User IDs and Password Controls All users must be issued a unique user name for accessing DHCS PHI or PI. Username must be promptly disabled, deleted, or the password changed upon the transfer or termination of an employee with knowledge of the password, at maximum within 24 hours. Passwords are not to be shared. Passwords must be at least eight characters and must be a non-dictionary word. Passwords must not be stored in readable format on the computer. Passwords must be changed every 90 days, preferably every 60 days. Passwords must be changed if revealed or compromised. Passwords must be composed of characters from at least three of the following four groups from the standard keyboard: • Upper case letters (A-Z) • Lower case letters (a-z) • Arabic numerals (0-9) • Non-alphanumeric characters (punctuation symbols)
Customer Identification Program (A) To assist the Fund in complying with requirements regarding a customer identification program in accordance with applicable regulations promulgated by U.S. Department of Treasury under Section 326 of the USA PATRIOT Act ("CIP Regulations"), BNYM will do the following:
(i) Implement procedures which require that prior to establishing a new account in the Fund BNYM obtain the name, date of birth (for natural persons only), address and government-issued identification number (collectively, the "Data Elements") for the "Customer" (defined for purposes of this Agreement as provided in 31 CFR 1024.100(c)) associated with the new account.
(ii) Use collected Data Elements to attempt to reasonably verify the identity of each new Customer promptly before or after each corresponding new account is opened. Methods of verification may consist of non-documentary methods (for which BNYM may use unaffiliated information vendors to assist with such verifications) and documentary methods (as permitted by 31 CFR 1024.220), and may include procedures under which BNYM personnel perform enhanced due diligence to verify the identities of Customers the identities of whom were not successfully verified through the first- level (which will typically be reliance on results obtained from an information vendor) verification process(es).
(iii) Record the Data Elements and maintain records relating to verification of new Customers consistent with 31 CFR 1024.220(a)(3).
(iv) Regularly report to the Fund about measures taken under (i)-(iii) above.
(v) If BNYM provides services by which prospective Customers may subscribe for shares in the Fund via the Internet or telephone, BNYM will work with the Fund to notify prospective Customers, consistent with 31 CFR 1024.220(a)(5), about the program conducted by the Fund in accordance with the CIP Regulations.
(B) To assist the Fund in complying with the Customer Due Diligence Requirements for Financial Institutions promulgated by FinCEN (31 CFR § 1020.230) pursuant to the Bank Secrecy Act ("CDD Rule"), BNYM will maintain and implement written procedures that are reasonably designed to:
(i) Obtain information of a nature and in a manner permitted or required by the CCD Rule in order to identify each natural person who is a "beneficial owner" (as that term is defined in the CDD Rule) of a legal entity at the time that such legal entity seeks to open an account as a shareholder of the Fund, unless that legal entity is excluded from the CDD Rule or an exemption provided for in the CDD Rule applies; and
(ii) Verify the identity of each beneficial owner so identified according to risk based procedures to the extent reasonable and practicable, in accordance with the minimum requirements of the CDD Rule.
(C) Nothing in Section (3) shall be construed to require BNYM to perform any course of conduct that is not required for Fund compliance with the CIP Regulations or CDD Rule, including by way of illustration not limitation the collection of Data Elements or verification of identity for individuals opening Fund accounts through financial intermediaries which use the facilities of the NSCC.
(D) BNYM agrees to permit inspections relating to the CIP services provided hereunder by U.S. Federal departments or regulatory' agencies with appropriate jurisdiction and to make available to examiners from such departments or regulatory agencies such information and records relating to the CIP services provided hereunder as such examiners shall reasonably request.
Customer Identification Unless Elastic has first obtained Customer's prior written consent, Elastic shall not identify Customer as a user of the Products, on its website, through a press release issued by Elastic and in other promotional materials.
Escorting Visitors Visitors to areas where PHI COUNTY discloses to 4 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY is 5 contained shall be escorted and such PHI shall be kept out of sight while visitors are in the area.
Client Money We are not authorised to handle client money; any payments received from you or which need to be refunded to you, will be held by Coversure Insurance Services Limited. Client money is money that is received and held on behalf of our clients during the course of our dealings such as premium payments, premium refunds and claim payments. This money will be held either as agent of the insurer or agent of the client, determined by the agreement in place with each insurer. Where money is held as agent of the insurer, this means that when your cleared premium funds are recieved, the premium is deemed to have been paid to the insurer. The FCA require that all client monies, including yours, are held in a trust account, the purpose of which is to protect you in the event of our financial failure since, in such circumstances, our general creditors would not be able to make claims on client money as it will not form part of our assets. Coversure Insurance Services Limited hold all client monies with one or more approved banks, as defined by the FCA, in a Non-Statutory Trust bank account in accordance with the FCA client money rules. Under these arrangements, Coversure Insurance Services Limited assume responsibility for such monies and are permitted to, and may: • Use such monies received on behalf of one customer to pay another customer’s premium, before the premium is received from that other customer. However, we are not entitled to pay ourselves commissions before we receive the relevant premium from the customer; • For the purpose of effecting a transaction on your behalf, pass your money to another intermediary, including those resident outside the UK who would therefore be subject to different legal and regulatory regimes. In the event of a failure of the intermediary, this money may be treated in a different manner from that which would apply if the money were held by an intermediary in the UK. Please inform us if you do not agree to this. • Retain for our own use, any interest earned on client money. Unless we receive your written instruction to the contrary, we shall treat receipt of payment from you and of any claim payment and/or refund of premium which falls due to you, as being with your informed consent to the payment of those moneys into our Non-Statutory Trust bank account.
Customer Identification Program Notice To help the U.S. government fight the funding of terrorism and money laundering activities, U.S. Federal law requires each financial institution to obtain, verify, and record certain information that identifies each person who initially opens an account with that financial institution on or after October 1, 2003. Certain of PNC’s affiliates are financial institutions, and PNC may, as a matter of policy, request (or may have already requested) the Fund’s name, address and taxpayer identification number or other government-issued identification number, and, if such party is a natural person, that party’s date of birth. PNC may also ask (and may have already asked) for additional identifying information, and PNC may take steps (and may have already taken steps) to verify the authenticity and accuracy of these data elements.
Customer Identification - USA Patriot Act Notice The Lender hereby notifies the Borrower that pursuant to the requirements of the USA Patriot Act (Title III of Pub. L. 107-56, signed into law October 26, 2001) (the “Act”), and the Lender’s policies and practices, the Lender is required to obtain, verify and record certain information and documentation that identifies the Borrower, which information includes the name and address of the Borrower and such other information that will allow the Lender to identify the Borrower in accordance with the Act.
Business Associate Obligations Business Associate agrees to comply with applicable federal confidentiality and security laws, specifically the provisions of the HIPAA Rules and the HITECH Act applicable to business associates, including:
2.1 Use and Disclosure of PHI. Except as otherwise permitted by this Agreement, the HIPAA Rules, or applicable law, Business Associate shall not make any uses or disclosures of PHI except as necessary to provide services to, or on behalf of, Covered Entity as described in the Underlying Agreement, and shall not use or disclose PHI that would violate the HIPAA Rules or HITECH Act if used or disclosed by Covered Entity; provided, however, Business Associate may use and disclose PHI as necessary for the proper management and administration of Business Associate, or to carry out its legal responsibilities, consistent with Covered Entity’s minimum necessary policies and procedures. Business Associate may not use or disclose PHI which it creates, receives, maintains or transmits for or on behalf of the Covered Entity for any purpose except as otherwise provided by the Agreement and this BAA. Business Associate agrees to review and understand any state privacy and security laws to the extent that such laws are not preempted by HIPAA, as may be amended from time to time. Business Associate acknowledges that it shall comply specifically with the HIPAA Security Rule, and, to the extent that Business Associate is to carry out one or more of Covered Entity’s obligations under the Privacy Rule, it shall comply with the requirements of the Privacy Rule which apply to Covered Entity in the performance of such obligation(s). Business Associate shall in such cases:
2.1.1 provide information to members of its workforce using or disclosing PHI regarding the confidentiality requirements in the HIPAA Rules and this Agreement;
2.1.2 obtain reasonable assurances, in writing from the person or entity to whom the PHI is disclosed that: (i) the PHI will be held in confidence and further used and disclosed only as required by law or for the purpose for which it was disclosed to the person or entity; and (ii) the person or entity will notify Business Associate of any instances of which it is aware in which confidentiality of the PHI has been breached; and
2.1.3 agree to notify the Privacy Officer of Covered Entity of any instances of which it is aware in which the PHI is used or disclosed for a purpose that is not otherwise provided for in this Agreement or for a purpose not expressly permitted by the HIPAA Rules or HITECH Act.
2.2 Marketing; Sale of PHI. Business Associate may not use or disclose PHI for marketing purposes. Marketing includes any communication which would encourage the recipient to use or purchase a product or service. Business Associate may not use or disclose PHI where it has directly or indirectly received remuneration, financial or otherwise, from or on behalf of the recipient of the PHI in exchange for the PHI. “Sale” is not limited to circumstances where a transfer of ownership occurs, and would include access, license or lease agreements.
Customer Inquiries 45.1 Each Party shall refer all questions regarding the other Party’s services or products directly to the other Party at a telephone number specified by that Party.
45.2 Each Party shall ensure that each of their representatives who receive inquiries regarding the other Party’s services: (i) provide the numbers described in Section
45.1 to callers who inquire about the other Party’s services or products, and (ii) do not in any way disparage or discriminate against the other Party or its products or services.
Anti-Money Laundering and Identity Theft Prevention Related Duties Subject to the terms and conditions set forth herein, the Trust hereby delegates to the Transfer Agent the Delegated Anti-Money Laundering Duties and, where applicable, the Delegated Identity Theft Prevention Duties that are set forth in the Trust’s Anti-Money Laundering (“AML”) Program and Identity Theft Prevention Program (“IDTPP”) as described below. The Transfer Agent agrees to perform the Delegated Anti-Money Laundering Duties and the Delegated Identity Theft Prevention Duties, with respect to ownership of shares in the Fund for which the Transfer Agent maintains the applicable information subject to and in accordance with the terms and conditions of the Contract.