Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CIPP/US > Introduction to Privacy > Flashcards

Introduction to Privacy Flashcards

1
Q

In 1890, the American, Louis Brandeis and Samuel Warren published which publication?

A

The Right to Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The “Right to Privacy” publication defined privacy as _____________________?

A

The right to be left alone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

_______________ is defined as the desire of people to freely choose the circumstances and the degree to which individuals will expose their attitudes and behavior to others.

A

Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the four classes of privacy?

A

Information Privacy
Bodily Privacy
Territorial Privacy
Communications Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

_______________ Privacy are rules that govern the collection and handling of personal information.

A

Information Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Personal information, financial information, medical information, government records and records of a person’s activities on the internet are examples of _________________ Privacy.

A

Information Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

_______________ Privacy is focused on a person’s physical being and invasion thereof.

A

Bodily Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Drug Testing, genetic testing, body cavity searches, abortion and adoption are examples of _____________ Privacy.

A

Bodily Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

________________ Privacy refers to limitations on intruding into another individual’s environment.

A

Territorial Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Invasion into ______________ Privacy typically takes the form of monitoring, such as video surveillance, ID checks, and use of similar technology.

A

Territorial Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

True or False?

In Territorial Privacy, another individual’s “environment” is limited to the home.

A

False

Environment is not limited to the home but may include the workplace or public space.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

_______________ Privacy protects the means of correspondence.

A

Communication Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Phone conversations, postal mail, email and other forms of communication are examples of ___________________ Privacy.

A

Communication Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The industry standard in assessing risk is:

Risk = ________ X ________ X _________

A

Risk = Threat x Vulnerability x Expected Loss

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The ________ associated with a company’s information technology is directly related to threats, vulnerabilities and expected loss.

A

Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

_____________ are any circumstances that may cause an undesirable event.

A

Threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Data breach is an example of a ___________.

A

Threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

____________ are weaknesses in an organization’s information systems policies or procedures.

A

Vulnerabilities

19
Q

When a threat exploits a vulnerability, a __________ causes risk to occur.

A

Security Event

20
Q

________ = Probability of an event occuring
X
Expected Loss associated with event

A

Risk for a particular security event

21
Q

_________ Act lays out the basic rules for agency enforcement actions.

A

Administrative Procedure Act

22
Q

Fair Information Practices (FIPs) are also known as ________________________.

A

Fair Information Practice Principles (FIPPs)

23
Q

___________ have been used since the 1970’s as a means for organizing individual’s privacy rights and organizing personal information (PI) responsibilities.

A

Fair Information Practices (FIPs)
also known as
Fair Information Practice Principles (FIPPs)

24
Q

___________ dates back to a 1973 report by the US Department of Health, Education and Welfare Advisory Committee on Automated Systems.

A

Fair Information Practices (FIPs)
also known as
Fair Information Practice Principles (FIPPs)

25
Fair Information Practices (FIPs) have ______ categories.
Four
26
What are the Fair Information Practices (FIPs) categories?
Rights of Individuals Controls on Information Information Life Cycle Management
27
Notice, choice/consent and data subject access refer to which FIPs category?
Rights of Individuals
28
True or False | Organizations should provide notice about their privacy policies and procedures.
True
29
___________ identifies the purpose personal information (PI) is collected, used, retained and disclosed.
Notice
30
___________ can be implicit or explicit with respect to the collection, use, retention and disclosure of personal information (PI).
Consent
31
In reference to the "Rights of Individuals" FIPs category, ___________ is important when disclosing personal information (PI) to other data controllers.
Consent
32
In reference to the "Rights of Individuals" FIPs category, ___________ occurs when organizations provide access to an individual's personal information (PI) for review and update.
Data Subject Access
33
Information Security and Information Quality refer to which FIPs category?
Controls on the Information
34
___________ refers to using reasonable administrative, technical and physical safeguards to protect personal information (PI) against unauthorized use, disclosure, modification and destruction.
Information Security
35
__________ refers to maintaining accurate, complete and relevant personal information (PI) for the purposes identified in the notice.
Information Quality
36
Collection, Use and Retention and Disclosure refer to which FIPs category?
Information Lifecycle
37
In reference to the "Information Lifecycle" FIPs category, ___________ refers to gathering personal information only for the purposes identified in the notice.
Collection
38
True or False | Organizations should limit the use of personal information (PI) to the purposes identified in the notice only.
False Organizations should limit the use of personal information (PI) to the purposes identified in the notice and where the individual has provided implicit or explicit consent.
39
True or False | Organizations should retain personal information (PI) for at least two (2) years.
False | Organizations should retain personal information (PI) for only as long as necessary to fulfill the stated purpose.
40
True or False | Organizations should disclose personal information (PI) to third parties for the purposes identified in the notice only.
False Organizations should disclose personal information (PI) to third parties for the purposes identified in the notice and where the individual has provided implicit or explicit consent.
41
Management, administration, monitoring and enforcement refer to which FIPs category?
Management
42
In reference to the "Management" FIPs category, ___________ and ___________ refers to when organizations define, document, communicate, and assign accountability for their privacy policies and procedures.
Management and Administration
43
In reference to the "Management" FIPs category, ___________ and ___________ occurs when organizations monitor compliance with their privacy policies and procedures and have procedures to address privacy-related complaints and disputes.
Monitoring and Enforcement

CIPP/US (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions