An error occurred:
Close sidebar
Xylok
Home Menu
[email protected]
© 2024
Xylok, LLC
Version: v2024.04.1-c0c9-98fb
Xylok
Home Menu
[email protected]
© 2024
Xylok, LLC
Version: v2024.04.1-c0c9-98fb
Open sidebar
Navigate
Top
Search
CCIs (
3551
)
Pages (
116/119
)
CCIs
Number
Definition
Status
Related
CCI-003498
The organization retains each collection of personally identifiable information (PII) for the organization-defined time period to fulfill the purpose(s) identified in the published privacy notice or as required by law.
Draft
DM-2
CCI-003499
The organization disposes of, destroys, erases, and/or anonymizes the personally identifiable information (PII), regardless of the method of storage, in accordance with a NARA-approved record retention schedule.
Draft
DM-2
CCI-003500
The organization disposes of, destroys, erases, and/or anonymizes the personally identifiable information (PII), regardless of the method of storage, in a manner that prevents loss, theft, misuse, or unauthorized access.
Draft
DM-2
CCI-003501
The organization defines the techniques or methods to be employed to ensure the secure deletion or destruction of personally identifiable information (PII) (including originals, copies, and archived records).
Draft
DM-2
CCI-003502
The organization uses organization-defined techniques or methods to ensure secure deletion or destruction of personally identifiable information (PII) (including originals, copies, and archived records).
Draft
DM-2
CCI-003503
The organization, where feasible, configures its information systems to record the date personally identifiable information (PII) is collected, created, or updated.
Draft
DM-2 (1)
CCI-003504
The organization, where feasible, configures its information systems to record the date personally identifiable information (PII) is created.
Deprecated
DM-2 (1)
CCI-003505
The organization, where feasible, configures its information systems to record the date personally identifiable information (PII) is updated.
Deprecated
DM-2 (1)
CCI-003506
The organization, where feasible, configures its information systems to record when personally identifiable information (PII) is to be deleted or archived under an approved record retention schedule.
Draft
DM-2 (1)
CCI-003507
The organization develops policies that minimize the use of personally identifiable information (PII) for testing.
Draft
DM-3
CCI-003508
The organization develops policies that minimize the use of personally identifiable information (PII) for training.
Draft
DM-3
CCI-003509
The organization develops policies that minimize the use of personally identifiable information (PII) for research.
Draft
DM-3
CCI-003510
The organization develops procedures that minimize the use of personally identifiable information (PII) for testing.
Draft
DM-3
CCI-003511
The organization develops procedures that minimize the use of personally identifiable information (PII) for training.
Draft
DM-3
CCI-003512
The organization develops procedures that minimize the use of personally identifiable information (PII) for research.
Draft
DM-3
CCI-003513
The organization implements controls to protect personally identifiable information (PII) used for testing.
Draft
DM-3
CCI-003514
The organization implements controls to protect personally identifiable information (PII) used for training.
Draft
DM-3
CCI-003515
The organization implements controls to protect personally identifiable information (PII) used for research.
Draft
DM-3
CCI-003516
The organization, where feasible, uses techniques to minimize the risk to privacy of using personally identifiable information (PII) for research.
Draft
DM-3 (1)
CCI-003517
The organization, where feasible, uses techniques to minimize the risk to privacy of using personally identifiable information (PII) for testing.
Draft
DM-3 (1)
CCI-003518
The organization, where feasible, uses techniques to minimize the risk to privacy of using personally identifiable information (PII) for training.
Draft
DM-3 (1)
CCI-003519
The organization provides means, where feasible and appropriate, for individuals to authorize the collection of personally identifiable information (PII) prior to its collection.
Draft
IP-1
CCI-003520
The organization provides means, where feasible and appropriate, for individuals to authorize the use of personally identifiable information (PII) prior to its collection.
Draft
IP-1
CCI-003521
The organization provides means, where feasible and appropriate, for individuals to authorize the maintaining of personally identifiable information (PII) prior to its collection.
Draft
IP-1
CCI-003522
The organization provides means, where feasible and appropriate, for individuals to authorize sharing of personally identifiable information (PII) prior to its collection.
Draft
IP-1
CCI-003523
The organization provides appropriate means for individuals to understand the consequences of decisions to approve or decline the authorization of the collection of personally identifiable information (PII).
Draft
IP-1
CCI-003524
The organization provides appropriate means for individuals to understand the consequences of decisions to approve or decline the authorization of the use of personally identifiable information (PII).
Draft
IP-1
CCI-003525
The organization provides appropriate means for individuals to understand the consequences of decisions to approve or decline the authorization of the dissemination of personally identifiable information (PII).
Draft
IP-1
CCI-003526
The organization provides appropriate means for individuals to understand the consequences of decisions to approve or decline the authorization of the retention of personally identifiable information (PII).
Draft
IP-1
CCI-003527
The organization obtains consent, where feasible and appropriate, from individuals prior to any new uses or disclosure of previously collected personally identifiable information (PII).
Draft
IP-1
Prev
1...
112
113
114
115
116
117
118
119
Next