Trustmark Definitions (176-200 of 3247)

Trustmark Definition Name Version
Specifies that a covered entity must have policies and procedures to permit an individual to request that a covered entity amend, in a timely manner, protected health information or a record about the individual, subject to certain restrictions and limitations.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for analysis of vulnerability scan reports as related to overall risk assessment requirements.
1.0
Addresses the requirement for annual PKI compliance audits.
1.0
Defines conformance and assessment criteria for verifying that an organization physically or logically separates user interface services from information storage and management services.
1.0
Defines conformance and assessment criteria for verifying that an information system separates user functionality (including user interface services) from information system management functionality.
1.0
Defines conformance and assessment criteria for verifying that an information system prevents the presentation of information system management-related functionality at an interface for non-privileged users.
1.0
Addresses the requirement that only applications related to the operation of a PKI Certificate Authority are installed.
1.0
Specifies that a covered entity must have in place appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information by limiting disclosure to required or permitted uses.
1.0
Specifies that a covered entity must have in place appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information by preventing disclosure that is in violation of regulations.
1.0
Specifies that a covered entity must have and apply appropriate sanctions against members of its workforce who fail to comply with the privacy policies and procedures.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for approval of non-local maintenance as related to overall maintenance requirements.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for approval of system maintenance activities as related to overall maintenance requirements.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for assessment of security controls as related to overall certification accreditation and security assessments requirements.
1.0
Defines conformance and assessment criteria for verifying that an organization carefully assess the inventory of components that compose their information systems to determine applicable security controls.
1.0
Defines conformance and assessment criteria for verifying that an organization employs organization-defined asset location technologies to track and monitor the location and movement of organization-defined assets within organization-defined controlled areas.
1.0
Defines conformance and assessment criteria for verifying that an organization ensures that asset location technologies are employed in accordance with applicable federal laws, Executive Orders, directives, regulations, policies, standards, and guidance.
1.0
Specifies that a health care related organization must identify the security official who is responsible for the development and implementation of the policies and procedures required by the Security Rule.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for assignment of identifiers as related to overall identification and authentication requirements.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for assignment of personnel position risk designations as related to overall personnel security requirements.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for assistance and support resources for incident response as related to overall incident response requirements.
1.0
Specifies that a health care related organization must implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.
1.0
Specifies that a health care related organization must implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.
1.0
Defines conformance and assessment criteria for verifying that an organization periodically reviews and updates events to be audited.
1.0
Defines conformance and assessment criteria for verifying that an information system provides the capability for [Assignment: organization-defined individuals or roles] to change the auditing to be performed on [Assignment: organization-defined information system components] based on [Assignment: organization-defined selectable event criteria] within [Assignment: organization-defined time thresholds].
1.0
Defines conformance and assessment criteria for verifying that an information system produces a system-wide (logical or physical) audit trail composed of audit records in a standardized format.
1.0
This page is also available as JSON and XML.