Information Management Information and Records
Project Management Plan 3.2.1 Developer is responsible for all quality assurance and quality control activities necessary to manage the Work, including the Utility Adjustment Work. Developer shall undertake all aspects of quality assurance and quality control for the Project and Work in accordance with the approved Project Management Plan, Good Industry Practice and applicable Law.
3.2.2 Developer shall develop the Project Management Plan and its component parts, plans and other documentation in accordance with the requirements set forth in Section 1.5.2.5
Compliance Officer Within 90 days after the Effective Date, Progenity shall appoint a Compliance Officer and shall maintain a Compliance Officer for the term of the CIA. The Compliance Officer shall be an employee and a member of senior management of Progenity, shall report directly to the Chief Executive Officer or the President of Progenity, and shall not be, or be subordinate to, the General Counsel or Chief Financial Officer or have any responsibilities that involve acting in any capacity as legal counsel or supervising legal counsel functions for Progenity. The Compliance Officer shall be responsible for, without limitation:
a. developing and implementing policies, procedures, and practices designed to ensure compliance with the requirements set forth in this CIA and with Federal health care program requirements;
b. making periodic (at least quarterly) reports regarding compliance matters in person to the Board of Directors of Progenity (Board) and shall be authorized to report on such matters to the Board at any time. Written documentation of the Compliance Officer’s reports to the Board shall be made available to OIG upon request; and
c. monitoring the day-to-day compliance activities engaged in by Progenity as well as any reporting obligations created under this CIA. Any noncompliance job responsibilities of the Compliance Officer shall be limited and must not interfere with the Compliance Officer’s ability to perform the duties outlined in this CIA. Progenity shall report to OIG, in writing, any changes in the identity of the Compliance Officer, or any actions or changes that would affect the Compliance Officer’s ability to perform the duties necessary to meet the obligations in this CIA, within five business days after such a change.
Program Management 1.1.01 Implement and operate an Immunization Program as a Responsible Entity
1.1.02 Identify at least one individual to act as the program contact in the following areas:
1. Immunization Program Manager;
Communications and Operations Management a. Network Penetration Testing - DST shall, on approximately an annual basis, contract with an independent third party to conduct a network penetration test on its network having access to or holding or containing Fund Data. DST shall have a process to review and evaluate high risk findings resulting from this testing.
Program Monitoring and Evaluation The Recipient shall prepare, or cause to be prepared, and furnish to the Association not later than six months after the Closing Date, a report of such scope and in such detail as the Association shall reasonably request, on the execution of the Program, the performance by the Recipient and the Association of their respective obligations under the Legal Agreements and the accomplishment of the purposes of the Financing.”
Incident Event and Communications Management a. Incident Management/Notification of Breach - DST shall develop, implement and maintain an incident response plan that specifies actions to be taken when DST or one of its subcontractors suspects or detects that a party has gained material unauthorized access to Fund Data or systems or applications containing any Fund Data (the “Response Plan”). Such Response Plan shall include the following:
i. Escalation Procedures - An escalation procedure that includes notification to senior managers and appropriate reporting to regulatory and law enforcement agencies. This procedure shall provide for reporting of incidents that compromise the confidentiality of Fund Data (including backed up data) to Fund via telephone or email (and provide a confirmatory notice in writing as soon as practicable); provided that the foregoing notice obligation is excused for such period of time as DST is prohibited by law, rule, regulation or other governmental authority from notifying Fund.
ii. Incident Reporting - DST will use commercially reasonable efforts to promptly furnish to Fund information that DST has regarding the general circumstances and extent of such unauthorized access to the Fund Data.
Project Management Project Management Institute (PMI) certified project manager executing any or all of the following: • Development of Project Charter • Development of project plan and schedule • Coordination and scheduling of project activities across customer and functional areas • Consultation on operational and infrastructure requirements, standards and configurations • Facilitate project status meetings • Timely project status reporting • Address project issues with functional areas and management • Escalation of significant issues to customers and executive management • Manage project scope and deliverable requirements • Document changes to project scope and schedule • Facilitate and document project closeout
Analytics 1.1. IFS may track and analyze the usage of the IFS Offering for purposes of determining usage made of the IFS Offering, for the purposes of security, to assist customers, and for improving the Software and Services and the user experience in using such Software and Services. For example, IFS may use this information to help customers derive more value from the Software and Services, to understand and analyze trends, or to track which features are used most often in order to improve the Software and Services. IFS may share anonymous usage data with its service providers for the purpose of helping in such tracking, analysis and improvements. Additionally, IFS may share such anonymous usage data on an aggregate basis in the normal course of operating their business; for example, IFS may share information publicly to show trends about the general use of its software and services. TERMS - SERVICES
Compliance Control Services (1) Support reporting to regulatory bodies and support financial statement preparation by making the Fund's accounting records available to the Trust, the Securities and Exchange Commission (the “SEC”), and the independent accountants.
(2) Maintain accounting records according to the 1940 Act and regulations provided thereunder.
(3) Perform its duties hereunder in compliance with all applicable laws and regulations and provide any sub-certifications reasonably requested by the Trust in connection with any certification required of the Trust pursuant to the Xxxxxxxx-Xxxxx Act of 2002 (the “SOX Act”) or any rules or regulations promulgated by the SEC thereunder, provided the same shall not be deemed to change USBFS’s standard of care as set forth herein.
(4) Cooperate with the Trust’s independent accountants and take all reasonable action in the performance of its obligations under this Agreement to ensure that the necessary information is made available to such accountants for the expression of their opinion on the Fund’s financial statements without any qualification as to the scope of their examination.
