies and procedures associated with the management of St.
More informationFuture of the Draft International Code of Conduct as the Linchpin of the Space Security and Safety
Future of the Draft International Code of Conduct as the Linchpin of the Space Security and Safety 4 March 2016 International Symposium On Ensuring Stable Use Of Outer Space Setsuko AOKI, D.C.L. Professor,
More informationSeychelles Civil Aviation Authority SAFETY NOTICE. Coding and registration of Seychelles 406 Mhz Emergency Locator Transmitters (ELTs)
Seychelles Civil Aviation Authority Safety Notice SAFETY NOTICE Number: Issued: 25 April 2018 Coding and registration of Seychelles 406 Mhz Emergency Locator Transmitters (ELTs) This Safety Notice contains
More informationEXIN Privacy and Data Protection Foundation. Preparation Guide. Edition
EXIN Privacy and Data Protection Foundation Preparation Guide Edition 201701 Content 1. Overview 3 2. Exam requirements 5 3. List of Basic Concepts 9 4. Literature 15 2 1. Overview EXIN Privacy and Data
More informationJANUARY. DATE ACTIVITY ORC Reference NOTES 1st day of January after election
JANUARY 1st day of January after election January Terms of newly elected board members begin The terms of office of members of each board of education shall begin on the first day of January after their
More informationData Protection and Information Security. Photography and Filming - Guidelines for the use of Personal Data
Data Protection and Information Security Photography and Filming - Guidelines for the use of Personal Data Page 1 of 7 Created on: 05/06/2013 Contents 1. Introduction... 3 2. Definitions... 3 3. Consent...
More informationLoyola University Maryland Provisional Policies and Procedures for Intellectual Property, Copyrights, and Patents
Loyola University Maryland Provisional Policies and Procedures for Intellectual Property, Copyrights, and Patents Approved by Loyola Conference on May 2, 2006 Introduction In the course of fulfilling the
More informationKey & Access Policy - DRAFT
Applies to Electronic Access Applies to Physical Keys Key & Access Policy - DRAFT General Provisions Provisions in this policy apply to all non-residential facilities for the campus. Keys for residential
More informationCorporate Services. Yes. Chief Executive Officer. Head of Legal and Compliance. Policy and Compliance Officer
Privacy Policy Category/Business Group Published Externally (Yes/No) Approver Responsible Officer Contact Officer Corporate Services Yes Chief Executive Officer Head of Legal and Compliance Policy and
More informationGuidelines for Completion of a Youth Application
Guidelines for Completion of a Youth Application Office of the Métis Nation Saskatchewan Citizenship Registry 406 Jessop Ave Saskatoon, SK S7N 2S5 Ph (306) 343-8391 Toll Free: 1-888-203-6959 Fax (306)
More informationARTICLE 29 Data Protection Working Party
ARTICLE 29 Data Protection Working Party Brussels, 10 April 2017 Hans Graux Project editor of the draft Code of Conduct on privacy for mobile health applications By e-mail: hans.graux@timelex.eu Dear Mr
More informationWhat does the revision of the OECD Privacy Guidelines mean for businesses?
m lex A B E X T R A What does the revision of the OECD Privacy Guidelines mean for businesses? The Organization for Economic Cooperation and Development ( OECD ) has long recognized the importance of privacy
More informationPrivacy Policy Framework
Privacy Policy Framework Privacy is fundamental to the University. It plays an important role in upholding human dignity and in sustaining a strong and vibrant society. Respecting privacy is an essential
More informationDNVGL-CP-0338 Edition October 2015
CLASS PROGRAMME DNVGL-CP-0338 Edition October 2015 The electronic pdf version of this document, available free of charge from http://www.dnvgl.com, is the officially binding version. FOREWORD DNV GL class
More informationIdentifying and Managing Joint Inventions
Page 1, is a licensing manager at the Wisconsin Alumni Research Foundation in Madison, Wisconsin. Introduction Joint inventorship is defined by patent law and occurs when the outcome of a collaborative
More informationNHS Greater Glasgow and Clyde Health Board. Policy on the Management of Intellectual Property
NHS Originated by: David Wyper and Lorna Kelly Title: Board Date: 6/05/2008 Authorised by: Date: 1 Introduction 1.1 NHS organisations are obliged to manage their Research & Development (R&D) to improve
More informationUse of Photographs (Senior School) Policy
Use of Photographs (Senior School) Policy Ref: LP-PS-037 Version: 6.1 Date: 26 th April 2018 Document Owner: Julia Richards (Deputy Head - Pastoral) Description: This policy outlines the School s approach
More informationCommittee on Development and Intellectual Property (CDIP)
E CDIP/16/4 REV. ORIGINAL: ENGLISH DATE: FERUARY 2, 2016 Committee on Development and Intellectual Property (CDIP) Sixteenth Session Geneva, November 9 to 13, 2015 PROJECT ON THE USE OF INFORMATION IN
More informationPrivacy Impact Assessment Desk Reference Guide
Privacy Impact Assessment Desk Reference Guide March, 2016 Defense Health Agency (DHA) Privacy and Civil Liberties Office 7700 Arlington Boulevard Suite 5101 Falls Church, VA 22042 703-275-6363 Colleagues:
More informationBSA COMMENTS ON DRAFT PERSONAL DATA PROTECTION ACT
Permanent Secretary The Ministry of Digital Economy and Society 120 Moo 3, 6-9 floor, The Government Complex Commemorating His Majesty, Chaeng Watthana, Thung Song Hong, Laksi, Bangkok 10210 February 6,
More informationRadiocommunication Facility Review Protocol
Radiocommunication Facility Review Protocol 1.0 PURPOSE 1.1 The purpose of this protocol is to outline the guidelines and review process through which Radiocommunication Facilities are evaluated within
More informationGlobal Alliance for Genomics & Health Data Sharing Lexicon
Version 1.0, 15 March 2016 Global Alliance for Genomics & Health Data Sharing Lexicon Preamble The Global Alliance for Genomics and Health ( GA4GH ) is an international, non-profit coalition of individuals
More informationFACULTY OF ENGINEERING & INFORMATION TECHNOLOGIES RESEARCH DATA MANAGEMENT PROVISIONS 2015
FACULTY OF ENGINEERING & INFORMATION TECHNOLOGIES RESEARCH DATA MANAGEMENT PROVISIONS 2015 1 Purpose and Application (1) These provisions give practical effect to the Research Data Management Policy 2014
More informationContents. 1. Play and Control PLAYING RULES POST. International Correspondence Chess Federation. Valid from 01/01/2017
International Correspondence Chess Federation PLAYING RULES POST Valid from 01/01/2017 Contents 1. Play and Control... 1 2. Transmissions... 2 3. Failure to Reply... 2 4. Moves and Continuations... 3 5.
More informationNOTIFICATION FOR PRIOR CHECKING INFORMATION TO BE GIVEN(2)
To be filled out in the EDPS' office REGISTER NUMBER: 322 NOTIFICATION FOR PRIOR CHECKING Date of submission: 10/01/2008 Case number: 2008-020 Institution: European Commission Legal basis: article 27-5
More information- 2 - "I HATE MY PC" includes all other joint ventures and licensees of CHEQUERED GECKO Pty Ltd.
- 2 - Date???? Full name ("you") Business Name ABN??????? Address Contact details Dear name, Thank you for allowing us the opportunity to be of service to you. I HATE MY PC have made available to The Consultant
More informationUsing the Tax Research Center
Using the Tax Research Center Always connect to the Tax Research Center through NAEA's website to receive the lowest possible price on research. Not a member? Join now members receive the absolutely lowest
More information2018 Federal Scientists Survey FAQ
2018 Federal Scientists Survey FAQ Why is UCS surveying government scientists? The 2018 survey of government scientists is part of ongoing research by the Union of Concerned Scientists (UCS) to better
More informationGUITAR PRO SOFTWARE END-USER LICENSE AGREEMENT (EULA)
GUITAR PRO SOFTWARE END-USER LICENSE AGREEMENT (EULA) GUITAR PRO is software protected by the provisions of the French Intellectual Property Code. THIS PRODUCT IS NOT SOLD BUT PROVIDED WITHIN THE FRAMEWORK
More informationEngineering Drawing System
LPR 7320.1 Effective Date: July 18, 2004 Expiration Date: July 18, 2008 Langley Research Center Engineering Drawing System National Aeronautics and Space Administration Responsible Office: Systems Engineering
More informationUK Research and Innovation Conflicts of Interest Policy
UK Research and Innovation Conflicts of Interest Policy Contents: Policy Statement 1. Introduction and Purpose. 2. Principles 3. Policy Review. 4. Definitions 5. Examples of Conflicts of Interest 6. Policy
More informationOcean Energy Europe Privacy Policy
Ocean Energy Europe Privacy Policy 1. General 1.1 This is the privacy policy of Ocean Energy Europe AISBL, a non-profit association with registered offices in Belgium at 1040 Brussels, Rue d Arlon 63,
More informationINTERMODAL PLANNING COMMITTEE TERMS OF REFERENCE
INTERMODAL PLANNING COMMITTEE TERMS OF REFERENCE City of Cape Town Adopted by the IPC 13 April 2018 TABLE OF CONTENTS Purpose of the Intermodal Planning Committee (IPC) 1. Definitions...4 2. Functions
More informationInvention SUBMISSION BROCHURE PLEASE READ THE FOLLOWING BEFORE SUBMITTING YOUR INVENTION
Invention SUBMISSION BROCHURE PLEASE READ THE FOLLOWING BEFORE SUBMITTING YOUR INVENTION The patentability of any invention is subject to legal requirements. Among these legal requirements is the timely
More informationCalifornia State University, Northridge Policy Statement on Inventions and Patents
Approved by Research and Grants Committee April 20, 2001 Recommended for Adoption by Faculty Senate Executive Committee May 17, 2001 Revised to incorporate friendly amendments from Faculty Senate, September
More informationDETERMINATION OF POPULATION REGULATION
Province of Alberta MUNICIPAL GOVERNMENT ACT DETERMINATION OF POPULATION REGULATION Alberta Regulation 63/2001 With amendments up to and including Alberta Regulation 10/2013 Office Consolidation Published
More informationHOUSE OF COMMONS JOB DESCRIPTION
HOUSE OF COMMONS JOB DESCRIPTION I. JOB IDENTIFICATION Position Title: Collection Cataloguer Job Code: 1927 Position Number: 17170 II. POSITION SUMMARY The Collection Cataloguer develops and maintains
More informationSECTION 13. ACQUISITIONS
SECTION 13. ACQUISITIONS... 13-1 13.1 Introduction... 13-1 13.2 On-Market Takeover... 13-1 13.3 Off-Market Takeover... 13-2 13.3.1 Accepting an Off-Market Bid... 13-3 13.3.2 Accepting an Off Market Bid
More informationREQUEST FOR EXPRESSIONS OF INTEREST
REQUEST FOR EXPRESSIONS OF INTEREST Attachment C: EOI Submission Template headspace National Youth Mental Health Foundation Ltd is funded by the Australian Government Department of Health and Ageing under
More informationJune 2014 For any information or queries relating to fundraising for headspace, please contact:
Fundraising Guidelines NSW June 2014 For any information or queries relating to fundraising for headspace, please contact: headspace Terms and Conditions for Collection in New South Wales Dear Supporter,
More informationPolicy on Patents (CA)
RESEARCH Effective Date: Date Revised: N/A Supersedes: N/A Related Policies: Policy on Copyright (CA) Responsible Office/Department: Center for Research Innovation (CRI) Keywords: Patent, Intellectual
More informationRetention Policy. Destroy
Retention Policy We adopt the Retention Policies of The Church of England as updated from time to time. This extract from The Care of Parish Records Keep or Bin (2009) gives the retention periods that
More informationMunicipal Census Manual
Appendix to MO No. L:014/13 R Municipal Census Manual Requirements and Guidelines for Conducting a Municipal Census January 2013 Alberta Municipal Affairs Government of Alberta 2013 ISBN 978-1-4601-0358-6
More informationHerts Valleys Clinical Commissioning Group. Review of NHS Herts Valleys CCG Constitution
Herts Valleys Clinical Commissioning Group Review of NHS Herts Valleys CCG s constitution Agenda Item: 14 REPORT TO: HVCCG Board DATE of MEETING: 30 January 2014 SUBJECT: Review of NHS Herts Valleys CCG
More informationINTERNATIONAL. Medical device software Software life cycle processes
INTERNATIONAL STANDARD IEC 62304 First edition 2006-05 Medical device software Software life cycle processes This English-language version is derived from the original bilingual publication by leaving
More informationSTATEMENT OF WORK Environmental Assessment for the Red Cliffs/Long Valley Land Exchange in Washington County, Utah
I. Introduction STATEMENT OF WORK Environmental Assessment for the Red Cliffs/Long Valley Land Exchange in Washington County, Utah The Bureau of Land Management s (BLM) St. George Field Office (SGFO) requires
More informationSacramental Records. Jennifer Haselberger Chancellor for Canonical Affairs
Sacramental Records Jennifer Haselberger Chancellor for Canonical Affairs General Rules for Registers Each parish must have a baptismal register, marriage register, and death register (c. 535, 1) Parish
More informationAir Monitoring Directive Chapter 9: Reporting
Air Monitoring Directive Chapter 9: Reporting Version Dec 16, 2016 Amends the original Air Monitoring Directive published June, 1989 Title: Air Monitoring Directive Chapter 9: Reporting Number: Program
More informationhttps://www.icann.org/en/system/files/files/interim-models-gdpr-compliance-12jan18-en.pdf 2
ARTICLE 29 Data Protection Working Party Brussels, 11 April 2018 Mr Göran Marby President and CEO of the Board of Directors Internet Corporation for Assigned Names and Numbers (ICANN) 12025 Waterfront
More information