Branagh Group Policies and Disclosures:

Policy for Ensuring the Privacy and Information Security of Learners’ Records
Policy on Disclosure of Instructor’s Interests in Training Materials
Política sobre la divulgación de los intereses del instructor en los materiales de capacitación
Anti-Discrimination Policy
Política contra la discriminación

Policy for Ensuring the Privacy and Information Security of Learners’ Records

1.0 Purpose

The purpose of this policy is to establish clear guidelines and procedures for ensuring the privacy, confidentiality, integrity, and security of all learner records maintained by Branagh Group. This policy addresses the entire lifecycle of learner information, from input and maintenance to release and issuance, following the completion of learning events. 

2.0 Scope

This policy applies to all Branagh Group personnel, including employees, contractors, and any third-party service providers who are involved in the collection, input, processing, maintenance, storage, release, or issuance of learners’ records for any learning event offered by Branagh Group. This includes, but is not limited to, data within the Learning Management System (LMS), administrative databases, physical files, and any other systems or media containing learner information.

3.0 Policy Statement

Branagh Group is committed to safeguarding the privacy and security of its learners’ records. We recognize the sensitive nature of personal and academic information and are dedicated to implementing and maintaining rigorous security measures to prevent unauthorized access, disclosure, alteration, or destruction of this data. This policy outlines the specific procedures and responsibilities designed to achieve this commitment.

4.0 Definitions

  • Learner Records: Any information pertaining to an individual learner, including but not limited to, personal identifying information (e.g., name, contact details), registration information, course enrollment details, attendance records, assessment results, completion status, certificates, and any communications related to their learning journey.
  • Information Input: The process of collecting and entering learner records into Branagh Group’s systems.
  • Information Maintenance: The ongoing process of storing, updating, and ensuring the accuracy and security of learner records.
  • Information Release: The controlled disclosure of learner records to authorized individuals or entities, typically with the learner’s consent.
  • Issuance of Records: The provision of official documents, such as certificates of completion or transcripts, to learners or authorized parties.
  • Confidentiality: Ensuring that information is accessible only to those authorized to have access.
  • Integrity: Maintaining the accuracy and completeness of information and processing methods.
  • Availability: Ensuring that authorized users have access to information and associated assets when required.

5.0 Procedures

5.1 Information Input

Responsibility: Engineering Team, Technical Support Team

Procedure:

  • Secure Data Collection: All learner personal and academic information will be collected using secure, encrypted systems, primarily through Branagh Group’s designated Learning Management System (LMS) and administrative databases. 
  • Accuracy Verification: Personnel responsible for inputting data will verify the accuracy of all information at the point of entry to minimize errors.
  • Authorized Access: Only personnel with explicit authorization and training will have access to systems for inputting learner information.
  • Minimum Necessary Data: Only information essential for the purpose of the learning event and record-keeping will be collected.

5.2 Information Maintenance

Responsibility: Engineering Team 

Procedure:

  • Secure Storage: All learner records will be stored in secure, access-controlled environments. Digital records will reside on secure servers with firewalls and intrusion detection systems. 
  • Data Encryption: All digital learner records will be encrypted in transit to protect against unauthorized access during transmission.
  • Regular Security Updates: The Engineering Team and IT Consultants will regularly update security software, systems, and protocols to address emerging threats and vulnerabilities. This includes applying patches, updating antivirus definitions, and configuring firewalls.
  • Access Controls: Strict role-based access controls will be implemented for all systems containing learner records. Access privileges will be granted based on the principle of least privilege, meaning personnel only have access to the information necessary to perform their job functions. Access will be reviewed periodically and revoked upon changes in roles or termination of employment.
  • Data Backups: Databases on the Branagh Group’s cloud servers are backed up on a nightly basis. A two-week retention period for these backups is maintained on-site for immediate recovery.  In addition, nightly snapshots of the entire database are securely replicated and backed up at an alternate, geographically dispersed off-site location to facilitate robust disaster recovery in the event of a catastrophic incident at the primary site. All learning event records are maintained for a minimum of seven (7) years from the learning event completion date. Records older than seven years may be reviewed and, if no longer legally or operationally required, may be moved to secure archival cloud storage or securely purged according to data retention policies.
    • Off-site Disaster Recovery: In addition, nightly snapshots of the entire database are securely replicated and backed up at an alternate, geographically dispersed off-site location to facilitate robust disaster recovery in the event of a catastrophic incident at the primary site.
  • Data Audits: The Engineering Team will conduct regular audits of access logs and system activities to monitor for suspicious behavior or unauthorized access attempts.
  • Data Retention: Learner records will be retained for a minimum of 7 years, per IACET guidelines. 

5.3 Information Release

  • Who: Learners, Technical Support Team
  • What: Providing a standardized mechanism for learners to request access to their historical training records.
  • When: As needed by learners.
  • How:
    • Learners can submit a Training Record Request Form (available on the Branagh Group website or by contacting Technical Support).
    • The form requires: learner’s full name (at time of training), training event title, approximate date of completion, and contact information.
    • Requests can be submitted via the online form (which will be processed by the Technical Support Team),  or by phone/email to the Technical Support Team.
5.4 Providing Records to Learners
  • Who: Technical Support Team
  • What: Responding to and fulfilling learner requests for training records.
  • When: Within seven (7) business days of receiving a complete request.
  • How:
    • The Technical Support Team will verify the identity of the requester using provided information to ensure records are disclosed to the correct individual.
    • The requested records will be retrieved from the CourseMill LMS or the cloud storage system. If the record is in archival storage, the learner will be notified of a potentially extended retrieval time (up to 15 business days).
    • Digital copies of the requested records (e.g., PDF of certificate, transcript) will be provided to the Learner by the Technical Support Team via email.

6.0 Roles and Responsibilities

  • Technical Support Team:  Responsible for assisting learners with securely accessing their records and ensuring the secure issuance of records to learners and other authorized parties. Oversee the entire lifecycle of learners’ records, including input, maintenance, release, and issuance. 
  • Engineering Team: Responsible for implementing and maintaining data security infrastructure, including encryption, access controls, regular security updates, and conducting security audits. They will also manage data backups and disaster recovery plans.

7.0 Learner Responsibilities

In alignment with Branagh Group’s End User License Agreement (EULA), learners also have a responsibility to protect their own information:

  • Login Security: Learners are responsible for the security of their login information and for all activities that occur under their account.
  • Confidentiality of Login Information: Login information is confidential and proprietary and may not be disclosed or shared with any third parties.
  • Immediate Notification: If a password is lost, or if any unauthorized use of login information or any other breach of security is suspected, learners agree to immediately notify Branagh Group.:

The Learner must agree to the EULA as part of the registration process to obtain access to training.  

8.0 Data Security and Awareness Training

To ensure ongoing employee awareness and adherence to data security standards, all employees are required to acknowledge receipt of the Branagh Group Data Security and Confidentiality Policy. Regular email reminders are sent to reinforce the importance of data security.

Effective Date: 9/24/2013
Revision Date: 6/18/2025
Approved by: Dave Clark, CTO/CIO

Policy on Disclosure of Instructor’s Interests in Training Materials

Purpose:
This policy ensures transparency and maintains the integrity of educational content by requiring all instructors/content creators to disclose any interests in products, instruments, devices, or materials included in Branagh Group learning events. At this time, Branagh Group offers only online, asynchronous learning events, which are created by our internal development team. Content creators have no proprietary interest in the product/learning event.

Scope:
This policy applies to all instructors/content creators, whether they are employees of Branagh Group or independent contractors.

Standards:

  1. Disclosure Requirement:
    ○ All instructors must disclose any interests they have in products, instruments, devices, or materials included in the training content.
    ○ Interests include, but are not limited to, ownership, stock holdings, patents, trademarks, royalties, consulting fees, or any other form of financial interest or benefit.
  2. Timing of Disclosure:
    ○ Instructors must disclose their interests at the earliest opportunity, preferably during the planning stages of the training event.
    ○ Disclosures must be made in writing and submitted to the Branagh Group before any marketing materials are distributed or the training event is conducted.
  3. Inclusion in Marketing Materials:
    ○ Disclosures must be clearly stated in all marketing and promotional materials associated with the training event. This includes brochures, flyers, websites, emails, and any other forms of advertisement.
    ○ The disclosure statement should be prominently displayed and written in clear, concise language.
  4. Disclosure at the Beginning of the Training Event:
    ○ Instructors must verbally disclose their interests at the beginning of the training event.
    ○ A written disclosure must also be included in the initial materials provided to participants, such as handouts, slides, or digital content.
  5. Format of Disclosure:
    ○ The disclosure must include the nature of the interest and the specific products, instruments, devices, or materials involved.
    ○ Example Disclosure Statement: “I, [Instructor’s Name], have an interest in [Product/Instrument/Device/Material], which will be discussed in this session. I am a [type of interest, e.g., owner, stockholder, consultant] for [Company Name].”

Compliance and Enforcement:
○ Branagh Group will review all marketing materials and event content to ensure compliance with this policy.
○ Failure to disclose interests may result in disciplinary action, including but not limited to removal from the instructional role, cancellation of the event, or other appropriate measures.

Responsibility:
○ It is the responsibility of the instructors to disclose their interests accurately and timely.
○ Branagh Group is responsible for implementing and monitoring compliance with this policy.

Owner/Approver: Jennifer McMullen, Branagh Group President and COO
Effective Date: 2/21/2020
Revision Date: 3/27/2025

Política sobre la divulgación de los intereses del instructor en los materiales de capacitación

Objetivo:
Esta política garantiza la transparencia y mantiene la integridad del contenido educativo al requerir que todos los instructores/creadores de contenido revelen cualquier interés en productos, instrumentos, dispositivos o materiales incluidos en los eventos de aprendizaje de Branagh Group. Actualmente, Branagh Group ofrece únicamente eventos de aprendizaje en línea y asincrónicos, creados por nuestro equipo interno de desarrollo. Los creadores de contenido no tienen ningún derecho de propiedad sobre el producto o evento de aprendizaje.

Alcance:
Esta política se aplica a todos los instructores/creadores de contenido, ya sean empleados de Branagh Group o contratistas independientes.

Estándares:

  1. Requisito de divulgación:
    ○ Todos los instructores deben revelar cualquier interés que tengan en los productos, instrumentos, dispositivos o materiales incluidos en el contenido de la capacitación.
    ○ Los intereses incluyen, pero no se limitan a, propiedad, tenencia de acciones, patentes, marcas comerciales, regalías, honorarios de consultoría o cualquier otra forma de interés o beneficio financiero.
  2. Momento de la divulgación:
    ○ Los instructores deben revelar sus intereses lo antes posible, preferiblemente durante las etapas de planificación del evento de capacitación.
    ○ Las divulgaciones deben realizarse por escrito y enviarse al Branagh Group antes de distribuir cualquier material de marketing o realizar el evento de capacitación.
  3. Inclusión en materiales de marketing:
    ○ Las divulgaciones deben estar claramente estipuladas en todos los materiales de marketing y promoción relacionados con el evento de capacitación. Esto incluye folletos, volantes, sitios web, correos electrónicos y cualquier otro tipo de publicidad.
    ○ La declaración de divulgación debe exhibirse de forma destacada y redactarse en un lenguaje claro y conciso.
  4. Divulgación al inicio del evento de capacitación:
    ○ Los instructores deben revelar verbalmente sus intereses al comienzo del evento de capacitación.
    ○ También debe incluirse una divulgación escrita en los materiales iniciales proporcionados a los participantes, como folletos, diapositivas o contenido digital.
  5. Formato de divulgación:
    ○ La divulgación debe incluir la naturaleza del interés y los productos, instrumentos, dispositivos o materiales específicos involucrados.
    ○ Ejemplo de declaración de divulgación: «Yo, [nombre del instructor], tengo un interés en [producto/instrumento/dispositivo/material], que se tratará en esta sesión. Soy [tipo de interés, p. ej., propietario, accionista, consultor] de [nombre de la empresa]».

Cumplimiento y ejecución:
○ Branagh Group revisará todos los materiales de marketing y el contenido del evento para garantizar el cumplimiento de esta política.
○ El no revelar los intereses puede resultar en una acción disciplinaria, que incluye, entre otras, la eliminación del rol instructivo, la cancelación del evento u otras medidas apropiadas.

Responsabilidad:
○ Es responsabilidad de los instructores revelar sus intereses de manera precisa y oportuna.
○ El Branagh Group es responsable de implementar y supervisar el cumplimiento de esta política.

Propietario/Aprobador: Jennifer McMullen, Presidenta y COO
Fecha de vigencia: 2/21/2020
Fecha de revisión: 3/27/2025

Anti-Discrimination Policy – Updated 11/2024

Branagh Group does not tolerate and prohibits discrimination, harassment, or retaliation of or against job applicants, contractors, interns, volunteers, customers (including our end users) or employees by another employee, supervisor, vendor, customer, or third party based on actual or perceived race, color, creed, religion, age, sex, or gender (including pregnancy, childbirth, and related medical conditions), sexual orientation, gender identity, or gender expression (including transgender status), national origin, ancestry, marital status, protected medical condition as defined by state law (including cancer or genetic characteristics), physical or mental disability, military and veteran status, reproductive health decision making, genetic information, or any other characteristic protected by applicable federal, state, or local laws and ordinances. The Company is committed to a workplace free of discrimination, harassment, and retaliation.

Our management team is dedicated to ensuring the fulfillment of this policy as it applies to all terms and conditions of employment, including recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities, and general treatment during employment.

Furthermore, Branagh Group prohibits discrimination within our learning environment products and against all individuals involved in continuing education/training. Developers/planners and instructors are made aware of this policy during the hiring/retention process and must sign an acknowledgement of such as part of the process. Customers and end users are made aware of our anti-discrimination policy when registering/beginning training through the embedded EULA that must be agreed to before the training will commence. 

Discrimination Defined

Discrimination under this policy means treating differently or denying or granting a benefit to an individual because of the individual’s protected characteristic.

Política contra la discriminación – Actualizada el 11/2024

Branagh Group no tolera y prohíbe la discriminación, el acoso ni las represalias contra solicitantes de empleo, contratistas, pasantes, voluntarios, clientes (incluidos nuestros usuarios finales) o empleados por parte de otro empleado, supervisor, proveedor, cliente o tercero por motivos reales o percibidos de raza, color, credo, religión, edad, sexo o género (incluidos embarazo, parto y afecciones médicas relacionadas), orientación sexual, identidad de género o expresión de género (incluida la condición transgénero), origen nacional, ascendencia, estado civil, afección médica protegida según lo define la ley estatal (incluido el cáncer o las características genéticas), discapacidad física o mental, condición militar o de veterano, toma de decisiones en materia de salud reproductiva, información genética o cualquier otra característica protegida por las leyes y ordenanzas federales, estatales o locales aplicables. La Compañía se compromete a un lugar de trabajo libre de discriminación, acoso y represalias.

Nuestro equipo directivo se dedica a garantizar el cumplimiento de esta política, aplicable a todos los términos y condiciones de empleo, incluyendo el reclutamiento, la contratación, la colocación, los ascensos, los traslados, la capacitación, la compensación, los beneficios, las actividades de los empleados y el trato general durante el empleo.

Además, Branagh Group prohíbe la discriminación en nuestros productos de aprendizaje y contra todas las personas que participan en la formación continua. Los desarrolladores, planificadores e instructores conocen esta política durante el proceso de contratación y retención y deben firmar un acuse de recibo como parte del proceso. Los clientes y usuarios finales conocen nuestra política antidiscriminación al registrarse o comenzar la formación a través del CLUF integrado, que debe aceptarse antes de comenzar la formación.

Definición de discriminación

La discriminación bajo esta política significa tratar de manera diferente o negar u otorgar un beneficio a un individuo debido a una característica protegida de ese individuo.