{ "$TMF_VERSION": "1.4", "PublicationDateTime": "2021-04-26T00:00:00.000Z", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53 r4, Privacy Control TR-2: System of Records Notices and Privacy Act Statements.", "Keywords": [ "800-53", "NIST", "Privacy", "Privacy Act Statements", "Records Notices", "System", "Transparency" ], "Issuer": { "Identifier": "https://trustmarkinitiative.org/", "PrimaryContact": { "Email": "help@trustmarkinitiative.org", "Telephone": "555-555-5555", "Kind": "PRIMARY", "WebsiteURL": "https://trustmarkinitiative.org/", "Responder": "" }, "Name": "TMI" }, "Sources": [{ "Identifier": "SP800-53R4", "Reference": "NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4<\/a>.", "$id": "source-2112165102" }], "Name": "NIST SP 800-53 r4 Privacy Control TR-2: System of Records Notices and Privacy Act Statements", "TrustExpression": "TD_ref1 and TD_ref2 and TD_ref3 and TD_ref4", "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-privacy-control-tr-2_-system-of-records-notices-and-privacy-act-statements/4/", "Version": "4", "References": {"TrustmarkDefinitionRequirements": [ { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/system-of-records-notices-published/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization publishes System of Records Notices (SORNs) in the Federal Register, subject to required oversight processes, for systems containing personally identifiable information (PII).", "Number": 1, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/system-of-records-notices-published/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization publishes System of Records Notices (SORNs) in the Federal Register, subject to required oversight processes, for systems containing personally identifiable information (PII).", "Number": 1, "Version": "1.0", "Name": "System of Records Notices Published" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "System of Records Notices Published", "$id": "TD_ref1" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/system-of-records-notices-kept-current/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization keeps System of Records Notices (SORNs) in the Federal Register current.", "Number": 2, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/system-of-records-notices-kept-current/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization keeps System of Records Notices (SORNs) in the Federal Register current.", "Number": 2, "Version": "1.0", "Name": "System of Records Notices Kept Current" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "System of Records Notices Kept Current", "$id": "TD_ref2" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/privacy-act-statements-included-on-separate-forms/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization includes U.S. Privacy Act Statements on separate forms that can be retained by individuals to provide additional formal notice to individuals from whom the information is being collected.", "Number": 3, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/privacy-act-statements-included-on-separate-forms/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization includes U.S. Privacy Act Statements on separate forms that can be retained by individuals to provide additional formal notice to individuals from whom the information is being collected.", "Number": 3, "Version": "1.0", "Name": "Privacy Act Statements Included On Separate Forms" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Privacy Act Statements Included On Separate Forms", "$id": "TD_ref3" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/privacy-act-statements-included-on-forms-that-collect-pii/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization includes U.S. Privacy Act Statements on its forms that collect PII to provide additional formal notice to individuals from whom the information is being collected.", "Number": 4, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/privacy-act-statements-included-on-forms-that-collect-pii/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization includes U.S. Privacy Act Statements on its forms that collect PII to provide additional formal notice to individuals from whom the information is being collected.", "Number": 4, "Version": "1.0", "Name": "Privacy Act Statements Included On Forms That Collect PII" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Privacy Act Statements Included On Forms That Collect PII", "$id": "TD_ref4" } ]}, "Primary": "false", "LegalNotice": "This document and the information contained herein is provided on an \"AS IS\" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.", "$Type": "TrustInteroperabilityProfile" }