An error occurred:
Close sidebar
Xylok
Home Menu
[email protected]
© 2024
Xylok, LLC
Version: v2024.04.1-c0c9-98fb
Xylok
Home Menu
[email protected]
© 2024
Xylok, LLC
Version: v2024.04.1-c0c9-98fb
Open sidebar
Navigate
Top
Search
CCIs (
3551
)
Pages (
117/119
)
CCIs
Number
Definition
Status
Related
CCI-003528
The organization ensures that individuals are aware of all uses of personally identifiable information (PII) not initially described in the public notice that was in effect at the time the organization collected the PII.
Draft
IP-1
CCI-003529
The organization ensures that individuals, where feasible, consent to all uses of personally identifiable information (PII) not initially described in the public notice that was in effect at the time the organization collected the PII.
Draft
IP-1
CCI-003530
The organization implements mechanisms to support itemized or tiered consent for specific uses of personally identifiable information (PII) data.
Draft
IP-1 (1)
CCI-003531
The organization provides individuals the ability to have access to their personally identifiable information (PII) maintained in its system(s) of records.
Draft
IP-2
CCI-003532
The organization publishes rules and regulations governing how individuals may request access to records maintained in a Privacy Act system of records.
Draft
IP-2
CCI-003533
The organization publishes regulations governing how individuals may request access to records maintained in a Privacy Act system of records.
Deprecated
IP-2
CCI-003534
The organization publishes access procedures for Privacy Act systems of records in System of Records Notices (SORNs).
Draft
IP-2
CCI-003535
The organization adheres to Privacy Act requirements for the proper processing of Privacy Act requests.
Draft
IP-2
CCI-003536
The organization adheres to OMB policies and guidance for the proper processing of Privacy Act requests.
Draft
IP-2
CCI-003537
The organization provides a process for individuals to have inaccurate personally identifiable information (PII) maintained by the organization corrected or amended, as appropriate.
Draft
IP-3
CCI-003538
The organization establishes a process for disseminating corrections or amendments of the personally identifiable information (PII) to other authorized users of the PII, such as external information-sharing partners.
Draft
IP-3
CCI-003539
The organization establishes a process, where feasible and appropriate, to notify affected individuals that their personally identifiable information (PII) information has been corrected or amended.
Draft
IP-3
CCI-003540
The organization implements a process for receiving complaints, concerns, or questions from individuals about the organizational privacy practices.
Draft
IP-4
CCI-003541
The organization implements a process for responding to complaints, concerns, or questions from individuals about the organizational privacy practices.
Draft
IP-4
CCI-003542
The organization defines the time period within which it must respond to complaints, concerns, or questions from individuals about the organizational privacy practices.
Draft
IP-4 (1)
CCI-003543
The organization responds to complaints, concerns, or questions from individuals about the organizational privacy practices within the organization-defined time period.
Draft
IP-4 (1)
CCI-003544
The organization defines the frequency on which it will update the inventory that contains a listing of all programs and information systems identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
SE-1
CCI-003545
The organization establishes an inventory that contains a listing of all programs identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
SE-1
CCI-003546
The organization establishes an inventory that contains a listing of all information systems identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
SE-1
CCI-003547
The organization maintains an inventory that contains a listing of all programs identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
SE-1
CCI-003548
The organization maintains an inventory that contains a listing of all information systems identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
SE-1
CCI-003549
The organization updates, per organization-defined frequency, an inventory that contains a listing of all programs identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
SE-1
CCI-003550
The organization updates, per organization-defined frequency, an inventory that contains a listing of all information systems identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
SE-1
CCI-003551
The organization defines the frequency for providing each update of the personally identifiable information (PII) inventory to the CIO or information security official.
Draft
SE-1
CCI-003552
The organization provides each update of the personally identifiable information (PII) inventory to the CIO or information security official, per organization-defined frequency, to support the establishment of information security requirements for all new or modified information systems containing PII.
Draft
SE-1
CCI-003553
The organization develops a Privacy Incident Response Plan.
Draft
SE-2
CCI-003554
The organization implements a Privacy Incident Response Plan.
Draft
SE-2
CCI-003555
The organization provides an organized and effective response to privacy incidents in accordance with the organizational Privacy Incident Response Plan.
Draft
SE-2
CCI-003556
The organization provides effective notice to the public regarding its activities that impact privacy, including its collection, use, sharing, safeguarding, maintenance, and disposal of personally identifiable information (PII).
Draft
TR-1
CCI-003557
The organization provides effective notice to individuals regarding its activities that impact privacy, including its collection, use, sharing, safeguarding, maintenance, and disposal of personally identifiable information (PII).
Draft
TR-1
Prev
1...
113
114
115
116
117
118
119
Next