Chapter 1 - Intro to Privacy Flashcards
_____ privacy is concerned with rules that govern the collection and handling of personal information.
Examples included financial info, medical info, government records and records of a person’s internet activities
Information Privacy
_____ privacy is focused on a personals physical being and an invasion thereof. Invasions can take the form of genetic testing, drug testing, or body cavity searches. This also encompasses issues such as birth control, abortion and adoption.
Bodily Privacy
_____ privacy is concerned with the ability to intrude into another individual’s environment. “Environment” isnt limited to home; it includes workplace or public space. Intrusions typically take the form of monitoring (i.e., video surveillance, ID checks and the like)
Territorial Privacy
_____ privacy encompasses the means of correspondence, including postal mail, phone convos, email and other forms of communication
Communication Privacy
What are FIPs/FIPPs?
- FIP - Fair Information Practices/FIPP - Fair Information Privacy Practices (or Principles)
- FIPS are guidelines for handling, storing and managing data with privacy, security and fairness in an information society that is rapidly evolving.
Examples include:
OECD Guidelines
Convention 108
APEC
What are the 4 main categories of FIPs?
1- rights of individuals
2- controls on the information
3- information lifecycle
4- management
Re: “(FIP) Rights of Individuals”, organizations should address what 3 areas?
1-Notice
2- Choice and Consent
3- Data Subject Access
(FIP) Rights of Individuals - Re: NOTICE, orgs should….
provide notice about their privacy policies and procedures and should identify the purpose for which personal information is collected, used, retained and disclosed.
(FIP) “Rights of Individuals” - Re: CHOICE AND CONSENT orgs should….
describe the che choices available to individuals and should get implicit/explicit consent with respect to the collection, use, retention and disclosure of personal information. Consent is especially important for disclosures of personal info to other data controllers.
(FIP) “Rights of Individuals” - Re: DATA SUBJECT ACCESS, orgs should….
provide individuals with access to their personal info for review and update.
Re: (FIP) “Controls on the Information”, organizations should address what 2 areas?
1- Information Security
2- Information Quality
(FIP) “Controls on the Information” - Re: INFORMATION SECURITY, orgs should…
use reasonable administrative, technical and physical safeguards to protect personal info against unauthorized access, use, disclosure, modification and destruction.
(FIP) “Controls on the Information” - Re: INFORMATION QUALITY, orgs should…
maintain accurate, complete and relevant personal info for the purposes identified in the notice
Re: (FIP) “Information Lifecycle”, organizations should address what 3 areas?
1- Collection
2- Use and Retention
3- Disclosure
(FIP) “Information Lifecycle” - Re: COLLECTION, orgs should…
collect personal information only for the purposes identified in the notice
(FIP) “Information Lifecycle” - Re: USE AND RETENTION, orgs should…
limit the use of personal info for the purposes identified in the notice and for which the individual has provided implicit or explicit consent; orgs should also retain personal info for only as long as necessary to fulfill the state purpose
(FIP) “Information Lifecycle” - Re: DISCLOSURE, orgs should…
disclose personal info to 3rd parties only for the purposes identified in the notice and with the implicit/explicit consent of the individual
Re: (FIP) “Management”, organizations should address what 2 areas?
1- Management and Administration
2- Monitoring and Enforcement
(FIP) “Information Lifecycle” - Re: MANAGEMENT AND ADMINISTRATION, orgs should…
define, document, communicate and assign accountability for their privacy policies and procedures
(FIP) “Information Lifecycle” - Re: MONITORING AND ENFORCEMENT, orgs should…
monitor compliance with their privacy policies and procedures and have procedures to address privacy-related complaints and disputes
5 Key Principles in US Health, Education and Welfare FIPs
1 - There must be no personal data record-keeping systems whose very existence is secret
2- There must be a way for a person to find out what info about them is in a record and how it is used
3- There must be a way for a person to prevent info about them that was obtained for one purpose from being used or made available for other purposes w/o the person’s consent
4- There must be a way for a person to correct or amend a record of identifiable info about the person
5 - Any org creating, maintaining, using or disseminating records of identifiable personal data must assure the reliability of the data for its intended use and must take precautions to prevent misuse of the data
The most widely recognized framework for FIPs and have been endorsed by the US FTC and many other government organizations
OECD Guidelines (updated in 2013)
OECD - Collection Limitation Prinicple
There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and where appropriate, with the knowledge or consent of the data subject
OECD - Quality Principle
Personal data should be relevant to the purposes for which they are to be used, and as needed for those purposes, should be accurate, complete and kept up-to-date
OECD - Purpose Specification Principle
Purposes for which personal data are collected should be specified not later than at the time of the data collection and the subsequent use limited to the fulfillment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose
OECD - Use Limitation Principle
Personal data should not be disclosed, made available or otherwise used for purposes other than those specified in accordance with the Purpose Specification Principle except (i) with the consent of the data subject or (b) by the authority of law
OECD - Security Safeguards Principle
Personal data should be protected by reasonable security safeguards against such risks as loss or unauthorized access, destruction, use, modification or disclosure of data.
OECD - Openness Principle
There should be a general policy of openness about developments, practices and policies with respect to personal data. Means should be readily available of establishing the existence and nature of personal data, and the main purposes of their use, as well as the identity and usual residence of the data controller
OECD - Individual Participation Principle
An individual should have the right:
(i) to obtain confirmation of whether or not the data controller has data relating to them
(ii) to have communicated to him, data relating to him, within a reasonable time, at a charge, if any, that is not excessive, in a reasonable manner, and in a form that is readily intelligible to him
(iii) to be given reasons if a request made under the preceding clauses is denied, and to be able to challenge such denial
(iv) to challenge data relating to him and if the challenge is successful, to have the data erased, rectified, completed or amended
OECD - Accountability Principle
A data controller should be accountable for complying with measures which give effect to the OECD principles.
Personal Identifiable Information (PII) includes…
information that makes it possible to identify and individual (i.e., social security numbers, passport numbers, street address, telephone number, email address)
De-identified/Anonymized Data
Data where element used to identify the individual are removed and the remaining data becomes nonpersonal info.
Pseudonymized Data
Data where info about individuals is retained under pseudonymns, such as a unique numerical doce for each person, that renders data temporarily nonpersonal. Pseudonmyized data can be reversed.
Practice Note - Personal & Nonpersonal Information
The line between these 2 categories is not always clear, and regulators and courts in different jurisdictions may disagree on what counts as personal information. For example, IP addresses dont constitute personal information under the Privacy Act, , but the FTC has stated that in the context of breaches of healthcare information, IP addresses ARE personal information.
Information Assets of an Organization that isnt “personal information” but should be protected and secured to ensure confidentiality include:
1 - financial data
2- operational data
3- intellectual property
4- info about the org’s products and services
The term “Processing” refers to…
the collection, recording, organization, storage, updating or modification, retrieval, consultation and use of personal information; it also includes disclosure by transmission, dissemination or making available in any other form, linking, alignment, or combination, blocking, erasure, or destruction of personal information.
Practice Note re: Sources of Personal Information
Information may be public record, publicly, available, and nonpublic all at once, and to understand how to use the underlying information, one must understand the source that provided the information (i.e., restrictions may apply to use of the name and address in a patient file, but not to public records or publicly available information)
A Data Controller is…
an org that has the authority to decide how and why personal info is to be processed.
A Data Processor is…
a 3rd party outsourcing services, that processes data on behalf of the data controller. Data processors arent authorized to do additional data processing outside of the scope of what is permitted for the data controller itself.
Under HIPPA, data processors are called “business associates”.
