Chapter 6: Laws and Regulations

Question 1

provides a framework for ensuring the effectiveness of information security controls in government

Answer 1

FISMA (The Federal Information Security Modernization Act)

Question 2

legislation intended to protect government information, operations, and assets from any natural or manmade threat

Answer 2

FISMA (The Federal Information Security Modernization Act)

Question 3

requires each federal agency to develop, document, and implement an information security program to protect its info and info systems

Answer 3

Federal Information Security Modernization Act)

Question 4

improves efficiency and effectiveness of the health care system

Answer 4

Health Insurance Portability and Accountability Act (HIPAA)

Question 5

certain provisions within HIPAA require privacy protections for individually identifiable health information

Answer 5

Protected Health Information (PHI)

Question 6

mandate safeguards to protect patient privacy

Answer 6

HIPAA Privacy Rule

Question 7

sets limits on the use of disclosure of patient information without authorization and grants individuals rights over their own health records

Answer 7

HIPAA Privacy Rule

Question 8

protects the privacy of students and their parents

Answer 8

The Family Educational Rights Privacy Act (FERPA)

Question 9

requires all schools that receive funds from programs administered by the U.S. Department of Education to comply with the standards regarding the disclosure and maintenance of educational information, personally identifiable information, and directory information

Answer 9

The Family Educational Rights Privacy Act (FERPA)

Question 10

grants certain rights to students and parents regarding the student’s own records

Answer 10

The Family Educational Rights and Privacy Act (FERPA)

Question 11

regulated the financial practice and governance of corporations

Answer 11

Sarbanes-Oxley Act (SOX)

Question 12

designed to protect investors and the general public by establishing requirements regarding reporting and disclosure practices

Answer 12

Sarbanes-Oxley Act (SOX)

Question 13

mandates standard in regards to areas such as corporate board responsibility, auditor independence, fraud accountability, internal controls assessment, and enhanced financial disclosures

Answer 13

Sarbanes-Oxley Act (SOX)

Question 14

established the Public Company Accounting Oversight Board (PCAOB)

Answer 14

Sarbanes-Oxley Act (SOX)

Question 15

oversees public accounting firms and independently ensures compliance with SOX for auditing practices

Answer 15

Public Company Accounting Oversight Board (PCAOB)

Question 16

protects the customers of financial institutions, essentially any company offering financial products or services, financial or investment advice, or insurance.

Answer 16

The Gramm-Leach-Bliley (GLBA)

Question 17

requires financial institutions to safeguard a consumer’s “nonpublic personal information or NPI”

Answer 17

The Gramm-Leach-Bliley Act (GLBA) Privacy Rule

Question 18

mandates the disclosure of an institution’s information collection and information sharing practices, and establishes requirements for providing privacy notices and opt-out to consumers

Answer 18

The Gramm-Leach-Bliley Act (GLBA)

Question 19

money laundering

Answer 19

Bank Secrecy Act (BSA)

Question 20

Telecommunications assistance for law enforcement

Answer 20

Communications Assistance for Law Enforcement Act of 1994(CALEA)

Question 21

Rules for spam

Answer 21

Controlling the Assault of Non-Solicited Pornography and Marketing (CAN SPAM)

Question 22

computer fraud and abuse

Answer 22

Computer Fraud and Abuse Act of 1986(CFAA)

Question 23

protecting children from harmful content

Answer 23

Children’s Internet Protection Act of 2001 (CIPA)

Question 24

Private data of children

Answer 24

Children’s Online Privacy Protection act of 1998 (COPPA)

Question 25

DMV records

Answer 25

Driver’s Privacy Protection Act of 1994 (DPPA)

Question 26

Government documents (E FOIA)

Answer 26

Electronic Freedom of Information Act of 1996

Question 27

Credit Information

Answer 27

Equal Credit opportunity act (ECOA)

Question 28

electronic communications (wiretaps)

Answer 28

Electronic Communications Privacy Act of 1986 (ECPA)

Question 29

Transfer of funds

Answer 29

Electronic Funds Transfer Act ( EFTA)

Question 30

Electronic Banking

Answer 30

Fair and Accurate Credit Transactions Act (FACTA)

Question 31

Credit Records (CCRA)

Answer 31

Consumer Credit Reporting Reform Act of 1996

Question 32

Debt Collection

Answer 32

Fair Debt Collection Practices Act (FDCPA)

Question 33

Energy Regulation

Answer 33

Federal Energy Regulatory Commission (FERC)

Question 34

Education Records `

Answer 34

family education rights and privacy act of 1974 (FERPA)

Question 35

securities

Answer 35

Financial Industries Regulatory Authority (FINRA)

Question 36

government information security

Answer 36

federal information security management act (FISMA)

Question 37

unfair trade practices

Answer 37

Federal Trade Commission Act (FTCA)

Question 38

consumer financial information

Answer 38

gramm-leach-bliley financial services modernization act of 1999 (GLBA)

Question 39

patient information

Answer 39

health insurance portability act (HIPAA)

Question 40

health information technology

Answer 40

health information technology for economic and clinical health act(HITECH)

Question 41

import and export of defense items

Answer 41

international traffic in arms regulation(ITAR)

Question 42

economic and trade sanctions

Answer 42

office of foreign assets control (OFAC)

Question 43

payment cards

Answer 43

payment application data security standards PCI DSS)

Question 44

privacy of journalist

Answer 44

privacy protection act of 1978(PPA)

Question 45

privacy of financial institutions

Answer 45

right to financial privacy act of of 1978 (RFPA)

Question 46

breach notifications

Answer 46

California Senate bill 1386 (SB 1386)

Question 47

accuracy of corporate financial information

Answer 47

sarbanes-oxley act (SOX)

Question 48

telephone solicitation

Answer 48

Telephone Consumer Protection Act of 1991 (TCPA)

Question 49

anti terrorism

Answer 49

uniting and strengthening america by providing appropriate tools required to intercept and obstruct terrorism act of 2001 (USA PATRIOT ACT)

Question 50

automated matching of privacy act records

Answer 50

computer matching and privacy protection act (CMPPA)

Question 51

identity theft

Answer 51

federal identity theft and assumption deterrence act (FITAD)

Question 52

telemarketing

Answer 52

do no call registry

Question 53

government accounting and administrative controls

Answer 53

Federal Managers Financial Integrity Act (FMFIA)

Question 54

requirement for US voting systems

Answer 54

Help America Vote act of 2002 (HAVA)

Question 55

department of homeland security data

Answer 55

homeland security act of 2002

Question 56

securities customer information

Answer 56

NASD rule 3110

Question 57

data for securities transactions

Answer 57

SEC rule 17a-4

Question 58

electronic signatures

Answer 58

title 21 code of federal regulations

Question 59

a matter that is very specific to the industry in which a given company or organization is operating and how it is structured (often more far reaching than imagined)

Answer 59

regulatory compliance

Question 60

comes packaged with cyclical audits and assessments to ensure that everything is being carried out according to specification

Answer 60

regulatory compliance

Question 61

regulations that are not mandated by law but can have severe impacts upon our ability to conduct business

Answer 61

industry compliance