CMA_C1820 - Make accounting of disclosures available upon request
Name/Id: CMA_C1820 / CMA_C1820 Category: Operational Title: Make accounting of disclosures available upon request Ownership: Customer Description: The customer is responsible for making the accounting of disclosures available to the person named in the record upon request. Requirements: The customer is responsible for implementing this recommendation.
Default Manual Allowed Manual, Disabled
Rule resource types
IF (1) Microsoft.Resources/subscriptions
The following 2 compliance controls are associated with this Policy definition 'Make accounting of disclosures available upon request' (d4f70530-19a2-2a85-6e0c-0c3c465e3325)
1902.06d1Organizational.2-06.d 06.01 Compliance with Legal Requirements
When required, consent is obtained before any PII (e.g., about a client/customer) is emailed, faxed, or communicated by telephone conversation, or otherwise disclosed to parties external to the organization.
The customer is responsible for implementing this recommendation.
• Identifies Types of Personal Information and Handling Process — The types of personal
information and sensitive personal information and the related processes, systems,
and third parties involved in the handling of such information are identified.
• Captures, Identifies, and Communicates Requests for Information — Requests for
an accounting of personal information held and disclosures of the data subjects’
personal information are captured and information related to the requests is identified
and communicated to data subjects to meet the entity’s objectives related to