Identifies Privacy and Compliance Guidelines Flashcards
HIPPA = Health Insurance Portability and Accountability Act
Protects patient health information (PHI)
ex: A hospital cannot share patient records without consent
HIPPA helps hide health info
remembering: Health
FISMA = Federal Information Security Management Act
Requires federal agencies to secure their IT systems
ex: A government website must follow strict crybersecurity protocols
FISMA = Federal Info Security Mandate Applied
remembering: Federal
FERPA = Family Education Rights and Privacy Act
Protects student education records
ex: A school cannot release student grades without permission
FERPA = Family Education Records Privacy Act
remembering: Education
GLBA = Gramm-Leach-Bliley Act
Requires financial institutions to protect customer data
ex: Banks must tell customers how they use their personal info
GLBA = Guarding Loans & Bank Accounts
remembering: Banking
SOX = Sarbanes-Oxley Act
Ensures financial transparency in public companies
ex: A company must keep accurate financial records
SOX = Stops financial fraud
remembering: Stocks
COPPA = Children’s Online Privacy Protection Act
Protects children’s data online ( under 13 )
ex: A website must get parental consent before collecting kid’s data
COPPA = Kids’ COP ( online privacy )
remember: Children
PCI DSS = Payment Card Industry Data Security Standard
Secures credit card transactions
ex: A store must encrypt credit card transactions
PCI = Protect Card Info
remembering: Credit
FCRA = Fair Credit Reporting Act
saw this as an answer on the exam so looked it up
Regulates accuracy and privacy of credit reports
ex: You can disput incorrect info on your credit report
FCRA = Fair Credit Rules Always
remembering: Credit
GDPR = General Data Protection Regulation
Protects EU citizens’ personal data
ex: A company must allow users to delete their data
GDPR = Guard Data, Protect Rights
remembering: Privacy
FOIA = Freedom of Information Act
Allows the public to access government records
ex: A journalist can request government documents
FOIA = Find Out Info Act
remembering: Transparency
CFAA = Computer Fraud and Abuse Act
saw this as an answer on the exam so looked it up
Criminalizes hacking and unauthorized computer access
ex: Hacking into a bank system is illegal under CFAA
CFAA = Cyber Fraud And Access law
remembering: Hacking
EDD = Electronic Discovery and Disclosure
saw this as an answer on the exam so looked it up
Governs digital evidence in legal cases
ex: Emails can be used in lawsuits under EDD rules
EDD = E-Discovery Done DIgitally
remembering: Evidence
PII = Personally Identifiable Information
Any info that can identify a person (name, SSN, etc.)
ex: A company must secure customer SSNs.
PII = Protect indiviual Info
remembering: Identity
FDIC = Federal Deposit Insurance Corporation
saw this as an answer on the exam so looked it up
Insures bank deposits up to $250,000
ex: If a bank fails, your money is still safe
FDIC = Funds Deposited Insured Completely
remembering: Insurance
CCPA = California Consumer Privacy Act
Gives California residents rights over their data
ex: Companies must allow Californians to opt out of data sales
CCPA = CA Consumers Protecting Access
remembering: California
HITECH = Health Information Technology for Economic and Clinical Health Act
Strengthens HIPPA for electronic health records (EHRs)
ex: Hospitals must secure digital patient data
HITECH = HIPPA’s Tech Upgrade
remembering: E-Health
GEOINT = Gerospatial Intelligence
saw on exam as answer won’t be answer but knowledge is what we need
Earth Intelligence
Imagery, maps and geospatial data
HUMINT = Human Intelligence
saw on exam as answer won’t be answer but knowledge is what we need
interviews and espionage
SIGINT = Signals Intelligence
saw on exam as answer won’t be answer but knowledge is what we need
gathering intel like radio signals, phone calls or internet traffic
OSINT = Open-Source Intelligence
on exam with others and more than likely the answer
Refers to collection and analysis of publicly available information to produce actionable intelligence.
ex: A government agency analyzes publicly available financial records and market data to monitor economic trends and detect potential fraud
remembering: Public Clues Investigation
ISO/IEC 25000
saw on exam as answer won’t be answer but knowledge is what we need
It provides guidelines for software product quality including useability, security and maintainbility
remembering: Software Quality
ISO/IEC 26000
saw on exam as answer won’t be answer but knowledge is what we need
it offers guidance on corpoate social rresponsibiliity (CSR) including ethical behavior, environmental sustainabilty and community engagement
remembering: Social Responsibility
ISO/IEC 27000
more than likely the answer with the other ISO/IEC answers on exam
It is a family of standards focused on information security management, ensuring data confidentiality, integrity and availability
remembering: Information Security
ISO/IEC 28000
saw on exam as answer won’t be answer but knowledge is what we need
It defines security management systems for supply chains, addressing risks like theft, fraud and disruptions
remembering: Supply Chain Security
