When an SDP is required. EIEPs must submit an SDP when one or more of the following circumstances apply: a) to obtain approval for requested access to SSA-provided information for an initial agreement, b) to obtain approval to reestablish previously terminated access to SSA- provided information, c) to obtain approval to implement a new operating or security platform that will involve SSA-provided information, d) to obtain approval for significant changes to the EIEP’s organizational structure, technical processes, operational environment, or security implementations planned or made since approval of their most recent SDP or of their most recent successfully completed security review, e) to confirm compliance when one or more security breaches or incidents involving SSA-provided information occurred since approval of the EIEP’s most recent SDP or of their most recent successfully completed security review, f) to document descriptions and explanations of measures implemented as the result of a data breach or security incident, g) to document descriptions and explanations of measures implemented to resolve non-compliancy issue(s), and h) to obtain a new approval after SSA revoked approval of the most recent SDP
Appears in 4 contracts
Samples: Standard Agreement, Information Exchange Agreement, Information Exchange Agreement
