Privacy and Security Documentation. In order to receive approval to participate in DE and utilize an approved DE Environment, Web-brokers must submit the complete set of documents outlined in Table 1 of Appendix A: Privacy and Security Standards for Web-brokers to CMS, except as noted in the “Submission Requirements” column and must comply with the privacy and security audit requirements under Section IX of this Agreement. The annual assessment results that serve as the basis for the documentation in Table 1 of Appendix B: Annual Security and Privacy Assessment (SPA) are only valid for a period of 365 Days from the completion date of the assessment. Web-brokers must complete the continuous monitoring requirements detailed in the Information Security and Privacy Continuous Monitoring (ISCM)
Appears in 2 contracts
Sources: Web Broker Agreement, Web Broker Agreement