Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CIPP/US > Introduction to Privacy > Flashcards

Introduction to Privacy Flashcards

1
Q

In 1890, the American, Louis Brandeis and Samuel Warren published which publication?

A

The Right to Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The “Right to Privacy” publication defined privacy as _____________________?

A

The right to be left alone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

_______________ is defined as the desire of people to freely choose the circumstances and the degree to which individuals will expose their attitudes and behavior to others.

A

Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the four classes of privacy?

A

Information Privacy
Bodily Privacy
Territorial Privacy
Communications Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

_______________ Privacy are rules that govern the collection and handling of personal information.

A

Information Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Personal information, financial information, medical information, government records and records of a person’s activities on the internet are examples of _________________ Privacy.

A

Information Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

_______________ Privacy is focused on a person’s physical being and invasion thereof.

A

Bodily Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Drug Testing, genetic testing, body cavity searches, abortion and adoption are examples of _____________ Privacy.

A

Bodily Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

________________ Privacy refers to limitations on intruding into another individual’s environment.

A

Territorial Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Invasion into ______________ Privacy typically takes the form of monitoring, such as video surveillance, ID checks, and use of similar technology.

A

Territorial Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

True or False?

In Territorial Privacy, another individual’s “environment” is limited to the home.

A

False

Environment is not limited to the home but may include the workplace or public space.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

_______________ Privacy protects the means of correspondence.

A

Communication Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Phone conversations, postal mail, email and other forms of communication are examples of ___________________ Privacy.

A

Communication Privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The industry standard in assessing risk is:

Risk = ________ X ________ X _________

A

Risk = Threat x Vulnerability x Expected Loss

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The ________ associated with a company’s information technology is directly related to threats, vulnerabilities and expected loss.

A

Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

_____________ are any circumstances that may cause an undesirable event.

A

Threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Data breach is an example of a ___________.

A

Threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

____________ are weaknesses in an organization’s information systems policies or procedures.

A

Vulnerabilities

19
Q

When a threat exploits a vulnerability, a __________ causes risk to occur.

A

Security Event

20
Q

________ = Probability of an event occuring
X
Expected Loss associated with event

A

Risk for a particular security event

21
Q

_________ Act lays out the basic rules for agency enforcement actions.

A

Administrative Procedure Act

22
Q

Fair Information Practices (FIPs) are also known as ________________________.

A

Fair Information Practice Principles (FIPPs)

23
Q

___________ have been used since the 1970’s as a means for organizing individual’s privacy rights and organizing personal information (PI) responsibilities.

A

Fair Information Practices (FIPs)
also known as
Fair Information Practice Principles (FIPPs)

24
Q

___________ dates back to a 1973 report by the US Department of Health, Education and Welfare Advisory Committee on Automated Systems.

A

Fair Information Practices (FIPs)
also known as
Fair Information Practice Principles (FIPPs)

25
Q

Fair Information Practices (FIPs) have ______ categories.

26
Q

What are the Fair Information Practices (FIPs) categories?

A

Rights of Individuals
Controls on Information
Information Life Cycle
Management

27
Q

Notice, choice/consent and data subject access refer to which FIPs category?

A

Rights of Individuals

28
Q

True or False

Organizations should provide notice about their privacy policies and procedures.

29
Q

___________ identifies the purpose personal information (PI) is collected, used, retained and disclosed.

30
Q

___________ can be implicit or explicit with respect to the collection, use, retention and disclosure of personal information (PI).

31
Q

In reference to the “Rights of Individuals” FIPs category, ___________ is important when disclosing personal information (PI) to other data controllers.

32
Q

In reference to the “Rights of Individuals” FIPs category, ___________ occurs when organizations provide access to an individual’s personal information (PI) for review and update.

A

Data Subject Access

33
Q

Information Security and Information Quality refer to which FIPs category?

A

Controls on the Information

34
Q

___________ refers to using reasonable administrative, technical and physical safeguards to protect personal information (PI) against unauthorized use, disclosure, modification and destruction.

A

Information Security

35
Q

__________ refers to maintaining accurate, complete and relevant personal information (PI) for the purposes identified in the notice.

A

Information Quality

36
Q

Collection, Use and Retention and Disclosure refer to which FIPs category?

A

Information Lifecycle

37
Q

In reference to the “Information Lifecycle” FIPs category, ___________ refers to gathering personal information only for the purposes identified in the notice.

A

Collection

38
Q

True or False

Organizations should limit the use of personal information (PI) to the purposes identified in the notice only.

A

False
Organizations should limit the use of personal information (PI) to the purposes identified in the notice and where the individual has provided implicit or explicit consent.

39
Q

True or False

Organizations should retain personal information (PI) for at least two (2) years.

A

False

Organizations should retain personal information (PI) for only as long as necessary to fulfill the stated purpose.

40
Q

True or False

Organizations should disclose personal information (PI) to third parties for the purposes identified in the notice only.

A

False
Organizations should disclose personal information (PI) to third parties for the purposes identified in the notice and where the individual has provided implicit or explicit consent.

41
Q

Management, administration, monitoring and enforcement refer to which FIPs category?

A

Management

42
Q

In reference to the “Management” FIPs category, ___________ and ___________ refers to when organizations define, document, communicate, and assign accountability for their privacy policies and procedures.

A

Management and Administration

43
Q

In reference to the “Management” FIPs category, ___________ and ___________ occurs when organizations monitor compliance with their privacy policies and procedures and have procedures to address privacy-related complaints and disputes.

A

Monitoring and Enforcement

CIPP/US (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions