The Volunteer agrees to:
Acknowledge receipt of, and thereby adhere to, the GSEMA Comprehensive Information Security Program (CISP) which was developed, adopted and implemented by GSEMA to create effective administrative, technical and physical safeguards for the protection of personal information regarding residents of The Commonwealth of Massachusetts that is collected, used, maintained, stored or transmitted by our organization and to comply with our organization’s obligations under the Massachusetts Data Security Laws and Regulations and the Federal Trade Commission’s Red Flags Rules.
Specifically the Volunteer understands their responsibilities under CISP include but are not limited to:
May only use, access, disclose or retain personal information collected, used, maintained, stored and/or transmitted by GSEMA for the purpose of fulfillment of their assigned responsibility or as necessary to comply with applicable state or federal laws or regulations.
May only access GSEMA computer systems/services/devices containing or storing electronic records containing personal information (e.g., laptops, portable hard drives, thumb drives, flash drives, CD’s, DVD’s or other electronic storage devices or media) to fulfill their job responsibilities and shall be restricted by the issuance of individualized user ID names and passwords.
Any member of our workforce/volunteer base in possession of hard-copy records containing personal information, shall maintain such records in a secure fashion (i.e., locked brief case, placed in a locked car trunk, etc.) and shall be responsible for ensuring that no third party (including family members or friends) has an opportunity to view or copy such records. Such hard copy records shall not be copied and shall be returned to a GSEMA office as soon as it is practical.
Any member of our workforce/volunteer base who has been terminated or their contract or agreement has expired, voluntarily or involuntarily, shall no longer have physical/computer access to any records maintained by GSEMA containing any personal information effective immediately upon such termination.
Any member of our workforce/volunteer base who violates any part of the GSEMA CISP or fails to fully comply with any Data Security Policy or Procedure contained in the CISP shall be subject to appropriate action, up to and including termination of employment or contractual termination, all in accordance with our personnel policies and procedures as in effect from time to time.
The Girl Scouts of Eastern Mass (hereafter GSEMA) Comprehensive Information Security Program (hereafter “The CISP”) was approved by the GSEMA Board of Directors on November 29, 2011, and ensures that GSEMA is compliant with data security policies and procedures. The CISP was developed, adopted and will be implemented to create effective administrative, technical and physical safeguards for the protection of personal information regarding residents of The Commonwealth of Massachusetts that is collected, used, maintained, stored or transmitted by our organization and to comply with our organization’s obligations under the Massachusetts Data Security Laws and Regulations and the Federal Trade Commission’s Red Flags Rules.
It is my responsibility to familiarize myself with the contents of The CISP. I acknowledge, understand, accept and agree to comply with the information contained in The CISP provided to me by GSEMA. I understand that The CISP is not intended to cover every situation that may arise during my tenure, and that GSEMA reserves the right to modify The CISP in accordance with legal requirements at any time and without notice based upon business needs and conditions.