| Trustmark Definition Name | Version |
|---|---|
|
Specifies that a health care related organization must establish (and implement as needed) procedures to restore any loss of data.
|
1.0 |
|
Specifies that a health care related organization must have policies to enable continuation of critical business processes for protection of the security of electronic protected health information while operating in emergency mode.
|
1.0 |
|
Specifies that a health care related organization must establish (and implement as needed) procedures to enable continuation of critical business processes for protection of the security of electronic protected health information while operating in emergency mode.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization tests the contingency plan at the alternate processing site to evaluate the capabilities of the alternate processing site to support contingency operations.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization tests the contingency plan at the alternate processing site to familiarize contingency personnel with the facility and available resources.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated mechanisms to more thoroughly and effectively test the contingency plan.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization coordinates contingency plan testing with organizational elements responsible for related plans.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization includes a full recovery and reconstitution of the information system to a known state as part of contingency plan testing.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization plans for the transfer of essential missions and business functions to alternate processing and/or storage sites with little or no loss of operational continuity and sustains that continuity through information system restoration to primary processing and/or storage sites.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization conducts capacity planning so that necessary capacity for information processing, telecommunications, and environmental support exists during contingency operations.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization plans for the continuance of essential missions and business functions with little or no loss of operational continuity and sustains that continuity until full information system restoration at primary processing and/or storage sites.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization coordinates its contingency plan with the contingency plans of external service providers to ensure that contingency requirements can be satisfied.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization coordinates contingency plan development with organizational elements responsible for related plans.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization identifies critical information system assets supporting essential missions and business functions.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization plans for the resumption of all missions and business functions within a defined time period of contingency plan activation.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization plans for the resumption of essential missions and business functions within a defined period after contingency plan activation.
|
1.0 |
|
Specifies that a health care related organization must have policies for periodic testing and revision of contingency plans.
|
1.0 |
|
Specifies that a health care related organization must implement procedures for periodic testing and revision of contingency plans.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated mechanisms to provide a more thorough and realistic contingency training environment.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization incorporates simulated events into contingency training to facilitate effective response by personnel in crisis situations.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for continuous monitoring - reporting as related to overall certification accreditation and security assessments requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for continuous monitoring metrics as related to overall certification accreditation and security assessments requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for continuous monitoring response actions as related to overall certification accreditation and security assessments requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs assessors or assessment teams with the independence to monitor the security controls in the information system on an ongoing basis.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs trend analyses to determine if security control implementations, the frequency of continuous monitoring activities, and/or the types of activities used in the continuous monitoring process need to be modified based on empirical data.
|
1.0 |
