Lesson 16 Data Privacy and Documentation Flashcards

1
Q

Information Life Cycle

A

Creation/Control
- data needs to be classified and tagged

Distribution/Use
- data is available to authorized and authenticated users including 3rd parties

Retention
- data is archived past the date when it is still used for regulatory reasons

Disposal
- data no longer needed, media storing data asset must be SANITIZED to remove any remnants

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

PHI

A

Personal Health Information or protected health information

refers to medical and insurance records, as well as associated hospital and lab tests

extremely sensitive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

PII

A

Personally Identifiable Information

info that can identify, contact or locate an individual

can depend on context

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

data owner

A

Manager/Senior role with the ultimately responsible for confidentiality, integrity, and availability (CIA) of the information asset

Responsibilities:

  • labeling the asset
    • who should have access to the data
    • determine the criticality and sensitivity of data
  • ensures data is protected with correct controls

Selects a steward and custodian of the data, directing their actions

sets the budget and resource allocation for controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

data steward

A

Appointed by the data owner

Responsibilities:

  • ensures data quality
    • labels/classifies the data
    • data has appropriate metadata
  • ensures data is collected and stored in accordance with applicable laws and regs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

data custodian

A

Appointed by the Data Owner

Responsibilities:

  • manages the system on which the data assets are stored
  • enforces access control, encryption, and backup/recovery measures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

DPO

A

data privacy officer

Responsibilities:

  • oversees any PII assets managed by the company
  • ensures processing, disclosure, and retention of PII complies with legal and regulatory frameworks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

data controller

A

Institutional role

Responsibilities:

  • determines why and how data is stored, collected and used
  • ensures these purposes and methods are lawful
  • responsible for privacy breach which can not transfer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

data processor

A

Institutional role

Assistant to the Data Controller and follows the instructions of a data controller with regard to collection or processing data

Responsibilities:
-assist with the technical collection, storage, and analysis tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Data Classification based degree of confidentiality

A

Schema based on confidentiality required by the data
Public/unclassified - no restrictions on viewing
Confidential/secret - highly sensitive for viewing, possible NDA for 3rd parties
Critical/top secret - viewing is severely restricted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Data Classification based on kind of info

A

Proprietary or intellectual property (IP) - company owned about their products or how it is made

Private/personal data - individual identification data

Sensitive - usually used in the context of personal data which could harm the person if made public or create prejudice against them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Privacy Notices

A

must use informed consent to use the data collected

purpose must be clearly stated to the user

Purpose limitation will restrict ability to transfer the data to a 3rd party

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Data Protection Impact Assessment

A

A process designed to

  • identify the risks of collecting and processing personal data in the context of a business workflow or project
  • identify the mechanisms to mitigate these risks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Data Retention

A

with regard to business policy or regulations this controls the length of time data can be retained

  • may impact data archives and backups if PII is included
  • may impact financial data and security logs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Data Sovereignty

A

a jurisdiction preventing or restricting processing and storage from taking place on systems do not physically reside with in that jurisdiction

  • may demand using location specific storage facilities in a cloud service
  • for employees in different geographical locations needing data may need to validate their location prior to gaining access to the data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Data Breach Consequences

A

Reputation damage
identity theft
Fines
Intellectual Property theft

Must provide notification of breach

Must escalate breach to senior decision makers

17
Q

Data Sharing Agreements

A

Service Level Agreement (SLA)

Interconnection Security Agreement (ISA)

NonDisclosure Agreement (NDA)

Data Sharing and Use Agreement
-mitigate the risk of reidentification (data used in combination with other data sets)

18
Q

Data minimization

A

A principle that data should only be processed and stored if that is necessary to perform the purpose for which it is collected

Also includes the principle of sufficiency or adequacy, meaning you should collect the data required for the stated purpose in a single transaction to which the subject can give clear consent. Do not collect data later on.

19
Q

Tokenization

A

A de-identification method where a unique token is substituted for real data

Non-destructive

Used as a substitute for encryption because from a regulatory perspective and encrypted field is the same value as the original data

20
Q

Anonymize

A

completely and permanently removing identifying data from a data set even when combined with other data sources

21
Q

Pseudo-annoymization

A

modifying or replacing identifying information s that reidentification depends on an alternate data source, which must be kept separate. With the other data source, this method can be reversed to recover the original data

22
Q

Aggregation/Banding

A

A deidentification technique to generalize the data such as substituting specific age wit ha broader age band

23
Q

Hashing and Salting

A

Hashing is used for two main purposes:

  • an indexing method to speed ups searches and provide deidentified references to records
  • as a storage method for data such as passwords where the original plaintext does not need to be retained

Salting adds an additional value stored with the hashed data field
-frustrates attempts to crack with tables

24
Q

Data masking

A

part or all of the contents of a data field in the data set are redacted by substituting strings with a new value
considered an irreversible deidentification technique
tokenization can be undone as need

25
Q

data @ rest

A

stored data, should be encrypted, full disk encryption or database encryption or file/folder level encryptions
file permissions are set
ACLs can be used to ensure authorized users can read/modify the data

26
Q

data in transit

A

data being sent across the network

needs to be protected by transport encryption protocol, like TLS or IPSec

27
Q

Data in use

A

in RAM or Data in a DB currently being modified

need to protect

Can use trusted execution environment (TEE) mechanisms which are able to encrypt data in memory

28
Q

data exfiltration

A

unauthorized copying or retrieval of a system

Many mechanisms but a few are:
removable media
network protocols
RAT to transfer data over non standard network port
oral communication
picture or video

Mitigation techniques

  • all sensitive data is encrypted at rest
  • create and maintain offsite backups
  • implement access controls for storage or transmitting systems
  • restrict types of network channels attacks can use to gain access to the network
  • disconnect systems storing archived data from network
  • train users in these methods of protecting sensitive data
29
Q

DLP

A

Data Loss Prevention (DLP) products which automate the discovery and classification of data types and enforcement of rules so that data is not viewed or transferred without proper authorization

Consists of components on the network

  • Policy server
  • Endpoint agents
  • Network agents

Can be extended to cloud solutions via use of a proxy to mediate access or CSP API to perform scanning and policy enforment

30
Q

DLP Remediation

A

An action the DLP takes when a policy violation takes place
Alert Only - copy is allowed but alert an admin
Block - prevents copy
Quarantine - file is no longer accessible
Tombstone - file is quarantined and replaced with a file which tells the user how to recover the file

31
Q

Microsofts IRM

A

Information Rights Management (IRM)

  • assign file permissions for different document roles, such as author, editor, reviewer
  • restrict printing and forwarding of document, even when sent as an attachment
  • restrict printing and forwarding of email messages

Works with Active Directory Right Management Services (RMS) or the cloud based Azure Information Protection