https://artifacts.trustmarkinitiative.org/lib/tds/access---authentication/1.0/Access - Authentication1.0Defines privacy requirements related to individuals' ability to obtain their sensitive information.2018-04-10T00:00:00.000Zhttps://trustmarkinitiative.org/Trustmark InitiativePRIMARYTrustmark Supporthelp@trustmarkinitiative.org555-555-5555https://trustmarkinitiative.org/This artifact is published by the Georgia Tech Research Institute (GTRI) as part of the Trustmark Initiative. This artifact and the information contained herein is provided on an "AS IS" basis, and GTRI disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, GTRI disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.PrivacyAccessAdequacyAdministrative safeguardsAdopted Authentication Scheme
(Adopted Scheme)AdoptionApproved Encryption MethodAssertionAssertion ReferenceAudit CriteriaAuthenticationAuthentication ProtocolBearer AssertionBiometricBona FidesCertification (Certify)ChoiceClaimantCollect/CollectionComparabilityConfidentialityCorrective measuresCredential Service Provider (CSP)Cross-certifiedCryptographicData commissionerData controllerData processorData protectionData protection authorityData protection officeData subjectDeceptive trade practicesDirect Assertion ModelDisclose/DisclosureDispute resolutionE-Authentication CredentialEntropyEU Data Protection Directive (EU Directive)European Economic Area (EEA)European Union (EU)Federal Trade Commission (FTC)Full Legal NameHealth InformationHolder-of-key AssertionIdentityIdentity ProofingIndirect Assertion ModelIndividualIndividually Identifiable Health Information (IIHI)Individually Identifiable Information (III)IntegrityIssuanceLevel of Assurance (LOA)Member stateMin-EntropyMulti-factor AuthenticationMulti-token AuthenticationNetworkNon-repudiationNonceNoticeOpenOpt-inOpt-outOut of BandPersonal dataPersonal Health Information (PHI)Personal Identifying Information (PII)Personal informationPersons and EntitiesPhysical safeguardsPossession and Control of a TokenPrivacyPrivacy policyPrivacy seal programPrivacy statementProcessing of personal dataProof of Possession ProtocolPseudonymPublicly available informationRegistrationRegistration AuthorityRelying Party (RP)Safe HarborSaltSecuritySensitive InformationSensitive information controllerSensitive Personal information (SPI)Shared SecretSPOStrong Man in the Middle ResistanceStrongly Bound CredentialsSubscriberTechnical safeguardsThreatTokenToken AuthenticatorTransborder flows of personal dataTransparentTrust CriteriaTrust FrameworkTrust Framework Provider (TFP)UseVerifierWeak Man in the Middle ResistanceWeakly Bound CredentialsHHS-PSFU.S. Department of Health and Human Services (HHS) Privacy and Security Framework, December 15, 20081C-1Individuals should be able to obtain their individually identifiable health information consistent with security needs for authentication of the individual.Section II, Individual Access]]>1Access - AuthenticationDoes the organization require individuals to be able to obtain their sensitive information consistent with security needs for authentication of the individual?A1InformationTypesInformation TypesENUM_MULTIPIIPHIIIIIIHIOthertrue