5.5: Explain privacy and sensitive data concepts in relation to security.

Question 1

Organizational Consequences of Privacy Breaches

Answer 1

Fines
IP Theft
Identity Theft
Reputation Damage

Question 2

EXAM TIP

Answer 2

Be aware that organizational consequences of data privacy breaches can result in reputational damage, identify theft, fines, or IP theft.

Question 3

Notifications of Breaches

Answer 3

Escalation

Public Notifications and Disclosures

Question 4

Data Types

Answer 4

Classifications

Effective data classification programs include measures to ensure data sensitivity labeling and handling so that personnel know whether data is sensitive and understand the levels of protection required. When the data is inside an information-processing system, the protections should be designed into the system.

Public;Private;Private;Confidential;Critical;Proprietary

Question 5

EXAM TIP

Answer 5

Learn the differences between the data sensitivity labels so you can compare and contrast the terms confidential, private, public, and proprietary. The differences are subtle but will be important to determine the correct answer.

Question 6

Personally Identifiable Information (PII)

Answer 6

When information is about a person, failure to protect it can have specific consequences. Business secrets are protected through trade secret laws, government information is protected through laws concerning national security, and privacy laws protect information associated with people. A set of elements that can lead to the specific identity of a person is referred to as personally identifiable information (PII). By definition, PII can be used to identify a specific individual, even if an entire set is not disclosed.

Question 7

EXAM TIP

Answer 7

PII refers to information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual.

Question 8

Health Information

Answer 8

The Health Insurance Portability and Accountability Act (HIPAA) regulations define protected health information (PHI) as “any information, whether oral or recorded in any form or medium” that

Question 9

Privacy-Enhancing Technologies

Answer 9

One principal connection between information security and privacy is that without information security, you cannot have privacy. If privacy is defined as the ability to control information about oneself, then the aspects of confidentiality, integrity, and availability from information security become critical elements of privacy. Just as technology has enabled many privacy-impacting issues, technology also offers the means in many cases to protect privacy. An application or tool that assists in such protection is called a privacy-enhancing technology (PET).

Question 10

Data Minimization

Answer 10

Data minimization is one of the most powerful privacy-enhancing technologies. In a nutshell, it involves not keeping what you don’t need. Limiting the collection of personal information to that which is directly relevant and necessary to accomplish a specified purpose still allows the transactions to be accomplished, but it also reduces risk from future breaches and disclosures by not keeping “excess” data.

Question 11

Data Masking

Answer 11

Data masking involves the hiding of data by substituting altered values. A mirror version of a database is created, and data modification techniques such as character shuffling, encryption, and word or character substitution are applied to change the data.

Question 12

Tokenization

Answer 12

Tokenization is the use of a random value to take the place of a data element that has traceable meaning. A good example of this is when you have a credit card approval, you do not need to keep a record of the card number, the cardholder’s name, or any of the sensitive data concerning the card verification code (CVC) because the transaction agent returns an approval code, which is a unique token to that transaction.

Question 13

Anonymization

Answer 13

Data anonymization is the process of protecting private or sensitive information by removing identifiers that connect the stored data to an individual. Separating the PII elements such as names, Social Security numbers, and addresses from the remaining data through a data anonymization process retains the usefulness of the data but keeps the connection to the source anonymous.

Question 14

Pseudo-Anonymization

Answer 14

Pseudo-anonymization is a de-identification method that replaces private identifiers with fake identifiers or pseudonyms (for example, replacing the value of the name identifier “Mark Sands” with “John Doe”). Not all uniquely identifying fields are changed because some, such as date of birth, may need to be preserved to maintain statistical accuracy.

Question 15

Roles and Responsibilities

Answer 15

Data Owners

Data Controller

Question 16

Data Owners

Answer 16

All data elements in an organization should have defined requirements for security, privacy, retention, and other business functions. It is the responsibility of the designated data owner to define these requirements.

Question 17

Data Controller

Answer 17

he data controller is the person responsible for managing how and why data is going to be used by the organization. In the era of GDPR and other privacy laws and regulations, this is a critical position because, under GDPR and other privacy laws, the data controller is the position responsible for protecting the privacy and rights of the data’s subject, such as the user of a website.

Question 18

Data Processor

Answer 18

The data processor is the entity that processes data given to it by the data controller. Data processors do not own the data, nor do they control it. Their role is the manipulation of the data as part of business processes. Data processors can be personnel or systems; an example of a system is the use of Google Analytics to manipulate certain elements of data, making them useful for business analysts.

Question 19

Data Custodian/Steward

Answer 19

A data custodian or data steward is the role responsible for the day-to-day caretaking of data. The data owner sets the relevant policies, and the steward or custodian ensures they are followed.

Question 20

Data Privacy Officer (DPO)

Answer 20

The data privacy officer (DPO) is the C-level executive who is responsible for establishing and enforcing data privacy policy and addressing legal and compliance issues. Data minimization initiatives are also the responsibility of the data privacy officer. Storing data that does not have any real business value only increases the odds of disclosure.

Question 21

Information Lifecycle

Answer 21

Information has a lifecycle—a beginning, a middle, and, at some point, an end. Understanding the lifecycle of information assets—from the point of collection, use, and storage as well as how the assets are shared, protected, and ultimately destroyed—is important if one is to properly handle the information.

Question 22

Impact Assessment

Answer 22

A privacy impact assessment (PIA) is a structured approach to determining the gap between desired privacy performance and actual privacy performance. A PIA is an analysis of how PII is handled through business processes and an assessment of risks to the PII during storage, use, and communication.