Standard: Standard Operating Procedures Sample Clauses
The Standard Operating Procedures clause establishes the requirement for parties to follow specific, predefined processes or protocols in the performance of their contractual obligations. In practice, this means that all relevant activities—such as safety checks, reporting, or quality control—must be conducted according to documented procedures agreed upon by the parties or set by industry standards. This clause ensures consistency, reduces the risk of errors, and provides a clear framework for accountability, thereby minimizing misunderstandings and operational risks.
Standard: Standard Operating Procedures. The Non-Exchange Entity shall incorporate privacy and security standards and implementation specifications, where appropriate, in its standard operating procedures that are associated with functions involving the creation, collection, disclosure, access, maintenance, storage, or use of PII.
i. Implementation Specifications:
1. The privacy and security standards and implementation specifications shall be written in plain language and shall be available to all of the Non- Exchange Entity’s Workforce members, or sub-contractors, whose responsibilities entail the creation, collection, maintenance, storage, access, or use of PII.
2. The procedures shall ensure the Non-Exchange Entity’s cooperation with CMS in resolving any Incident or Breach, including (if requested by CMS) the return or destruction of any PII files it received under the Agreement; the provision of a formal response to an allegation of unauthorized PII use, reuse or disclosure; and/or the submission of a corrective action plan with steps designed to prevent any future unauthorized uses, reuses or disclosures.
3. The standard operating procedures must be designed and implemented to ensure the Non-Exchange Entity and its Workforce, or sub-contractor, comply with the standards and implementation specifications contained herein, and must be reasonably designed, taking into account the size and the type of activities that relate to PII undertaken by the Non-Exchange Entity, to ensure such compliance.
Standard: Standard Operating Procedures. The Non-Exchange Entity shall incorporate privacy and security standards and implementation specifications, where appropriate, in its standard operating procedures that are associated with functions involving the creation, collection, disclosure, access, maintenance, storage, or use of PII.
Standard: Standard Operating Procedures. The Non-Exchange Entity shall incorporate privacy and security standards and implementation specifications, where appropriate, in its standard operating procedures that are associated with functions involving the creation, collection, disclosure, access, maintenance, storage, or use of PII. The EDE Entity must comply with any additional standards 8 ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇▇/Research-Statistics-Data-and-Systems/CMS-Information- Technology/InformationSecurity/Downloads/RMH-Chapter-08-Incident-Response.pdf and implementation specifications described in EDE SSP AR-1: Governance and Privacy Program.