Beruflich Dokumente
Kultur Dokumente
Medtronic Account
Version: 4.5
Date: 13 Dec, 2019
Status: Approved
1
TABLE OF CONTENTS
1. DOCUMENT CONTROL.....................................................................................................................3
Document Change Approvers..................................................................................................................5
Document Approvals................................................................................................................................5
Document Review Plans...........................................................................................................................5
Document Distribution.............................................................................................................................5
Security Classification.............................................................................................................................5
2. ABOUT THIS DOCUMENT.................................................................................................................5
Document Structure..................................................................................................................................5
Document Interdependencies...................................................................................................................5
Reference Documents:..............................................................................................................................6
3. INTRODUCTION..................................................................................................................................6
Objectives.................................................................................................................................................6
4. GUIDELINES.........................................................................................................................................8
4.1. ROLES AND RESPONSIBILITIES........................................................................................................10
5. ON/OFF-BOARDING..........................................................................................................................11
5.1. ON-BOARDING PROCESS DESCRIPTION...........................................................................................11
5.2. HIPAA 2-YEAR DOCUMENT RETENTION FOR ACCESS-RELATED ARTIFACTS....................................13
5.3. ON-BOARDING PROCESS AND USER ACCOUNT REQUEST PROCESS................................................13
5.4. OFF-BOARDING PROCESS................................................................................................................14
5.5. OFF-BOARDING PROCESS DESCRIPTION..........................................................................................15
5.6. VERIFICATION AND QUALITY ASSURANCE OF PROCESS.................................................................16
6. APPENDIX – WELCOME AND DATA REMOVAL NOTES.........................................................17
6.1. ON-BOARDING AND PERCOLATOR...................................................................................................17
6.1.1. WELCOME LETTER..................................................................................................................17
6.1.2. TRAINING................................................................................................................................17
6.1.3. PERCOLATOR ACCESS NOTIFICATION (TUI BASED)................................................................18
6.2. REQUEST FOR DATA REMOVAL, UPON OFF-BOARDING AND PERCOLATOR.......................................18
7. APPENDIX – ADAPTIVE AUTHENTICATION & DATA REMOVAL ARTIFACTS.................19
7.1. STEPS TO CONNECT USING ADAPTIVE AUTHENTICATION................................................................19
7.2. STEPS TO PURGE DATA AND CERTIFY DATA REMOVAL..................................................................19
IBM Confidential 2
1. Document Control
Summary of Changes
4
IBM Confidential
Document Change Approvers
Function Name Approval
Date
Delivery Project Executive Claudia Corino, DPE 13 Dec 2019
Document Approvals
Document approvals for this document are stored in the DS&P Folder of the Medtronic IPWC Teamroom.
Document Distribution
This document will be distributed to all change approvers and upon request.
Security Classification
The security classification (IBM Confidential) and the handling of this document complies with IBM
‘Classification and Control of IBM Information’, Publication numbers CI-116A & CS-216.
Document Structure
Within the body of this document, a high-level process flow, roles and responsibilities for the process.
This process document will be updated when the client or IBM changes its processes, tools used, or requires
additional on- or off-boarding activities for project resources.
Document Interdependencies
A major interdependency this process has, is with the Access Management Process, which addresses the job-
specific accesses (accounts and permissions) to select Medtronic and IBM IT-Assets network, servers, databases,
applications in various support environments, tools (web sites, repositories, Share Points, and the like).
The On-Off Boarding process document addresses the activities required for on-boarding of new members into the
Medtronic account, and the activities required for off-boarding of existing members from the Medtronic account.
When a workforce member departs the Medtronic account, they must be off-boarded, and if they return, they will
undergo a new on-boarding cycle.
These processes described in this document, address controls at the account level. The work numbers, systems,
and work sites included under this document include the following:
When on-boarding, the accesses a person may need (such as Medtronic network access, in order to obtain
training) is addressed by the On-Off Boarding Process, as this is common to each person. The Access
Management Process is invoked to provide them the access they need to specific IT assets, based on their first
assigned role (which can happen multiple times during their tenure at Medtronic). When they off-board from the
Medtronic account, the Access Management Process is again invoked as necessary, to terminate those accesses.
The requests for access to, terminate access, and request changes to accesses (accounts and permissions to
Medtronic resources, is addressed in the Risk Management Process. It is referred to during both on-boarding and
off-boarding, but can also be executed independently as the person changes their functional job roles.
Reference Documents:
o Medtronic User ID Access Management Process Document located in Medtronic IPWC
o Medtronic Percolator Tool >>On-Off boarding
o Medtronic IBM On-boarding form
3. Introduction
This document specifically addresses the Data Security and Privacy elements of On-Boarding and Off-Boarding.
This process applies to all GBS Workforce Members joining Medtronic-.
An On/Off-boarding Process is vital to overall contract performance and containment of Data Security & Privacy
(DS&P) risks. It provides for the movement of GBS Workforce Members into and out of the project in a consistent
manner, while ensuring compliance with DS&P requirements.
This process defines the formal communications and education for GBS Workforce Members joining or leaving
Medtronic. It covers areas such as how to treat Medtronic information, handle data on laptops when connected to
the Client networks, dispose of IBM and Medtronic confidential information, and remove Medtronic data from
equipment upon leaving an account or contract team, or when separating from IBM. Evidence of execution is
required.
Refer to GBS Data Security and Privacy Controls Framework for updates to this template as well as other
supporting guidance.
6
IBM Confidential
This document also covers overview of Percolator tool which is used to manage On-Off boarding and retaining
related evidences.
Objectives
Ensure the On/Off-boarding Process is managed consistently and accurately across the contract,
regardless of the presence of Personal Information (PI), Sensitive Personal Information (SPI) and/or
Business Sensitive Information (BSI)
Provide a central point of contact for the On-boarding and Off-boarding of GBS Workforce Members
Ensure compliance with project-specific Data Security and Privacy requirements
Ensure timely and complete On-boarding and Off-boarding of GBS Workforce
Maintain historical records of individuals processed through the On/Off-boarding Process
7
IBM Confidential
4. Guidelines
A. On/Off-boarding is a planned and systematic approach to processing new and departing GBS workforce
members. The Process and On-boarding Checklist cover basic IBM and client contractual requirements.
The Process and Off-boarding Checklist ensure that the departing GBS workforce members meet IBM and
client requirements for access removals, continued non-disclosures and compliance to post employment or
contract requirements. Required employee clearances, physical and logical access assignments and
assignment of special equipment. The On-Off boarding and Access Control List of Medtronic Account is
managed and tracked through a web based tool called “Percolator”.
B. On-Boarding
New GBS workforce members are on-boarded shortly after starting on a project and should occur no later
than 60 days from joining the project. On-boarding activities capture the completion of items such as project
specific training, client specific training, work permit requirements, Timing
New members are required to complete the DS&P Awareness training within 30 days of their on-
boarding start date
Due to delays from multiple stakeholders and background check and/or Drug Screening (Drug
screening is only applicable for Key resources) verification on-boarding activities can take up to 60
days from the resource start date on the project.
Percolator tool based Work Force Member List (Staff Management Dashboard) is updated to reflect
the on-boarding of the new resource. User ids or Access Control List is updated and managed
through Percolator tool, Separation of Duties (SOD) matrix, Workplace Inspection logs are updated
during the next immediate monthly review following the resources start on the project.
C. Off-boarding
Off-boarding ensures that all access to systems, environments, network, support tools as well as access to
client PI/SPI/BSI data is revoked and passwords are reset. In addition, PI/SPI/BSI data is removed from the
GBS workforce member’s equipment (for example, laptops, memory sticks, other peripheral equipment)
and client-issued equipment (for example, laptops, keys, badges and security tokens) is collected and
returned. Any IBM confidential information stored on client-issued equipment is securely deleted prior to
returning. Off-boarding are managed and tracked through Percolator Tool.
Timing
IBM team notifies Medtronic of off-boarding within 24 hours of Team Leads being made aware of
the intended departure. (If the departing member is not leaving “for cause,” there may be a period
where the departing member is still providing services up to their identified “last day
The IBM Medtronic project account is required to submit a request for account revocation to
Medtronic within 24 hours after departure of the resource through Workday tool
WMML, ACL, SOD and Workplace Inspection logs are manually updated to reflect the departure of
the departing member, no later than during monthly reviews.
Evidence is reviewed to validate that the project’s On-boarding Process is followed. A Percolaotor based On-
boarding Checklist is used as part of the project’s On-boarding Process to:
8
IBM Confidential
Ensure specific project requirements are addressed, such as when using non-IBM or non-client issued
workstations
Ensure any other relevant project documentation is updated to reflect the new role or new workforce
member introduced with On-boarding
Maintain historical records of individuals processed through Percolator tool
Evidence is reviewed to validate that the project’s Off-boarding Process is followed. Off-boarding activities for the
departing resources are required to be completed by the member’s last work day on the project. A Percolator based
Off-boarding Checklist is used as part of the project’s Off-boarding Process to:
Ensure timely and complete removal of physical and logical accesses within 24 hours
Ensure the removal of data from workstations and other storage media
Ensure IBM information is removed off of client assets before returning
Ensure the return of client assets to the client
Ensure any client post contract requirements are met
Ensure specific client requirements are addressed, such as Non-Disclosure agreements and security
clearances
Ensure project documentation is updated to reflect the workforce member change (for example, the SOD
Matrix a)
Maintain historical records of individuals processed
Exception
The project periodically uses consultants from Delivery Excellence, Risk Management, and Subject Matter Experts
(SMEs) on various technical areas. These members are approved for a few hours and/or for a short duration on the
project. These members are not on- and off-boarded and required to complete any on-boarding activities, but are
tracked in the Percolator as Support team members, for the duration they charge time to the project.
However, if consultants/SMEs stay on longer on the project, or are assigned User ID accounts for access to
Medtronic systems, these members will at that time be on-boarded and required to complete on-boarding activities,
including MDT required training, DS&P training, and background verification check.
Mandatory Breaks
Every two years, all US resources (Regulars, subcontractors, LTS, landed) in the account , need to take 60 days /
more mandatory break. These resources are not permanently rolled-off from MDT account however they do not
support any client related work or retain access to client n/w, applications, system, data etc. during break. Such
resources will not be charging billable hours on ILC during breaks.
Post completion of 60 days / more break, resources regain access to MDT n/w and resume services.
Steps to manage these breaks are mentioned below.
Percolator tool is used to record Mandatory breaks and access status. The tool moves active records to “Mandatory
Break” section as soon as step 2 is completed by manager. The record is moved to active state once the break is
over.
Leaving: -
Step responsibility
1. Percolator staff management dashboard assignments PM
details are updated
2. Mandatory Break Start date and end date recorded PM
on Percolator
3. N/W level access and application level access PM / PMO
revocation request is raised
4. Update Percolator ACL dashboard “Mandatory PMO
Break Access Revoked Date” to record revocation
details of leaver.
5. Update SOD DS&P
6. Review ACL records for completion DS&P
9
IBM Confidential
Resuming Services: -
Step Responsibility
1. Workday request is raised for n/w level access and PMO
DS&P is informed
2. Application/system level access request is raised by PM
managers and DS&P is informed
3. Update Percolator ACL dashboard “Mandatory PMO
Break Access Renewal Date” to records access renewal
of joiner.
4. Access level / profile and role reviewed and updated PM
5. SOD is updated DS&P
6. Review ACL records DS&P
Role Responsibility
Medtronic Cost Center Manager o Approve on boarding of new IBM members to the IBM cost center
(for IBM members) within the Medtronic accounting system
Medtronic (MDT) On-Off Boarding o Processing Enterprise User Access (EUA) requests
Contact o Monitoring IBM EUA related activities
MDT SAP Coordinator/manager o Receiving BAM request to on-board a new SAP member
o Performs contract/funding and skill review for the new member
proposed for on-boarding
o Either approving or rejecting the request for on-boarding of new
persons who will access the MDT SAP environments.
Manager, PMO team o Add new member on the Percolator tool and initiate on-boarding
o Oversees the activities of the PMO team
o Liaison between DS&P SE and Medtronic Security Manager
IBM On/Off-boarding Coordinator o IBM contact who executes the On/Off-boarding process
India Project o Ensure all evidence of execution are uploaded on Percolator tool.
Management Office (PMO)
New Workforce Member o Fills out the appropriate checklist on the Percolator
and completes all required activities for on-boarding, such as training
requirements, ISAM registration, background check forms, and
upload evidence on the tool to show fulfillment of on-boarding tasks
Off-Boarding Team Member o Fills out Off-boarding checklist and Data Removal
Certificate on the Percolator, and captures all required evidence to
show fulfillment of off-boarding tasks
10
IBM Confidential
Role Responsibility
IBM Team Manager/Lead o Identifying need for a change to staffing level
o Identifying new members to be on-boarded and initiate on-boarding
on Percolator
o Identifying departing member to be off- boarded and initiate off-
boarding on Percolator
o
o Requesting approval from BAM for such individuals
o Assist new resource and provides direction for completion of on-
boarding activities
IBM Project Manager/Business o Obtaining and providing approval to on/ off-board an individual
Area Manager (BAM) o Sends notification of approval to the On-Off Boarding Coordinator
IBM Project Management Office Update Percolator PMO section and provide assistance to DS&P team
(PMO) Coordinator
MDT On-Boarding Approver Provides initial MDT approval of all requests for SAP Production
o Key Employees access
o SAP
Medtronic Project Manager/ o MDT single point approver for all new IBM resources
Medtronic On/Off-boarding Contact o MDT contact managing the On/Off-boarding Process.
IBM Technical Contract o Acting as single point of Contact for all On- and Off-boarding of US
Coordinator Subcontractors
Medtronic (MDT) On-Off Boarding o Processing Enterprise User Access (EUA) requests
Contact o Monitoring IBM EUA related activities
DS&P SE o Validates the On-Off Boarding process, completion of activities fully
and timely, and accuracy of documentation.
The following are Medtronic specific data security and privacy requirements documented in the SOW. IBM
resources who will work and access Medtronic’s internal systems/environments are required to:
Background checks for all IBM personnel accessing Medtronic’s on-site facilities and/or systems; and
drug testing of key IBM personnel.
All IBM Personnel performing Services shall be fully trained in MDT’s Quality System Requirements
(QSRs),( QRS training is managed by MDT on their learning portal)
HIPAA Regulation compliance
HIPAA retention policy is followed:
All versions of HIPAA related Process Documents/Procedures are retained for six years from last
date of being active (e.g. the date the new version replaces it)
Activity Monitoring evidence is retained for six years
Project training materials and evidence of completion at on boarding and annually thereafter to
include both HIPAA and DS&P courses (six years)
Execution evidence of those HIPAA related processes and procedures have a two year retention
such as on/off boarding checklists and evidence, Access Management requests & approvals
including any changes and revocations
HIPAA related process documents are reviewed annually at a minimum and all individuals
supporting the account have access to the documents needed to perform their roles/
responsibilities
All employees have compliant WST reports at on-boarding and checked periodically thereafter
HIPAA Program Office requirements for on/off boarding are met with controls in the on/off boarding
process
11
IBM Confidential
All above mentioned requirements are tracked and managed through on-boarding checklist.
Drug Testing has not been performed for all IBM personnel (An exception mail has been taken from
DPE)
5. On/Off-boarding
12
IBM Confidential
# Step Task ID and Description* Who*
for limited time duration
•
4 Initiate and • Initiate background verification according to the IBM Project
Execute country laws and regulations of the new resource’s Management Office
Background home location. (PMO) Manager
Verification • Tracks background completion up to clearance. /DS&P SE
Update Percolator.
• Triggers MDT notification through Workday tool
(Customer use only)
5 Execute On- • Follows process/procedures to fill out all applicable New team member
boarding Checklist sections of the On-boarding Checklist on Percolator
and Initial On- • Provides laptop details; model and serial number on
boarding steps tool
• Registers in IBM Standard Asset Manager (ISAM) tool;
and upload screen shot of ISAM record (showing PGP
installation & type of user- privileged or standard) on
Percolator
• Completes DS&P Training and submits training
completion confirmation on Percolator tool.
• Completes MDT mandatory training, when user
account is provided in Medtronic SABA system
(tracked by MDT) and upload evidence on Percolator
tool
• Provides all relevant information to for initiation of
background verification.
• Submits request for use of Open Source Software;
(must obtain written approval from PM prior to use)
• Submits request for use of portable media devices;
(must obtain written approval from PM prior to use)
6 Submit request for • Submits new resource On-boarding form to Medtronic On-Off Boarding
Basic profile RS HROC department to on-board the new resource Coordinator
creation and request for Basic profile creation through Workday
•
7 Approval of User ID • MDT HR Manager approves user account for network MDT Manager
access. Offboardings require notification within 24
hours to Medtronic when role changes or resource is
reassigned/departs project.
8 Basic profile • User ID and password is granted and issued to MDT RS HROC/
creation / Issuance resource’s Medtronic manager. Resource Manager
of User ID • Medtronic manager will also receive instructions on
credentials creation of Adaptive Authentication account (two-factor
authentication)
• User receives basic network user ID and credentials
from Medtronic manager
• Adaptive Authentication credentials are provided by
Medtronic manager to new resource, when issued
• RS HROC notifies IBM PMO when user network ID is
created
9 Update Checklist, • Updates OOB Coordinator section on Percolator On-Off Boarding
store and notify based On-Boarding checklist r Coordinator
• Captures Team Manger/Lead email
9 Request for • Submits request for access to other IT Assets and Team Manager/lead
application/ applications/ systems, via Access Management
system/ additional Process
resources • Offboardings require notification within 24 hours to
Medtronic when role changes or resource is
13
IBM Confidential
# Step Task ID and Description* Who*
reassigned/departs project.
Members requiring access to systems where ePHI reside are required to acknowledge that,
per HIPAA guidelines, access-related documents are retained for a 2-year period. Each
member requiring such access will encounter the following statement when seeking access
to these systems:
_____ Check here to acknowledge your awareness that you are requesting access to a system
that
contains Sensitive Personal Information (SPI) /Protected Health Information (PHI) data or is
otherwise
subject to HIPAA and HITECH regulations, and that you agree to comply with those
regulations and IBM
policies.
1. The Business Area Manager (BAM) / Delivery Manager are provided with the Medtronic IBM On-boarding
form for the new resource. A request is sent to the BAM for approval of On-Boarding resource
2. Once approved a record is created on the Percolator tool and On-boarding is initiated
3. The employee receives a Percolator Welcome letter and link to Percolator tool to begin on-boarding.
14
IBM Confidential
5.2.1 Required Training
Where applicable Training completion certificates are uploaded on the Percolator tool by new joiner. If
certificate cannot be provided (i. e. DS&P training PPT which is not tool based) the new joiner’s self-
certification provided on the Percolator tool is considered valid. New joiner adds date of completion
on the tool to certify completion.
Process to Complete Required Training:
Note: On-boarding timeliness for Medtronic is 30. Likewise, off-boarding is considered timely if
performed within five (5) business days. Personnel are rigorously tracked by the DS&P Team with
notifications and reminders sent to all levels of the PM Team to ensure the timeliest responses from
all members. Risks will be logged in cases where on- and off-boarding timeliness exceeds the ideal
window.
The following table outlines the Off-boarding steps for this account. All departing workforce team members are
required to be processed according to these steps and the associated on- and off-boarding checklists.
All departing workforce members include temporary or part time workforce members who may provide support for
short periods of time in support of contract commitments. This process is also applicable to sub-contractors on the
project.
15
IBM Confidential
5.5. Off-boarding Process Description
3 Trigger Appropriate • Takes appropriate contracting actions per ongoing Technical Contract
Contracting Actions policies and procedures Coordinator
4 Provide • If the resource is able to be contacted, sends email to On-Off Boarding
notifications off-boarding resource on the tasks required to be Coordinator
completed as apart of Off boarding process, including
viewing the BISO Offboarding Companion Video and
slide deck.
5 Communicate • Within 24 hours sends email to MDT RS HROC On-Off Boarding
resource release to department, to off-board resource nad terminate access. Coordinator
MDT This serves as request for access revocation.
• Copies DS&P SE in notification
• Triggers MDT notification through the Workday tool
(Customer use only)
6 Initiate Off- • send Off-boarding mail and TU link to departing PMO Coordinator
boarding on the member
Percolator
7 MDT RS HROC • Terminates MDT network account following internal MDT On-Off
Dept. MDT processes/procedures Boarding Contact
• Triggers deletion of all IT asset accesses
8 Notify IBM of • Notifies IBM of termination completion (optional) MDT RS HROC
termination dept.
9 Facilitate Off- • Provides ongoing support to departing member as IBM Manager/ Team
boarding Checklist needed Lead
10 HIPAA access • Access revocation within 24 hours to Medtronic IBM Manager
revocation when role changes or resource is reassigned/departs
project, incl., Siebel /Oracle / SAP systems; ensure
records retained for 24 months
11 Execute Off- • Follows process/procedures to fill out all applicable Individual or Team
boarding Checklist sections of the Off-boarding Checklist on the Percolator Manager/Lead
• Attaches evidence to email
India Process
14 Update PMO and Update PMO and coordinator section on the Percolator Off- PMO Coordinator
Coordinator section boarding checklist
15 Review checklists Quality Assurance of process. Validates the completion of all DS&P SE
off-boarding activities on Percolator with required timelines
and accuracy of evidence and Checklist.
For application level removal is done through Workday request. No separate application level access revocation
request is required.
17
IBM Confidential
6. Appendix – Welcome and Data Removal Notes
Upon being accepted onto the program, the PMO sends a welcome letter to the prospective employee, which
contains instructions on the next steps to be take. The narrative below picks up from where the resource receives
the welcome letter.
6.1.2. Training
On-boarded resource is required to complete certain on-boarding formalities, before he/she starts working on the
project. Welcome note comprising all such requirements is sent by the PMO team, to all the new resources. The
PCB location of the welcome note is provided below:
New joiners reads DS&P training slides and fill the completion date on Percolator. No separate confirmation is
taken from the resources for DS&P trainings.
HIPAA eligible resources are required to complete DS&P training and IBM HIPAA training, and sign/ submit the
attached HIPAA Acknowledgement form, found here in the PCB:
18
IBM Confidential
6.1.3. Percolator Access Notification (TUI based)
Within ten days, the on-boarding employee will receive an email from the PMO with instructions to begin populating
Percolator at a dedicated TUI, meant only for that person. The employee will follow this link and fill the fields as
directed in the initial Percolator letter, discussed earlier.
On last day of the resource or few days in advance the Medtronic Off-boarding Data Removal Certificate is filled by
the resource on the tool upon the notification of PMO. No separate DR certificate is collected from the departing
employee unless he/she is unable to fill the same on Percolator. If the resources have left IBM, the DR Certificate or
TP /Asset return confirm is collected in place of DR Certificate. The DR certificate can be found in the Percolator
OOB Dashboard. :
The customer controls the off-boarding process beyond the steps outlined here:
19
IBM Confidential
7. Appendix – Adaptive Authentication & Data Removal Artifacts
Following data purge, a certificate must be completed and returned to the PMO by the employee in possession of
the workstation in which the hard drive is being purged.
20
IBM Confidential