1. For any level of access to the Client Prod accounts we must use one of the following email addresses:

• Team member -incytes.service@gmail.com
• Circle Member - incytes@rgnmed.com
• Service Provider - incytes.serviceprovider@gmail.com

‍

2. The passwords to these accounts are stored in the Dashlane under the corporate account.

3. Only Nick is assigned the authority to provide the secure access to the mentioned accounts and retrieve it when required.

4. Passwords must not be sent by none а the insecure means: Email, Teams, any social networks, etc

5. Whenever any level of access must be granted

    a. (MANDATORY) sign the consent regulating accessing to the data between the Client and RegenMed

    b. make sure you receive the clear written proof from the Client allowing to access the production data

    c. invite one of the accounts to the Client's Circle/s or Team/s. Provide the required level of access to Service provider

    d. contact Nick to get the credentials to the account shared via Dashlane

‍

6. When the access is not required any longer

    a. remove the account from the Client's Circle/s or Team/s. Remove access to the Service Provider from the protocol.

    b. (if applicable) notify the Client that RegenMed team no longer has access to the data

    c. (if applicable) provide the Client on the report of the activities which were done while the access was provided

    d. (if applicable) request Nick to retrieve your access to the account/s from Dashlane

It is strictly prohibited to populate the Production accounts with dummy data for internal testing purposes while the access is granted to the account (unless there is a special request for that directly from the Client). For any testing purposes and checks you must create a separate testing circle with no access limitations.