| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for verifying that an organization keeps an accurate accounting of disclosures of information held in each system of records under its control, including the date of each disclosure of a record.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization keeps an accurate accounting of disclosures of information held in each system of records under its control, including the name and address of the person or agency to which the disclosure was made.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization keeps an accurate accounting of disclosures of information held in each system of records under its control, including the nature of each disclosure of a record.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization keeps an accurate accounting of disclosures of information held in each system of records under its control, including the purpose of each disclosure of a record.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization makes the accounting of disclosures available to the person named in the record upon request.
|
1.0 |
|
Defines privacy requirements for organizations to document applicable laws and methods it may employ when seeking and receiving information.
|
1.0 |
|
Defines privacy requirements for organizations to document the primary laws with which personnel and participating users must comply.
|
1.0 |
|
Defines privacy requirements for organizations to document the primary laws with which internal operating policies must be in compliance.
|
1.0 |
|
Defines privacy requirements for maintaining an audit trail of accessed organization-held data.
|
1.0 |
|
Defines privacy requirements keeping a log of accessed organization-held data.
|
1.0 |
|
Defines privacy requirements for maintaining an audit trail of disseminated organization-held data.
|
1.0 |
|
Defines privacy requirements keeping a log of disseminated organization-held data.
|
1.0 |
|
Defines privacy requirements for electronic access to the organization's data to log the identity of users.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization determines and documents the legal authority that permits the general collection of personally identifiable information (PII).
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization determines and documents the legal authority that permits the collection of personally identifiable information (PII) in support of a specific program or information system need.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization determines and documents the legal authority that permits the general maintenance of personally identifiable information (PII).
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization determines and documents the legal authority that permits the maintenance of personally identifiable information (PII) in support of a specific program or information system need.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization determines and documents the legal authority that permits the general sharing of personally identifiable information (PII).
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization determines and documents the legal authority that permits the sharing of personally identifiable information (PII) in support of a specific program or information system need.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization determines and documents the legal authority that permits the general use of personally identifiable information (PII).
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization determines and documents the legal authority that permits the use of personally identifiable information (PII) in support of a specific program or information system need.
|
1.0 |
|
Defines privacy requirements to ensure that the organization's Privacy Officer or privacy oversight committee approves all analytical products.
|
1.0 |
|
Defines privacy requirements for organizations to identify who is authorized to analyze information acquired or accessed by the organization.
|
1.0 |
|
Defines privacy requirements for organizations to document what information acquired or accessed by the organization is analyzed.
|
1.0 |
|
Defines privacy requirements for organizations to document the purpose(s) for which information acquired or accessed by the organization is analyzed.
|
1.0 |
