https://artifacts.trustmarkinitiative.org/lib/tips/acm-privacy-recommendations---consent/1.0/ACM Privacy Recommendations - Consent1.0Profile of Consent requirements from the Association for Computing Machinery (ACM) Privacy Recommendations2018-04-10T00:00:00.000ZfalseThis artifact is published by the Georgia Tech Research Institute (GTRI) as part of the Trustmark Initiative. This artifact and the information contained herein is provided on an "AS IS" basis, and GTRI disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, GTRI disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.https://trustmarkinitiative.org/Trustmark InitiativePRIMARYTrustmark Supporthelp@trustmarkinitiative.org555-555-5555https://trustmarkinitiative.org/https://artifacts.trustmarkinitiative.org/lib/tds/privacy---consent-for-collection/1.0/1Privacy - Consent for Collection1.0Defines conformance and assessment criteria for verifying that an organization provides means for individuals to authorize the collection of personally identifiable information (PII) prior to its collection.https://artifacts.trustmarkinitiative.org/lib/tds/privacy---consent-for-sharing/1.0/2Privacy - Consent for Sharing1.0Defines conformance and assessment criteria for verifying that an organization provides means for individuals to authorize the sharing of personally identifiable information (PII) prior to its collection.https://artifacts.trustmarkinitiative.org/lib/tds/consent-and-choice---sensitive-information---opt-in-exceptions/1.0/3Consent and Choice - Sensitive Information - Opt In Exceptions1.0Defines privacy requirements related to organizations requiring opt in choice for certain types of processing of their sensitive information.https://artifacts.trustmarkinitiative.org/lib/tds/consent-and-choice---legally-exempt---deletion/1.0/4Consent and Choice - Legally Exempt - Deletion1.0Defines privacy requirements related legal exemptions to providing mechanisms for individuals to delete their sensitive information.https://artifacts.trustmarkinitiative.org/lib/tds/consent-and-choice---legally-exempt---sharing/1.0/5Consent and Choice - Legally Exempt - Sharing1.0Defines privacy requirements related legal exemptions to obtaining consent before sharing individuals' sensitive information.https://artifacts.trustmarkinitiative.org/lib/tds/consent-and-choice---legally-exempt---withdrawal/1.0/6Consent and Choice - Legally Exempt - Withdrawal1.0Defines privacy requirements related legal exemptions to providing mechanisms for individuals to cause the cessation of sharing of their sensitive information.https://artifacts.trustmarkinitiative.org/lib/tds/privacy---consent-prior-to-new-use/1.0/7Privacy - Consent Prior to New Use1.0Defines conformance and assessment criteria for verifying that an organization obtains consent from individuals prior to any new uses of previously collected PII.https://artifacts.trustmarkinitiative.org/lib/tds/termination---mechanism-to-delete-stored-information/1.0/8Termination - Mechanism to Delete Stored Information1.0Defines privacy requirements for organizations to provide a mechanism for individuals to cause prompt deletion of their sensitive information.https://artifacts.trustmarkinitiative.org/lib/tds/termination---mechanism-to-withdraw-sharing-consent/1.0/9Termination - Mechanism to Withdraw Sharing Consent1.0Defines privacy requirements for organizations to provide a mechanism for individuals to cause prompt cessation of sharing of their sensitive information.AccessAdequacyAdministrative safeguardsAdopted Authentication Scheme
(Adopted Scheme)AdoptionApproved Encryption MethodAssertionAssertion ReferenceAudit CriteriaAuthenticationAuthentication ProtocolBearer AssertionBiometricBona FidesCertification (Certify)ChoiceClaimantCollect/CollectionComparabilityConfidentialityCorrective measuresCredential Service Provider (CSP)Cross-certifiedCryptographicData commissionerData controllerData processorData protectionData protection authorityData protection officeData subjectDeceptive trade practicesDirect Assertion ModelDisclose/DisclosureDispute resolutionE-Authentication CredentialEntropyEU Data Protection Directive (EU Directive)European Economic Area (EEA)European Union (EU)Federal Trade Commission (FTC)Full Legal NameHealth InformationHolder-of-key AssertionIdentityIdentity ProofingIndirect Assertion ModelIndividualIndividually Identifiable Health Information (IIHI)Individually Identifiable Information (III)IntegrityIssuanceLevel of Assurance (LOA)Member stateMin-EntropyMulti-factor AuthenticationMulti-token AuthenticationNetworkNon-repudiationNonceNoticeOpenOpt-inOpt-outOut of BandPersonal dataPersonal Health Information (PHI)Personal Identifying Information (PII)Personal informationPersons and EntitiesPhysical safeguardsPossession and Control of a TokenPrivacyPrivacy policyPrivacy seal programPrivacy statementProcessing of personal dataProof of Possession ProtocolPseudonymPublicly available informationRegistrationRegistration AuthorityRelying Party (RP)Safe HarborSaltSecuritySensitive InformationSensitive information controllerSensitive Personal information (SPI)Shared SecretSPOStrong Man in the Middle ResistanceStrongly Bound CredentialsSubscriberTechnical safeguardsThreatTokenToken AuthenticatorTransborder flows of personal dataTransparentTrust CriteriaTrust FrameworkTrust Framework Provider (TFP)UseVerifierWeak Man in the Middle ResistanceWeakly Bound Credentials