Privacy - Misuse Prevention, v1.0

Defines privacy requirements for ensuring that sensitive information protection is designed to prevent the misuse of such information.

Assessment Step

1
Privacy - Misuse Prevention (Privacy-MisusePrevention)
Does the organization ensure that sensitive information protection is designed to prevent the misuse of such information?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.
Parameter
Information Typesrequired
ENUM_MULTI : Select the type(s) of sensitive information that apply.
  • PII
  • PHI
  • III
  • IIHI
  • Other

Conformance Criteria (1)

C-1
Personal information protection should be designed to prevent the misuse of such information.
Citation
APEC
Section 14, Preventing Harm