| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for verifying that an organization ensures that asset location technologies are employed in accordance with applicable federal laws, Executive Orders, directives, regulations, policies, standards, and guidance.
|
1.0 |
|
Specifies that a health care related organization must identify the security official who is responsible for the development and implementation of the policies and procedures required by the Security Rule.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for assignment of identifiers as related to overall identification and authentication requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for assignment of personnel position risk designations as related to overall personnel security requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for assistance and support resources for incident response as related to overall incident response requirements.
|
1.0 |
|
Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 28(3)(e).
|
1.0 |
|
Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 28(3)(d).
|
1.0 |
|
Specifies that a health care related organization must implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.
|
1.0 |
|
Specifies that a health care related organization must implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization periodically reviews and updates events to be audited.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system provides the capability for [Assignment: organization-defined individuals or roles] to change the auditing to be performed on [Assignment: organization-defined information system components] based on [Assignment: organization-defined selectable event criteria] within [Assignment: organization-defined time thresholds].
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system produces a system-wide (logical or physical) audit trail composed of audit records in a standardized format.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system compiles audit records from into a time-correlated system-wide audit trail.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for audit processing failure actions as related to overall audit and accountability requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for audit processing failure alerts as related to overall audit and accountability requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for audit record generation capability as related to overall audit and accountability requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for audit record retention as related to overall audit and accountability requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs organization-defined measures to ensure that long-term audit records generated by the information system can be retrieved.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system provides an audit reduction and report generation capability that does not alter the original content or time ordering of audit records.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an audit reduction and report generation capability.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system provides the capability to process audit records for events of interest based on organization-defined audit fields within audit records.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system provides the capability to sort and search audit records for events of interest based on the content of organization-defined audit fields within audit records.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization adjusts the level of audit review, analysis, and reporting within the information system when there is a change in risk based on law enforcement information, intelligence information, or other credible sources of information.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system provides the capability to centrally review and analyze audit records from multiple components within the system.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization analyzes and correlates audit records across different repositories.
|
1.0 |
