This is a sample HIPAA policy and procedure document for organizations to give to employees.
This is a sample contract regarding health and policy information under HIPAA.
This is an excerpt from a corporate annual meeting.
This Corruption of Foreign Public Officials Act (CFPOA) training course will help you recognize "red flags" — situations presenting a risk of CFPOA violations — and deal with them appropriately. (Licensed for use in classroom settings only and not for distribution in any form.)
The U.S. Securities and Exchange Commission's Office of Compliance Inspections and Examinations (OCIE) previously announced at its 2014 Examination Priorities included a focus on technology, including cybersecurity preparedness. OCIE issued this Risk Alert to provide additional information concerning its initiative to assess cybersecurity preparedness in the securities industry.
The following agreement is applicable for a small company doing business with a larger company.
A sample vendor assessment questionnaire from the ACC 2014 Compliance & Ethics Training Program, Session 600.
These template website terms of use are intended for use on non-transactional, information-based websites. The terms of use are not intended for use on websites through which users can place orders for or buy goods, services or digital products. If the website permits User Generated Content (UGC), then additional "acceptable use" terms will be needed, for example, a user's undertaking that he/she will not post UGC that is defamatory, infringing or illegal, and details of the website operator's notice-and-take-action procedures.
This website privacy policy is intended for use on a website through which an online business collects and processes personal data for the purpose of account management, transactions with users and marketing. The policy is not suitable for use where the online business collects "sensitive" personal data. "Sensitive" personal data is defined in the UK's Data Protection Act 1998 and includes data about a user's physical or mental health, race, ethnicity, political beliefs, trade union membership, sexual life, or crimes committed or alleged to have been committed by the user. The purpose of the policy is to assist a data controller that is within the scope of the UK's Data Protection Act 1998 to comply with the requirement under the Act that any "processing" of personal data must be "fair". The Act applies to all data controllers established in the UK as well as to data controllers that are not established in the UK or in any other European Economic Area country but that use equipment in the UK for processing purposes.