| 1 | Board Resolutions: Appointing HIPAA Privacy and Security ... These standard clauses provide resolutions that covered entities can use to appoint a privacy and security officer as required by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). These standard clauses include integrated notes with important explanations and drafting tips. | Standard clauses | Maintained |
| 2 | Bring Your Own Device to Work (BYOD) Policy A policy for employers that wish to allow their employees to use their own smartphones, tablets or other mobile devices for work either while at the office or during nonworking hours. This policy can be incorporated into an employee handbook or used as a stand-alone policy document. This Standard Document applies only to private workplaces and is jurisdiction neutral. State or local law may impose additional or different requirements, but this document will be useful and relevant to employers in every state. This Standard Document has integrated notes with important explanations and drafting tips. | Standard documents | Maintained |
| 3 | Data Security Breach Notice Letter A letter from a company to individuals (for example, employees or customers) notifying those individuals of a data security breach involving their personal information. This Standard Document has integrated notes with important explanations and drafting tips. | Standard documents | Maintained |
| 4 | Data Security Contract Clauses for Service Provider ... Sample clauses for use in a services agreement that involves the use, storage or other processing of personal information by the service provider. These clauses are drafted in favor of a customer, but aim to be reasonable. They may be incorporated into the services agreement or attached as a schedule to the agreement. These Standard Clauses have integrated notes with important explanations and drafting and negotiating tips. | Standard clauses | Maintained |
| 5 | HIPAA Authorization for Use and Disclosure of Protected ... A sample form to be provided by an individual to a covered entity authorizing the covered entity to use or disclose protected health information for certain purposes. This authorization is designed to comply with the requirements of the Health Insurance Portability and Accountability Act (HIPAA) but does not address any applicable state law requirements. This Standard Document has integrated notes and important explanations and drafting tips. This Standard Document is in the process of being updated for final HIPAA regulations issued in January 2013. | Standard documents | Maintained |
| 6 | HIPAA Business Associate Agreement A model agreement between an entity subject to HIPAA's privacy and security rules and its business associate, providing for the safeguarding of protected health information received or created on behalf of the entity. This Standard Document has integrated drafting notes with important explanations and drafting tips. This Standard Document is in the process of being updated for final HIPAA regulations issued in January 2013. | Standard documents | Maintained |
| 7 | HIPAA Business Associate Policy A sample Business Associate Policy to be adopted by a covered entity to set out its policies and procedures for addressing business associate contract requirements imposed by the Health Insurance Portability and Accountability Act of 1996. This Standard Document has integrated drafting notes with important explanations and drafting tips. This Standard Document is in the process of being updated for final HIPAA regulations issued in January 2013. | Standard documents | Maintained |
| 8 | HIPAA Notice of Privacy Practices A sample notice from a covered entity that is a group health plan to an individual explaining the plan's privacy practices and how it may use and disclose the individual's protected health information. This notice is designed to comply with the requirements of HIPAA but does not address any applicable state law requirements. This Standard Document has integrated drafting notes with important explanations and drafting tips. This Standard Document is in the process of being updated for final HIPAA regulations issued in January 2013. | Standard documents | Maintained |
| 9 | HIPAA Notice of Privacy Practices Acknowledgment Form A sample form from an individual to a covered entity acknowledging that the individual received the covered entity's Notice of Privacy Practices, as required by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This form does not address any applicable state law privacy requirements. This Standard Document has integrated notes with important explanations and drafting tips. | Standard documents | Maintained |
| 10 | HIPAA Request for Accounting of Disclosures A sample form for an individual to request a HIPAA covered entity (which includes health plans) to provide an accounting of disclosures of protected health information that were made by the covered entity. This form is designed to comply with HIPAA but does not address any applicable state law requirements. This Standard Document has integrated notes with important explanations and drafting tips. | Standard documents | Maintained |
| 11 | Image release This is a form of release to authorise the use of photographs featuring a member of the public. | Standard documents | Maintained |
| 12 | Image release: drafting note Drafting note to accompany a release to authorise the use of photographs featuring a member of the public. | Drafting notes | Maintained |
| 13 | Mobile application privacy policy A policy for use by a business that offers a mobile app on a website, offers services through the app, collects non-sensitive personal data in connection with an individual’s use of the app and those services and stores and uses the data for the purpose of supplying those services and for contacting users with direct marketing information. | Standard documents | Maintained |
| 14 | Mobile Application Privacy Policy A model mobile application (app) privacy policy for use by an online business for the collection, storage, use and disclosure of personal information, including for the purpose of selling goods or services to users of the business's mobile application, or for contacting users with direct marketing information. This Standard Document has integrated notes with important explanations and drafting tips. | Standard documents | Maintained |
| 15 | Red Flags Rule Identity Theft Prevention Program Master ... A master policy setting up the framework for developing, implementing, updating and administering a written identity theft prevention program required by the Federal Trade Commission's Red Flags Rule. This Standard Document has integrated notes with important explanatory and drafting tips. | Standard documents | Maintained |
| 16 | Sample Risk Factor: Cyber Security Form of risk factor relating to cyber security that may be inserted into a public company's annual and periodic reports, registration statements or private placement offering documents. This document provides sample language describing risks arising from information security, including the impact of a potential or actual material network breach and steps taken to reduce risk exposure. These Standard Clauses have integrated notes with important explanations and drafting tips. | Standard clauses | Maintained |
| 17 | Standard contractual clauses for the transfer of personal data ... A standard clause approved for the purposes of Directive 95/46/EC for the transfer of personal data to processors in third countries that do not ensure an adequate level of protection as set out in the Annex to Commission Decision 2010/87/EU. This Standard document has been adapted by PLC IPIT & Communications from the original text available at the EUR-Lex website with the permission of the Publications Office of the European Union. © European Communities, eur-lex.europa.eu/ Only European Union legislation printed in the paper edition of the Official Journal of the European Union is deemed authentic. | Standard clauses | 15-May-2010 |
| 18 | Standard contractual clauses for the transfer of personal data ... Standard clauses approved for the purposes of Directive 95/46/EC for the transfer of personal data to data controllers in third countries that do not ensure an adequate level of protection as set out in the Annex to Decision 2004/915/EC. This Standard document has been adapted by PLC IPIT & Communications from the original text available at the EUR-Lex Website with the permission of the Publications Office of the European Union. © European Communities, http://eur-lex.europa.eu/ Only European Union legislation printed in the paper edition of the Official Journal of the European Union is deemed authentic. | Standard clauses | 27-Oct-2009 |
| 19 | Website Privacy Policy A model website privacy policy for use by an online business in connection with the collection, storage, use and disclosure of personal information, including for the purpose of selling goods or services to users of the site, or for contacting users with direct marketing information. This Standard Document has integrated notes with important explanations and drafting tips. | Standard documents | Maintained |