Common use of Implementation Specifications Clause in Contracts

Implementation Specifications. Such policies and procedures would: 1. Identify the Non-Exchange Entity’s Designated Security and Privacy Official(s), if applicable, and/or identify other personnel authorized to access PII and responsible for reporting and managing Incidents or Breaches to CMS; 2. Provide details regarding the identification, response, recovery, and follow-up of Incidents and Breaches, which should include information regarding the potential need for CMS to immediately suspend or revoke access to the Hub, if applicable, for containment purposes; and 3. Require reporting of any security and privacy Incident or Breach of PII to the CMS IT Service Desk by telephone at (▇▇▇) ▇▇▇-▇▇▇▇ or ▇-▇▇▇-▇▇▇-▇▇▇▇ or via email notification at ▇▇▇_▇▇_▇▇▇▇▇▇▇_▇▇▇▇@▇▇▇.▇▇▇.▇▇▇ within one hour after discovery of the Incident or Breach.

Implementation Specifications. Such policies and procedures would: 1. Identify the Non-Exchange Entity’s Designated Security and Privacy Official(s), if applicable, and/or identify other personnel authorized to access PII and responsible for reporting and managing Incidents or Breaches to CMS; 2. Provide details regarding the identification, response, recovery, and follow-up of Incidents and Breaches, which should include information regarding the potential need for CMS to immediately suspend or revoke access to the Hub, if applicable, Hub for containment purposes; and 3. Require reporting of any security and privacy Incident or Breach of PII to the CMS IT Service Desk by telephone at (▇▇▇) ▇▇▇-▇▇▇▇ or ▇-▇▇▇-▇▇▇-▇▇▇▇ or via email notification at ▇▇▇_▇▇_▇▇▇▇▇▇▇_▇▇▇▇@▇▇▇.▇▇▇.▇▇▇ within one hour after discovery of the Incident or Breach.