Introduction to Privacy Flashcards Preview

CIPP/US > Introduction to Privacy > Flashcards

Flashcards in Introduction to Privacy Deck (43)
Loading flashcards...
1

In 1890, the American, Louis Brandeis and Samuel Warren published which publication?

The Right to Privacy

2

The "Right to Privacy" publication defined privacy as _____________________?

The right to be left alone

3

_______________ is defined as the desire of people to freely choose the circumstances and the degree to which individuals will expose their attitudes and behavior to others.

Privacy

4

What are the four classes of privacy?

Information Privacy
Bodily Privacy
Territorial Privacy
Communications Privacy

5

_______________ Privacy are rules that govern the collection and handling of personal information.

Information Privacy

6

Personal information, financial information, medical information, government records and records of a person's activities on the internet are examples of _________________ Privacy.

Information Privacy

7

_______________ Privacy is focused on a person's physical being and invasion thereof.

Bodily Privacy

8

Drug Testing, genetic testing, body cavity searches, abortion and adoption are examples of _____________ Privacy.

Bodily Privacy

9

________________ Privacy refers to limitations on intruding into another individual's environment.

Territorial Privacy

10

Invasion into ______________ Privacy typically takes the form of monitoring, such as video surveillance, ID checks, and use of similar technology.

Territorial Privacy

11

True or False?
In Territorial Privacy, another individual's "environment" is limited to the home.

False
Environment is not limited to the home but may include the workplace or public space.

12

_______________ Privacy protects the means of correspondence.

Communication Privacy

13

Phone conversations, postal mail, email and other forms of communication are examples of ___________________ Privacy.

Communication Privacy

14

The industry standard in assessing risk is:
Risk = ________ X ________ X _________

Risk = Threat x Vulnerability x Expected Loss

15

The ________ associated with a company's information technology is directly related to threats, vulnerabilities and expected loss.

Risk

16

_____________ are any circumstances that may cause an undesirable event.

Threats

17

Data breach is an example of a ___________.

Threat

18

____________ are weaknesses in an organization's information systems policies or procedures.

Vulnerabilities

19

When a threat exploits a vulnerability, a __________ causes risk to occur.

Security Event

20

________ = Probability of an event occuring
X
Expected Loss associated with event

Risk for a particular security event

21

_________ Act lays out the basic rules for agency enforcement actions.

Administrative Procedure Act

22

Fair Information Practices (FIPs) are also known as ________________________.

Fair Information Practice Principles (FIPPs)

23

___________ have been used since the 1970's as a means for organizing individual's privacy rights and organizing personal information (PI) responsibilities.

Fair Information Practices (FIPs)
also known as
Fair Information Practice Principles (FIPPs)

24

___________ dates back to a 1973 report by the US Department of Health, Education and Welfare Advisory Committee on Automated Systems.

Fair Information Practices (FIPs)
also known as
Fair Information Practice Principles (FIPPs)

25

Fair Information Practices (FIPs) have ______ categories.

Four

26

What are the Fair Information Practices (FIPs) categories?

Rights of Individuals
Controls on Information
Information Life Cycle
Management

27

Notice, choice/consent and data subject access refer to which FIPs category?

Rights of Individuals

28

True or False
Organizations should provide notice about their privacy policies and procedures.

True

29

___________ identifies the purpose personal information (PI) is collected, used, retained and disclosed.

Notice

30

___________ can be implicit or explicit with respect to the collection, use, retention and disclosure of personal information (PI).

Consent