Trustmark Definitions (1-25 of 3247)

Trustmark Definition Name Version
Addresses requirements for identity source documents used for identity proofing to be from the list of acceptable documents included in Form I-9, OMB No. 1115-0136, Employment Eligibility Verification.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for acceptance criteria as related to overall system and services acquisition requirements.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for acceptance of federal PIV credentials for non-organizational users as related to overall identification and authentication requirements.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for acceptance of PIV credentials as related to overall identification and authentication requirements.
1.0
Defines privacy requirements related to individuals' ability to obtain their sensitive information.
1.0
Defines privacy requirements related to individuals obtaining sensitive information that is held about them.
1.0
Defines privacy requirements related to organizations providing individuals access to sensitive information about them that the organization holds, and applicable exceptions.
1.0
Defines privacy requirements related to individuals obtaining confirmation of whether or not sensitive information is held about them.
1.0
Defines privacy requirements for mechanisms to allow individuals to determine the purposes for which their sensitive information has been shared.
1.0
Defines privacy requirements for mechanisms to allow individuals to determine with which parties their sensitive information has been shared.
1.0
Defines privacy requirements for organizations to establish an individual's right to inspect their stored sensitive information.
1.0
Defines privacy requirements for organizations to support an individual's right to inspect their stored sensitive information.
1.0
Defines conformance and assessment criteria for verifying that an organization notifies individuals of applicable, legally binding post-employment requirements for protection of organizational information.
1.0
Defines conformance and assessment criteria for verifying that an organization requires individuals to sign an acknowledgment of legally binding post-employment requirements for protection of organizational information, if applicable, as part of granting initial access to covered information.
1.0
Defines conformance and assessment criteria for verifying that an organization ensures that access to U.S. classified information requiring special protection is granted only to individuals who: (a) Have a valid access authorization that is demonstrated by assigned official government duties; (b) Satisfy associated personnel security criteria; and (c) Have read, understood, and signed a nondisclosure agreement.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for access authorizations as related to overall access control requirements.
1.0
Defines conformance and assessment criteria for verifying that an organization has defined information system access authorizations to support separation of duties.
1.0
Specifies that a health care related organization must implement electronic procedures that terminate an electronic session after a predetermined time of inactivity.
1.0
Specifies that a health care related organization must establish (and implement as needed) procedures for obtaining necessary electronic protected health information during an emergency.
1.0
Specifies that a health care related organization must implement a mechanism to encrypt and decrypt electronic protected health information.
1.0
Specifies that a health care related organization must implement technical policies and procedures for electronic information systems that maintain electronic protected health information to allow access only to those persons or software programs that have been granted access rights as specified in Section 164.308(a)(4).
1.0
Specifies that a health care related organization must assign a unique name and/or number for identifying user identity.
1.0
Specifies that a health care related organization must assign a unique name and/or number for tracking user identity.
1.0
Defines conformance and assessment criteria for verifying that an organization establishes procedures to ensure organization-defined access control decisions are applied to each access request prior to access enforcement.
1.0
Defines conformance and assessment criteria for verifying that an information system enforces access control decisions based on organization-defined security attributes that do not include the identity of the user or process acting on behalf of the user.
1.0
This page is also available as JSON and XML.