Privacy (Additional Criteria)

SOC 2 Accuracy of Personal Information (P7.1)

Mon, Sep 26, 2022 0 0 417 0/5 (0 Vote)

Overview:The entity collects and maintains accurate, up-to-date, complete, and relevant personal information to meet the entity’s objectives related to privacy. Action Items:1) Create an access control policy and related procedures and publish... Read More

SOC 2 Breach and Incident Notification (P6.6)

Mon, Sep 26, 2022 0 0 481 0/5 (0 Vote)

Overview:The entity provides notification of breaches and incidents to affected data subjects, regulators, and others to meet the entity’s objectives related to privacy. Action Items:1) Create an escalation procedure and publish on the company... Read More

SOC 2 Collecting Personal Information (P3.1)

Mon, Sep 26, 2022 0 0 459 0/5 (0 Vote)

Overview:Personal information is collected consistent with the entity’s objectives related to privacy. Action Items:1) Create a privacy notice (externally facing) and privacy policy (internally facing) and publish on the company intranet for... Read More

SOC 2 Communicating to Inquiries, Complaints, and Disputes (P8.1)

Mon, Sep 26, 2022 0 0 432 0/5 (0 Vote)

Overview:The entity implements a process for receiving, addressing, resolving, and communicating the resolution of inquiries, complaints, and disputes from data subjects and others and periodically monitors compliance to meet the entity’s... Read More

SOC 2 Communicating Use of Personal Information (P2.1)

Mon, Sep 26, 2022 0 0 427 0/5 (0 Vote)

Overview:The entity communicates choices available regarding the collection, use, retention, disclosure, and disposal of personal information to the data subjects and the consequences, if any, of each choice. Explicit consent for the collection, use,... Read More

SOC 2 Consent for Disclosing Personal Information (P6.1)

Mon, Sep 26, 2022 0 0 414 0/5 (0 Vote)

Overview:The entity discloses personal information to third parties with the explicit consent of data subjects, and such consent is obtained prior to disclosure to meet the entity’s objectives related to privacy. Action Items:1) Create a... Read More

SOC 2 Consent for Requesting Personal Information (P3.2)

Mon, Sep 26, 2022 0 0 398 0/5 (0 Vote)

Overview:For information requiring explicit consent, the entity communicates the need for such consent, as well as the consequences of a failure to provide consent for the request for personal information, and obtains the consent prior to the... Read More

SOC 2 Correcting Personal Information (P5.2)

Mon, Sep 26, 2022 0 0 410 0/5 (0 Vote)

Overview:The entity corrects, amends, or appends personal information based on information provided by data subjects and communicates such information to third parties, as committed or required, to meet the entity’s objectives related to... Read More

SOC 2 Disposing Personal Information (P4.3)

Mon, Sep 26, 2022 0 0 427 0/5 (0 Vote)

Overview:The entity securely disposes of personal information to meet the entity’s objectives related to privacy. Action Items:1) Create a data retention and disposal policy and related procedures and publish on the company intranet for... Read More

SOC 2 Granting Access to Personal Information (P5.1)

Mon, Sep 26, 2022 0 0 396 0/5 (0 Vote)

Overview:The entity grants identified and authenticated data subjects the ability to access their stored personal information for review and, upon request, provides physical or electronic copies of that information to data subjects to meet the entity... Read More

Results 1 - 10 of 18