graphgrc

SCF - PRI-07 - Information Sharing With Third Parties

Mechanisms exist to disclose Personal Data (PD) to third-parties only for the purposes identified in the data privacy notice and with the implicit or explicit consent of the data subject.

Mapped framework controls

GDPR

• Art 15.2
• Art 20.2
• Art 26.1
• Art 26.2
• Art 26.3
• Art 44
• Art 45.1
• Art 45.2
• Art 46.1
• Art 46.2
• Art 46.3
• Art 47.1
• Art 47.2
• Art 48
• Art 49.1
• Art 49.2
• Art 49.6
• Art 6.1
• Art 6.4

ISO 27002

• A.5.33

NIST 800-53

• AC-21

SOC 2

• P6.1

Control questions

Does the organization disclose Personal Data (PD) to third-parties only for the purposes identified in the data privacy notice and with the implicit or explicit consent of the data subject?

This site is open source. Improve this page.