Module 1 and 2

Question 1

Information privacy

Answer 1

Establishes rules that govern the collection and handling of personal information

Question 2

Communications privacy

Answer 2

Establishes protection of the means of correspondence

Question 3

Bodily privacy

Answer 3

Establishes protections of a person’s physical being and any invasion thereof

Question 4

Territorial privacy

Answer 4

Establishes placing limits on the ability to intrude into another individual’s environment

Question 5

Fair Information Practices

Answer 5

Rights of individuals, controls on the information, the information lifecycle and management

Question 6

Rights of individuals

Answer 6

Notice, choice and consent, data subject access

Question 7

Controls on the information

Answer 7

Informationsecurity,integrityandquality

Question 8

Management

Answer 8

Managementandadministration;monitoringandenforcement;demonstrating
compliance

Question 9

Information lifecycle

Answer 9

Collection, use and retention, disclosure and destruction

Question 10

Data protection authority

Answer 10

Enforces privacy or data protection laws and regulations. U.S. has no national data protection authority per se, but several groups oversee privacy matters (FTC, state attorneys general, federal financial regulators)

Question 11

Data controller

Answer 11

An organization or individual with the authority to decide how and why information about data subjects is to be processed

Question 12

Data subject

Answer 12

An individual about whom information is being processed. Example: Consumer, employee, patient

Question 13

Data processo

Answer 13

An organization or individual, often a third-party outsourcing service that processes data on behalf of the data controller

Question 14

Public records

Answer 14

Real estate records, birth and death records, licensing records, statistical data

Question 15

Publicly available information

Answer 15

Telephone books, public media, newspapers, search engine results

Question 16

Nonpublic information

Answer 16

Medical records, financial information, customer databases, adoption records

Question 17

Rules that govern the collection and handling of personal information regarding Internet activity can be categorized as what type of privacy?

Answer 17

Information privacy

Question 18

Which authority does oversee privacy-related issues in the U.S.

Answer 18

The Federal Trade Commission (FTC)
State attorneys general
Federal financial regulators

Question 19

Which types of personal information may qualify as sensitive personal information?

Answer 19

Social Security number Bank account number Driver’s license number, Medical history

Question 20

The Executive Branch

Answer 20

enforces laws

Question 21

The Legislative Branch

Answer 21

makes laws

Question 22

The Judicial Branch

Answer 22

interprets the law and determines whether the laws are constitutional.

Question 23

Case law

Answer 23

When final decisions are made by judges in court cases,

Question 24

Common law

Answer 24

These laws refer to legal principles that have developed over time through judicial decisions and contrast with statutory laws. doctor-patient and attorney-client confidentiality are examples

Question 25

Consent decree

Answer 25

are agreements or settlements that resolve a dispute between two parties without admission of guilt or liability.

Question 26

Contract law

Answer 26

a legally binding contract that must include an offer, such as terms of agreement, acceptance by the person to whom the offer was made, and consideration, which is the bargained-for exchange, as in money, property or services.

Question 27

Tort law

Answer 27

are civil wrongs recognized by law as having the grounds for lawsuits.

Question 28

Private right of action

Answer 28

The ability of an individual harmed by a violation of a law to file a lawsuit against the violator

Question 29

Jurisdiction

Answer 29

The authority of a court to hear a particular case

Question 30

Preemption

Answer 30

A superior government’s ability to have its laws supersede those of an inferior government

Question 31

Authority

Answer 31

Permission to regulate a field of activity or a singular activity, which is outlined by legislation

Question 32

Federal Trade Commission (FTC)

Answer 32

has the general authority to enforce rules against unfair and deceptive trade practices.

Question 33

Department of Health and Human Services (HHS):

Answer 33

created regulations to protect the privacy and security of healthcare information. It is responsible for the enforcement of HIPAA laws.

Question 34

Federal Communications Commission (FCC)

Answer 34

places significant compliance regulations on the marketplace. It governs the communications industry, such as television, radio and telemarketing, and, more recently, with online marketing developing

Question 35

U.S. Department of Commerce (DOC)

Answer 35

lays a leading role in federal privacy policy development and administers the Privacy Shield Framework between the United States and the EU.

Question 36

Federal Reserve Board

Answer 36

enforces provisions by specific financial mandates, such as the Gramm-Leach-Bliley Act (or GLBA)

Question 37

State Attorney General:

Answer 37

is the chief legal advisor to the state government, as well as the state's chief law enforcement officer. They may take enforcement action on a state's unfair and deceptive practice laws, HIPAA, GLBA, the Telemarketing Sales Rule and violations of breach notification laws.

Question 38

Office of the Comptroller of the Currency (OCC):

Answer 38

is an independent bureau of the U.S. Department of the Treasury. It regulates and supervises all national and federal banks and savings institutions, including agencies of foreign banks.

Question 39

Self-regulatory programs and trust marks:

Answer 39

refers to many approaches to privacy protection. Many industry groups create and monitor their own privacy guidelines and practices. Government agencies, such as the FTC, may be involved in enforcement and adjudication