5.5: Explain privacy and sensitive data concepts in relation to security. Flashcards
Organizational Consequences of Privacy Breaches
Fines
IP Theft
Identity Theft
Reputation Damage
EXAM TIP
Be aware that organizational consequences of data privacy breaches can result in reputational damage, identify theft, fines, or IP theft.
Notifications of Breaches
Escalation
Public Notifications and Disclosures
Data Types
Classifications
Effective data classification programs include measures to ensure data sensitivity labeling and handling so that personnel know whether data is sensitive and understand the levels of protection required. When the data is inside an information-processing system, the protections should be designed into the system.
Public;Private;Private;Confidential;Critical;Proprietary
EXAM TIP
Learn the differences between the data sensitivity labels so you can compare and contrast the terms confidential, private, public, and proprietary. The differences are subtle but will be important to determine the correct answer.
Personally Identifiable Information (PII)
When information is about a person, failure to protect it can have specific consequences. Business secrets are protected through trade secret laws, government information is protected through laws concerning national security, and privacy laws protect information associated with people. A set of elements that can lead to the specific identity of a person is referred to as personally identifiable information (PII). By definition, PII can be used to identify a specific individual, even if an entire set is not disclosed.
EXAM TIP
PII refers to information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual.
Health Information
The Health Insurance Portability and Accountability Act (HIPAA) regulations define protected health information (PHI) as “any information, whether oral or recorded in any form or medium” that
Privacy-Enhancing Technologies
One principal connection between information security and privacy is that without information security, you cannot have privacy. If privacy is defined as the ability to control information about oneself, then the aspects of confidentiality, integrity, and availability from information security become critical elements of privacy. Just as technology has enabled many privacy-impacting issues, technology also offers the means in many cases to protect privacy. An application or tool that assists in such protection is called a privacy-enhancing technology (PET).
Data Minimization
Data minimization is one of the most powerful privacy-enhancing technologies. In a nutshell, it involves not keeping what you don’t need. Limiting the collection of personal information to that which is directly relevant and necessary to accomplish a specified purpose still allows the transactions to be accomplished, but it also reduces risk from future breaches and disclosures by not keeping “excess” data.
Data Masking
Data masking involves the hiding of data by substituting altered values. A mirror version of a database is created, and data modification techniques such as character shuffling, encryption, and word or character substitution are applied to change the data.
Tokenization
Tokenization is the use of a random value to take the place of a data element that has traceable meaning. A good example of this is when you have a credit card approval, you do not need to keep a record of the card number, the cardholder’s name, or any of the sensitive data concerning the card verification code (CVC) because the transaction agent returns an approval code, which is a unique token to that transaction.
Anonymization
Data anonymization is the process of protecting private or sensitive information by removing identifiers that connect the stored data to an individual. Separating the PII elements such as names, Social Security numbers, and addresses from the remaining data through a data anonymization process retains the usefulness of the data but keeps the connection to the source anonymous.
Pseudo-Anonymization
Pseudo-anonymization is a de-identification method that replaces private identifiers with fake identifiers or pseudonyms (for example, replacing the value of the name identifier “Mark Sands” with “John Doe”). Not all uniquely identifying fields are changed because some, such as date of birth, may need to be preserved to maintain statistical accuracy.
Roles and Responsibilities
Data Owners
Data Controller