AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

Collect PII directly from the individual | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Collect PII directly from the individual
Id 964b340a-43a4-4798-2af5-7aedf6cb001b
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1822 - Collect PII directly from the individual
Additional metadata Name/Id: CMA_C1822 / CMA_C1822
Category: Operational
Title: Collect PII directly from the individual
Ownership: Customer
Description: The customer is responsible for collecting PII directly from the individual to the greatest extent practicable.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 1 compliance controls are associated with this Policy definition 'Collect PII directly from the individual' (964b340a-43a4-4798-2af5-7aedf6cb001b)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
SOC_2 P3.2 SOC_2_P3.2 SOC 2 Type 2 P3.2 Additional Criteria For Privacy Personal information explicit consent Shared The customer is responsible for implementing this recommendation. • Obtains Explicit Consent for Sensitive Information — Explicit consent is obtained directly from the data subject when sensitive personal information is collected, used, or disclosed, unless a law or regulation specifically requires otherwise. • Documents Explicit Consent to Retain Information — Documentation of explicit consent for the collection, use, or disclosure of sensitive personal information is retained in accordance with objectives related to privacy. 2
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
SOC 2 Type 2 4054785f-702b-4a98-9215-009cbd58b141 Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-13 16:35:29 add 964b340a-43a4-4798-2af5-7aedf6cb001b
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC