https://artifacts.trustmarkinitiative.org/lib/tips/acm-privacy-recommendations---accountability/1.0/ACM Privacy Recommendations - Accountability1.0Profile of Accountability requirements from the Association for Computing Machinery (ACM) Privacy Recommendations2018-04-10T00:00:00.000ZfalseThis artifact is published by the Georgia Tech Research Institute (GTRI) as part of the Trustmark Initiative. This artifact and the information contained herein is provided on an "AS IS" basis, and GTRI disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, GTRI disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.https://trustmarkinitiative.org/Trustmark InitiativePRIMARYTrustmark Supporthelp@trustmarkinitiative.org555-555-5555https://trustmarkinitiative.org/https://artifacts.trustmarkinitiative.org/lib/tds/accountability---audit-logs/1.0/1Accountability - Audit Logs1.0Defines privacy requirements related the enforcement of adherence to privacy polices through audit logs.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---authorized-parties---risks/1.0/2Accountability - Authorized Parties - Risks1.0Defines privacy requirements organizations to ensure that parties most able to mitigate potential privacy risks are authorized to do so.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---authorized-parties---violations/1.0/3Accountability - Authorized Parties - Violations1.0Defines privacy requirements organizations to ensure that parties most able to mitigate potential privacy violation incidents are authorized to do so.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---collection/1.0/4Accountability - Collection1.0Defines privacy requirements related to the promotion of accountability for how sensitive information is collected.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---equipped-parties---risks/1.0/5Accountability - Equipped Parties - Risks1.0Defines privacy requirements organizations to ensure that parties most able to mitigate potential privacy risks are equipped to do so.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---equipped-parties---violations/1.0/6Accountability - Equipped Parties - Violations1.0Defines privacy requirements organizations to ensure that parties most able to mitigate potential privacy violation incidents are equipped to do so.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---independent-audits/1.0/7Accountability - Independent Audits1.0Defines privacy requirements for enforcing adherence to privacy policies through independent audits.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---internal-reviews/1.0/8Accountability - Internal Reviews1.0Defines privacy requirements for enforcing adherence to privacy policies through internal reviews.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---maintenance/1.0/9Accountability - Maintenance1.0Defines privacy requirements for organizations to promote accountability for how sensitive information is maintained.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---motivated-parties---risks/1.0/10Accountability - Motivated Parties - Risks1.0Defines privacy requirements organizations to ensure that parties most able to mitigate potential privacy risks are motivated to do so.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---motivated-parties---violations/1.0/11Accountability - Motivated Parties - Violations1.0Defines privacy requirements organizations to ensure that parties most able to mitigate potential privacy violation incidents are motivated to do so.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---sanctions/1.0/12Accountability - Sanctions1.0Defines privacy requirements for enforcing adherence to privacy policies through sanctions for policy violations.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---sharing/1.0/13Accountability - Sharing1.0Defines privacy requirements for organizations to promote accountability for how sensitive information is shared.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---training---risks/1.0/14Accountability - Training - Risks1.0Defines privacy requirements organizations to ensure that parties most able to mitigate potential privacy risks are trained to do so.https://artifacts.trustmarkinitiative.org/lib/tds/accountability---training---violations/1.0/15Accountability - Training - Violations1.0Defines privacy requirements organizations to ensure that parties most able to mitigate potential privacy violation incidents are trained to do so.https://artifacts.trustmarkinitiative.org/lib/tds/data-quality-and-integrity---provenance/1.0/16Data Quality and Integrity - Provenance1.0Defines privacy requirements for organizations to maintain provenance over sensitive information.AccessAdequacyAdministrative safeguardsAdopted Authentication Scheme
(Adopted Scheme)AdoptionApproved Encryption MethodAssertionAssertion ReferenceAudit CriteriaAuthenticationAuthentication ProtocolBearer AssertionBiometricBona FidesCertification (Certify)ChoiceClaimantCollect/CollectionComparabilityConfidentialityCorrective measuresCredential Service Provider (CSP)Cross-certifiedCryptographicData commissionerData controllerData processorData protectionData protection authorityData protection officeData subjectDeceptive trade practicesDirect Assertion ModelDisclose/DisclosureDispute resolutionE-Authentication CredentialEntropyEU Data Protection Directive (EU Directive)European Economic Area (EEA)European Union (EU)Federal Trade Commission (FTC)Full Legal NameHealth InformationHolder-of-key AssertionIdentityIdentity ProofingIndirect Assertion ModelIndividualIndividually Identifiable Health Information (IIHI)Individually Identifiable Information (III)IntegrityIssuanceLevel of Assurance (LOA)Member stateMin-EntropyMulti-factor AuthenticationMulti-token AuthenticationNetworkNon-repudiationNonceNoticeOpenOpt-inOpt-outOut of BandPersonal dataPersonal Health Information (PHI)Personal Identifying Information (PII)Personal informationPersons and EntitiesPhysical safeguardsPossession and Control of a TokenPrivacyPrivacy policyPrivacy seal programPrivacy statementProcessing of personal dataProof of Possession ProtocolPseudonymPublicly available informationRegistrationRegistration AuthorityRelying Party (RP)Safe HarborSaltSecuritySensitive InformationSensitive information controllerSensitive Personal information (SPI)Shared SecretSPOStrong Man in the Middle ResistanceStrongly Bound CredentialsSubscriberTechnical safeguardsThreatTokenToken AuthenticatorTransborder flows of personal dataTransparentTrust CriteriaTrust FrameworkTrust Framework Provider (TFP)UseVerifierWeak Man in the Middle ResistanceWeakly Bound Credentials