Security - Protection from Unauthorized Access, v1.0

Defines privacy requirements related to the protection of sensitive information from unauthorized access.

Assessment Step

1
Security - Protection From Unauthorized Access (Security-ProtectionFromUnauthorizedAccess)
Does the organization take reasonable precautions to protect sensitive information from unauthorized access?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.
Parameter
Information Typesrequired
ENUM_MULTI : Select the type(s) of sensitive information that apply.
  • PII
  • PHI
  • III
  • IIHI
  • Other

Conformance Criteria (1)

C-1
The organization takes reasonable precautions to protect personal information from unauthorized access.
Citation
SAFE-HARBOR
Security