Trustmark Definitions (151-175 of 3301)

Trustmark Definition Name Version
Specifies that a health care related organization must implement procedures to protect electronic protected health information from improper alteration or destruction and must implement electronic mechanisms to corroborate that electronic protected health information has not been altered or destroyed in an unauthorized manner.
1.0
Addresses the requirement PKI Authorities to convey subscriber responsibilities to them before use of its private key.
1.0
Addresses requirements for establishing that an organization requires a Federal Government-issued Picture I.D. for the purpose of identity proofing.
1.0
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-6: USAGE NOTICE.
1.0
Defines privacy requirements related to organizations use of sensitive information for purposes other than those specified.
1.0
Defines conformance and assessment criteria for verifying that an organization's baseline security awareness training for authorized personnel with access to sensitive information addresses protection from viruses, worms, Trojan horses, and other malicious code.
1.0
Defines privacy requirements related to sensitive information controllers NOT being required to provide mechanisms for individuals to exercise choice when collecting public information.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for acceptance of PIV credentials as related to overall identification and authentication requirements.
1.0
Defines conformance and assessment criteria for verifying that an organization develops a Privacy Incident Response Plan.
1.0
Defines conformance and assessment criteria for verifying that an information system restricts the use of maintenance tools to authorized personnel only.
1.0
Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to produce a design specification that accurately and completely describes the required security functionality, and the allocation of security controls among physical and logical components.
1.0
Defines conformance and assessment criteria for verifying that an organization retains the accounting of disclosures for the life of the record or five years after the disclosure is made, whichever is longer.
1.0
Defines conformance and assessment criteria for verifying that an organization ensures that device drivers that serve critical functions are stored within the specific virtual machines they service.
1.0
Defines conformance and assessment criteria for verifying that an organization's ISO has been identified as the point of contact for security-related issues for their agency.
1.0
Defines conformance and assessment criteria for verifying that an organization ensures that information security resources are available for expenditure as planned.
1.0
Defines privacy requirements for organizations to attach specific labels and descriptive information to the information they collect and retain that clearly indicate legal restrictions.
1.0
Defines privacy requirements for an organization to have a privacy oversight committee or team.
1.0
Defines conformance and assessment criteria for verifying that an organization revises its public notices to reflect changes in practice or policy that affect PII before the change.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for re-screening of authorized individuals as related to overall personnel security requirements.
1.0
Addresses requirements for rentention and protection of old PKI Certificate Authority private signing keys.
1.0
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that is approved by a senior official with responsibility and accountability for the risk being incurred to organizational assets.
1.0
Specifies requirements for Identity Provider Organizations (IDPOs) that wish to assert the National Identity Exchange Federation (NIEF) Sworn Law Enforcement Officer (SLEO) Indicator attribute on behalf of their users.
1.0
This Trustmark Definition defines conformance and assessment criteria for compliance with security requirements for securing cryptographic module activation data.
1.0
Addresses backup handling for keys used with PKI.
1.0
Defines conformance and assessment criteria for verifying that an organization's baseline security awareness training for authorized personnel with access to sensitive information addresses individual accountability.
1.0
This page is also available as JSON and XML.