| Trustmark Definition Name | Version |
|---|---|
|
Defines privacy requirements for organizations to document the types of user actions and permissions controlled by the organization's access limitations identified in the organization's privacy policy.
|
1.0 |
|
Defines privacy requirements for organizations to keep an audit trail of access to and disclosure of information they retain.
|
1.0 |
|
Defines privacy requirements for organizations to document the types of accesses and disclosures of information they retain that are recorded in an audit trail. .
|
1.0 |
|
Defines privacy requirements for organizations to document their policies on confirming the existence or nonexistence of information to persons or other parties that are not eligible to receive the information.
|
1.0 |
|
Defines privacy requirements for organizations to document the conditions under which access to and disclosure of records they retain will be provided to those responsible for public health.
|
1.0 |
|
Defines privacy requirements for organizations to document the conditions under which access to and disclosure of records they retain will be provided to those responsible for public protection.
|
1.0 |
|
Defines privacy requirements for organizations to document the conditions under which access to and disclosure of records they retain will be provided to those responsible for public safety.
|
1.0 |
|
Defines privacy requirements for organizations to document the conditions under which access to and disclosure of records they retain will be provided for specific purposes in response to requests by persons authorized by law.
|
1.0 |
|
Defines privacy requirements for organizations to document the circumstances under which access to and disclosure of a record containing sensitive information may be provided to a member of the public in response to an information request.
|
1.0 |
|
Defines privacy requirements for organizations to have a defined a policy to permit access to and disclosure of a record containing sensitive information to a member of the public in response to an emergency situation.
|
1.0 |
|
Defines privacy requirements for organizations to require third parties that access information from them to follow the disclosure law applicable to the originating party.
|
1.0 |
|
Defines privacy requirements for organizations to document the categories of records that will ordinarily NOT be provided to the public pursuant to applicable legal authority.
|
1.0 |
|
Defines privacy requirements for organizations to require third parties that access information from them to obtain approval from the originator of the information prior to further dissemination.
|
1.0 |
|
Defines privacy requirements for organizations to document the circumstances under which it will NOT disclose records and information.
|
1.0 |
|
Defines privacy requirements an organization's SAR information sharing process to comply with the ISE Functional Standard for suspicious activity reporting.
|
1.0 |
|
Defines privacy requirements for organizations to use a standard reporting format and commonly accepted data collection codes for SAR information.
|
1.0 |
|
Defines privacy requirements for organizations that contract with commercial databases to document how they ensure that the commercial database entity is in legal compliance in its information-gathering techniques.
|
1.0 |
|
Defines privacy requirements for organizations to have their privacy policies available to the public.
|
1.0 |
|
Defines privacy requirements related organizations identifying who is subject to and who must comply with their security policy.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops policies that minimize the use of personally identifiable information (PII) for research.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops policies that minimize the use of personally identifiable information (PII) for testing.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops policies that minimize the use of personally identifiable information (PII) for training.
|
1.0 |
|
Defines privacy requirements for organizations to identify how its privacy policy is made available to personnel, third parties, and individual users.
|
1.0 |
|
Defines privacy requirements related to the responsibilities of an organization's designated Privacy Officer.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops procedures that minimize the use of personally identifiable information (PII) for research.
|
1.0 |
