RELEASE OF GENERAL INFORMATION TO THE PUBLIC AND MEDIA NASA or Partner may, consistent with Federal law and this Agreement, release general information regarding its own participation in this Agreement as desired. Pursuant to Section 841(d) of the NASA Transition Authorization Act of 2017, Public Law 115-10 (the "NTAA"), NASA is obligated to publicly disclose copies of all agreements conducted pursuant to NASA's 51 U.S.C. §20113(e) authority in a searchable format on the NASA website within 60 days after the agreement is signed by the Parties. The Parties acknowledge that a copy of this Agreement will be disclosed, without redactions, in accordance with the NTAA.
Research Use Reporting To assure adherence to NIH GDS Policy, the PI agrees to provide annual Progress Updates as part of the annual Project Renewal or Project Close-out processes, prior to the expiration of the one (1) year data access period. The PI who is seeking Renewal or Close-out of a project agree to complete the appropriate online forms and provide specific information such as how the data have been used, including publications or presentations that resulted from the use of the requested dataset(s), a summary of any plans for future research use (if the PI is seeking renewal), any violations of the terms of access described within this Agreement and the implemented remediation, and information on any downstream intellectual property generated from the data. The PI also may include general comments regarding suggestions for improving the data access process in general. Information provided in the progress updates helps NIH evaluate program activities and may be considered by the NIH GDS governance committees as part of NIH’s effort to provide ongoing stewardship of data sharing activities subject to the NIH GDS Policy.
Public Posting of Approved Users’ Research Use Statement The PI agrees that information about themselves and the approved research use will be posted publicly on the dbGaP website. The information includes the PI’s name and Requester, project name, Research Use Statement, and a Non-Technical Summary of the Research Use Statement. In addition, and if applicable, this information may include the Cloud Computing Use Statement and name of the CSP or PCS. Citations of publications resulting from the use of controlled-access datasets obtained through this DAR may also be posted on the dbGaP website.
Proposed Policies and Procedures Regarding New Online Content and Functionality By October 31, 2017, the School will submit to OCR for its review and approval proposed policies and procedures (“the Plan for New Content”) to ensure that all new, newly-added, or modified online content and functionality will be accessible to people with disabilities as measured by conformance to the Benchmarks for Measuring Accessibility set forth above, except where doing so would impose a fundamental alteration or undue burden. a) When fundamental alteration or undue burden defenses apply, the Plan for New Content will require the School to provide equally effective alternative access. The Plan for New Content will require the School, in providing equally effective alternate access, to take any actions that do not result in a fundamental alteration or undue financial and administrative burdens, but nevertheless ensure that, to the maximum extent possible, individuals with disabilities receive the same benefits or services as their nondisabled peers. To provide equally effective alternate access, alternates are not required to produce the identical result or level of achievement for persons with and without disabilities, but must afford persons with disabilities equal opportunity to obtain the same result, to gain the same benefit, or to reach the same level of achievement, in the most integrated setting appropriate to the person’s needs. b) The Plan for New Content must include sufficient quality assurance procedures, backed by adequate personnel and financial resources, for full implementation. This provision also applies to the School’s online content and functionality developed by, maintained by, or offered through a third-party vendor or by using open sources. c) Within thirty (30) days of receiving OCR’s approval of the Plan for New Content, the School will officially adopt, and fully implement the amended policies and procedures.
AGREED FACTS Registration History 7. Since 2002, the Respondent has been registered in Ontario as a mutual fund salesperson (now known as a Dealing Representative) with Sun Life Financial Services (Canada) Inc. (“Sun Life”)1, a Member of the MFDA. 8. Between September 2009 and May 2015, Sun Life designated the Respondent as a branch manager. 9. At all material times, the Respondent conducted business in the Ottawa, Ontario area. 10. At all material times, Sun Life’s policies and procedures permitted clients to sign a Limited Trade Authorization (“LTA”), a document that authorizes Approved Persons to accept verbal instructions from a client in certain circumstances. 11. At all material times, Sun Life’s policies and procedures prohibited its Approved Persons, including the Respondent, from engaging in discretionary trading. 12. On February 6, 2014, client JR opened a mutual fund account at the Member (the “Mutual Fund Account”) and completed a KYC form, on which form client JR indicated that the time horizon for her investment in the Mutual Fund Account was less than five years, and that her risk tolerance was low to medium. Xxxxxx XX also signed a LTA at this time. 13. At the time Client JR opened the Mutual Fund Account, the Respondent explained to her the difference between deferred sales charges and front end load charges. Client JR informed the Respondent that she intended to use the monies invested in the Mutual Fund Account to pay taxes on a property within a period of less than five years. 14. In March 2014, in accordance with client JR’s instructions, the Respondent processed a purchase in a money market fund in the Mutual Fund Account, subject to a front end load charge. 15. On April 24, 2014, the Respondent states that client JR verbally instructed the Respondent to process a switch in the Mutual Fund Account to transfer the monies to another fund with a risk rating of low to medium called the Signature Diversified Yield Fund (the “Switch”). 16. Prior to accepting the order for the Switch, the Respondent states that client JR advised her that client JR did not need the invested monies immediately. The Respondent failed to ask any further questions to determine client JR’s time horizon for the invested monies. 17. Without obtaining instructions from client XX, the Respondent used her discretion to select a version of the Signature Diversified Yield Fund that was subject to a 7 year deferred sales charge (“DSC”), and processed the Switch. 18. At the time of the Switch, the Respondent failed to inform client XX that she would incur DSC fees if she redeemed monies from the investment within seven years. 19. On April 25, 2015, client JR redeemed her investment at a $10,822.89 gain, but incurred $6,052.29 in DSC fees. 20. In or around April 2015, client JR complained to Sun Life’s compliance department about the DSC fees arising from the Switch. 21. Sun Life completed a review of the client complaint and refunded client JR the DSC fees incurred from the Switch. 22. The Respondent also refunded to Sun Life the $3,631.37 commission that she received from the Switch. 23. The Respondent has not previously been the subject of MFDA disciplinary proceedings. 24. By entering into this Settlement Agreement, the Respondent has saved the MFDA the time, resources, and expenses associated with conducting a full hearing on the allegations.
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to: (1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute; (2) Limit unsuccessful logon attempts; (3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions; (4) Authorize wireless access prior to allowing such connections; (5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity; (6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions; (7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles; (8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services; (9) Enforce a minimum password complexity and change of characters when new passwords are created; (10) Perform maintenance on organizational systems; (11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance; (12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1; (13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital; (14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse; (15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas; (16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems; (17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems; (18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception); (19) Protect the confidentiality of Student Data at rest; (20) Identify, report, and correct system flaws in a timely manner; (21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems; (22) Monitor system security alerts and advisories and take action in response; and (23) Update malicious code protection mechanisms when new releases are available.