| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for verifying that an organization provides effective notice to the public and to individuals regarding its authority for collecting PII.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The organization must promptly revise and distribute its notice whenever there is a material change to the privacy notice.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization's Privacy Notice describes the PII the organization collects and the purpose(s) for which it collects that information.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization's Privacy Notice describes how the organization uses PII internally.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization's Privacy Notice describes whether the organization shares PII with external entities, the categories of those entities, and the purposes for such sharing.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization's Privacy Notice describes how individuals may obtain access to PII.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization's Privacy Notice describes whether individuals have the ability to consent to specific uses or sharing of PII and how to exercise any such consent.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization's Privacy Notice describes how the PII will be protected.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain the name, or title, and telephone number of a person or office to contact for further information or complaints.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain a statement that the organization is required to abide by the terms of the notice currently in effect.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain a statement that the organization is required by law to maintain the privacy of PHI.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain a statement that the organization is required by law to notify affected individuals following a breach of unsecured PHI.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain a statement that the organization is required by law to provide individuals with notice of its legal duties and privacy practices with respect to PHI.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain a statement that describes how it will provide individuals with a revised privacy notice.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain a statement that it reserves the right to change the terms of its notice and to make the new notice provisions effective for all protected health information that it maintains.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must inform the individual that the group health plan, or a health insurance issuer or HMO with respect to a group health plan, may disclose protected health information to the sponsor of the plan.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain the date on which the notice is first in effect.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain a statement that individuals may complain to the organization and to the Secretary if they believe their privacy rights have been violated.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain provisions to notify an individual and be able to opt out of receiving fundraising communications.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain a prescribed header.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain a statement of the individual's rights with respect to PHI and a brief description of how the individual may exercise these rights.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain a description of the types of permitted uses and disclosures for the purposes of treatment, payment, and health care operations.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain provisions, if a stated use or disclosure for any purpose is prohibited or materially limited by other applicable law, to reflect the more stringent law.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice, excluding an issuer of a long-term care policy, must contain a statement that PHI that is genetic information cannot be used for underwriting purposes for a health plan.
|
1.0 |
|
Specifies requirements for part of the contents of the privacy notice for individuals. If the organization limits uses or disclosures more than provided by the privacy notice requirements, the organization may not include in its notice a limitation affecting its right to make a use or disclosure that is required by law.
|
1.0 |
