AzPolicyAdvertizer

last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

Publish SORNs for systems containing PII

Name Publish SORNs for systems containing PII
Azure Portal
Id 898a5781-2254-5a37-34c7-d78ea7c20d55
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1862 - Publish SORNs for systems containing PII
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)		 none
Rule
Aliases
Rule
ResourceTypes		 IF (1)
Microsoft.Resources/subscriptions
Compliance The following 3 compliance controls are associated with this Policy definition 'Publish SORNs for systems containing PII' (898a5781-2254-5a37-34c7-d78ea7c20d55)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
hipaa 1906.06.c1Organizational.2-06.c hipaa-1906.06.c1Organizational.2-06.c 1906.06.c1Organizational.2-06.c 19 Data Protection & Privacy 1906.06.c1Organizational.2-06.c 06.01 Compliance with Legal Requirements Shared n/a The organization documents compliance with the notice requirements by retaining copies of the notices issued by the organization for a period of six years and, if applicable, any written acknowledgements of receipt of the notice or documentation of good faith efforts to obtain such written acknowledgement. 4
hipaa 1907.06.c1Organizational.3-06.c hipaa-1907.06.c1Organizational.3-06.c 1907.06.c1Organizational.3-06.c 19 Data Protection & Privacy 1907.06.c1Organizational.3-06.c 06.01 Compliance with Legal Requirements Shared n/a The organization documents restrictions in writing and formally maintains such writing, or an electronic copy of such writing, as an organizational record for a period of six years. 4
hipaa 1908.06.c1Organizational.4-06.c hipaa-1908.06.c1Organizational.4-06.c 1908.06.c1Organizational.4-06.c 19 Data Protection & Privacy 1908.06.c1Organizational.4-06.c 06.01 Compliance with Legal Requirements Shared n/a The organization documents and maintains (i) designated record sets that are subject to access by individuals, and (ii) titles of the persons or office responsible for receiving and processing requests for access by individuals as organizational records for a period of six years. 11
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 898a5781-2254-5a37-34c7-d78ea7c20d55
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
JSON