Privacy - Remedial Measures - Collection, v1.0

Defines privacy requirements for ensuring that remedial measures for the protection of sensitive information are proportionate to the likelihood and severity of the harm threatened by its collection.

Assessment Step

1
Privacy - Remedial Measures - Collection (Privacy-RemedialMeasures-Collection)
Does the organization ensure that remedial measures for the protection of sensitive information are proportionate to the likelihood and severity of the harm threatened by its collection?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.
Parameter
Information Typesrequired
ENUM_MULTI : Select the type(s) of sensitive information that apply.
  • PII
  • PHI
  • III
  • IIHI
  • Other

Conformance Criteria (1)

C-1
Remedial measures for the protection of personal information should be proportionate to the likelihood and severity of the harm threatened by its collection.
Citation
APEC
Section 14, Preventing Harm