| Trustmark Definition Name | Version |
|---|---|
|
Defines privacy requirements related to the ease of use for mechanisms use to obtain user confirmation of information transmissions.
|
1.0 |
|
Defines privacy requirements for user confirmation of information transmissions to be specific to the authentication transaction.
|
1.0 |
|
Defines privacy requirements for users to be able to opt out of using non-required attributes.
|
1.0 |
|
Defines privacy requirements related to organizations enabling individuals to opt out of having their sensitive information used for direct marketing.
|
1.0 |
|
Defines privacy requirements related to confirming the identity of individuals requesting to out of having their sensitive information used for direct marketing.
|
1.0 |
|
Defines privacy requirements related to positive confirmation of user information or attributes transmitted as part of an opt in process.
|
1.0 |
|
Defines privacy requirements related to sensitive information controllers NOT being required to provide mechanisms for individuals to exercise choice when collecting public information.
|
1.0 |
|
Defines privacy requirements related to sensitive information controllers NOT being required to provide mechanisms for individuals to exercise choice when disclosing public information.
|
1.0 |
|
Defines privacy requirements related to sensitive information controllers NOT being required to provide mechanisms for individuals to exercise choice when using public information.
|
1.0 |
|
Defines privacy requirements related to organizations requiring opt in choice for certain types of processing of their sensitive information.
|
1.0 |
|
Defines privacy requirements related to users' ability to permit or deny transmission of specific information that is not required.
|
1.0 |
|
Defines privacy requirements related to the ability of individuals to make informed decisions about the use of their sensitive information.
|
1.0 |
|
Addresses the requirement for ensuring physical intrusion monitoring of CA equipment.
|
1.0 |
|
Addresses the requirement for the construction of the facilities housing organization Certificate Authority (CA) equipment to be consistent with facilities used to house high value, sensitive information.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization establishes and institutionalizes contact with selected groups and associations within the security community to maintain currency with recommended security practices, techniques, and technologies.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization establishes and institutionalizes contact with selected groups and associations within the security community to facilitate ongoing security education and training for organizational personnel.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization establishes and institutionalizes contact with selected groups and associations within the security community to share current security-related information including threats, vulnerabilities, and incidents.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system generates audit records containing additional organization-defined information.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system provides centralized management and configuration of audit records.
|
1.0 |
|
Addresses key usage requirements for PKI Content Signing certificates.
|
1.0 |
|
Specifies that a health care related organization must have policies to assess the relative criticality of specific applications and data in support of other contingency plan components.
|
1.0 |
|
Specifies that a health care related organization must implement procedures to assess the relative criticality of specific applications and data in support of other contingency plan components.
|
1.0 |
|
Specifies that a health care related organization must have policies to create and maintain retrievable exact copies of electronic protected health information.
|
1.0 |
|
Specifies that a health care related organization must establish and implement procedures to create and maintain retrievable exact copies of electronic protected health information.
|
1.0 |
|
Specifies that a health care related organization must have policies to restore any loss of data.
|
1.0 |
