Common use of Standard Operating Procedures Clause in Contracts

Standard Operating Procedures. Enrollment Assister shall incorporate privacy and security standards and implementation specifications, where appropriate, in its standard operating procedures that are associated with functions involving the creation, collection, disclosure, access, maintenance, storage, or use of PII. The privacy and security standards and implementation specifications shall be written in plain language and shall be available to all of the Enrollment Assister’s workforce members, subcontractors, and agents, whose responsibilities entail the creation, collection, maintenance, storage, access, or use of PII. 3.15.1 The aforementioned procedures shall ensure Enrollment Assister’s cooperation with PHIEA in resolving any Incident or Breach, including (if requested by PHIEA) the return or destruction of any PII files it received under this Agreement; the provision of a formal response to an allegation of unauthorized PII use, reuse, or disclosure; and/or the submission of a corrective action plan with steps designed to prevent any future unauthorized uses, reuses, or disclosures. 3.15.2 The standard operating procedures must be designed and implemented to ensure the Enrollment Assister and its workforce, subcontractors, and agents comply with the standards and implementation specifications contained herein, and must be reasonably designed, taking into account the size and the type of activities that relate to PII undertaken by the Enrollment Assister, to ensure such compliance.

Standard Operating Procedures. Enrollment Assister The Non•Exchange Entity shall incorporate privacy and security standards and implementation specifications, where appropriate, in its standard operating procedures that are associated with functions involving the creation, collection, disclosure, access, maintenance, storage, or use of PII. Implementation Specifications for Standard 6.2: (a) The privacy and security standards and implementation specifications shall be written in plain language and shall be available to all of the Enrollment AssisterNon•Exchange Entity’s workforce members, subcontractors, and agents, Workforce members whose responsibilities entail the creation, collection, maintenance, storage, access, or use of PII. 3.15.1 (b) The aforementioned procedures shall ensure Enrollment Assisterthe Non­Exchange Entity’s cooperation with PHIEA YHI in resolving any Incident or Breach, including (if requested by PHIEAYHI) the return or destruction of any PII files it received under this the Agreement; the provision of a formal response to an allegation of unauthorized PII use, reuse, reuse or disclosure; and/or the submission of a corrective action plan with steps designed to prevent any future unauthorized uses, reuses, reuses or disclosures. 3.15.2 (c) The standard operating procedures must be designed and implemented to ensure the Enrollment Assister Non•Exchange Entity and its workforce, subcontractors, and agents Workforce comply with the standards and implementation specifications contained herein, and must be reasonably designed, taking into account the size and the type of activities that relate to PII undertaken by the Enrollment AssisterNon-Exchange Entity, to ensure such compliance.