last sync: 2023-Jan-27 18:40:07 UTC

Azure Policy definition

Determine legal authority to collect PII

Name Determine legal authority to collect PII
Azure Portal
Id 7d70383a-32f4-a0c2-61cf-a134851968c2
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1800 - Determine legal authority to collect PII
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)
none
Rule
Aliases
Rule
ResourceTypes
IF (1)
Microsoft.Resources/subscriptions
Compliance The following 1 compliance controls are associated with this Policy definition 'Determine legal authority to collect PII' (7d70383a-32f4-a0c2-61cf-a134851968c2)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
SOC_2 P3.1 SOC_2_P3.1 SOC 2 Type 2 P3.1 Additional Criteria For Privacy Consistent personal information collection Shared The customer is responsible for implementing this recommendation. • Limits the Collection of Personal Information — The collection of personal information is limited to that necessary to meet the entity’s objectives. • Collects Information by Fair and Lawful Means — Methods of collecting personal information are reviewed by management before they are implemented to confirm that personal information is obtained (a) fairly, without intimidation or deception, and (b) lawfully, adhering to all relevant rules of law, whether derived from statute or common law, relating to the collection of personal information. • Collects Information From Reliable Sources — Management confirms that third parties from whom personal information is collected (that is, sources other than the individual) are reliable sources that collect information fairly and lawfully. • Informs Data Subjects When Additional Information Is Acquired — Data subjects are informed if the entity develops or acquires additional information about them for its use. 4
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-13 16:35:29 add 7d70383a-32f4-a0c2-61cf-a134851968c2
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
SOC 2 Type 2 4054785f-702b-4a98-9215-009cbd58b141 Regulatory Compliance GA BuiltIn
JSON
changes

JSON