PII and PHI Flashcards
What kind of data can be used by itself, or with other data to identify a specific person?
Personally Identifiable Information (PII)
What law affects the US government computer systems that collect, store, use, or disseminate PII?
Privacy Act of 1974
What law affects healthcare providers, facilities, insurance companies, and medical data clearing houses?
Health Insurance Portability and Accountability Act (HIPPA)
What law affects publicly-traded US corporations and requires certain accounting methods and financial reporting requirements?
Sarbanes-Oxley (SOX)
Note: Also known as “Public Company Counting Reform and Investor Protection Act”
What law affects banks, mortgage companies, loan offices, insurance companies, investment companies, and credit card providers?
Gramm-Leach-Bliley Act (GLBA)
What law requires each agency to develop, document, and implement an agency-wide information systems security program to protect their data?
Federal Information Security Management Act of 2002 (FISMA)
What standard affects organizations that use credit card information?
Payment Card Industry Data Security Standard (PCI DSS)
What law provides regulations that govern the security, confidentiality, and integrity of the personal information collected, stored, or processed during the election and voting process?
Help America Vote Act of 2002 (HAVA)
What law is specific to California and requires immediate disclosing of data breaches?
SB 1386