Privacy - Information Retention and Destruction - Record of Scheduled Removal, v1.0

Defines privacy requirements for organizations to keep a record of dates when information is to be removed if not validated prior to the end of its period.

Assessment Step

1
Privacy - Information Retention And Destruction - Record Of Scheduled Removal (Privacy-InformationRetentionAndDestruction-RecordOfScheduledRemoval)
Does the organization keep a record of dates when information is to be removed (purged) if not validated prior to the end of its period?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.
Parameter
Satisfied By Privacy Policyrequired
BOOLEAN : Is the organization's privacy policy the source for all supporting information for satisfying the issuance criteria of this Trustmark Definition? (TRUE=yes)

Conformance Criteria (1)

C-1
Is a record kept of dates when information is to be removed (purged) if not validated prior to the end of its period?
Citation
FCPP
Section M.6, Information Retention and Destruction