AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

Provide formal notice to individuals | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Provide formal notice to individuals
Id 95eb7d09-9937-5df9-11d9-20317e3f60df
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1864 - Provide formal notice to individuals
Additional metadata Name/Id: CMA_C1864 / CMA_C1864
Category: Operational
Title: Provide formal notice to individuals
Ownership: Customer
Description: The customer is responsible for including Privacy Act Statements on its forms that collect PII, or on separate forms that can be retained by individuals, to provide additional formal notice to individuals from whom the information is being collected
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 3 compliance controls are associated with this Policy definition 'Provide formal notice to individuals' (95eb7d09-9937-5df9-11d9-20317e3f60df)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
hipaa 1906.06.c1Organizational.2-06.c hipaa-1906.06.c1Organizational.2-06.c 1906.06.c1Organizational.2-06.c 19 Data Protection & Privacy 1906.06.c1Organizational.2-06.c 06.01 Compliance with Legal Requirements Shared n/a The organization documents compliance with the notice requirements by retaining copies of the notices issued by the organization for a period of six years and, if applicable, any written acknowledgements of receipt of the notice or documentation of good faith efforts to obtain such written acknowledgement. 4
hipaa 1907.06.c1Organizational.3-06.c hipaa-1907.06.c1Organizational.3-06.c 1907.06.c1Organizational.3-06.c 19 Data Protection & Privacy 1907.06.c1Organizational.3-06.c 06.01 Compliance with Legal Requirements Shared n/a The organization documents restrictions in writing and formally maintains such writing, or an electronic copy of such writing, as an organizational record for a period of six years. 4
hipaa 1908.06.c1Organizational.4-06.c hipaa-1908.06.c1Organizational.4-06.c 1908.06.c1Organizational.4-06.c 19 Data Protection & Privacy 1908.06.c1Organizational.4-06.c 06.01 Compliance with Legal Requirements Shared n/a The organization documents and maintains (i) designated record sets that are subject to access by individuals, and (ii) titles of the persons or office responsible for receiving and processing requests for access by individuals as organizational records for a period of six years. 11
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 95eb7d09-9937-5df9-11d9-20317e3f60df
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC