Privacy in the Modern Era Flashcards
What is privacy?
The rights and obligations of individuals and organizations with respect to the collection, use, retention, disclosure and destruction of personal information.
What is personal information?
Information that is or can be about or related to an identifiable individual.
What does GDPR consider “special categories of personal data”?
- Racial or ethnic origin
- Religious or philosophical beliefs
- Trade Union Membership
- Genetic Data
- Biometric Data (used for the purpose of uniquely identifying a natural person)
- Health Data
- Data concerning a natural person’s sex life or sexual orientation
What is NOT Personal Information
Information that is not about a natural person. e.g. product development plans, military equipment lists, etc.
OR
Information that does not provide a way to identify the person the information is about.
What is anonymization?
The process of taking personal information and making it impossible to identify the individual to whom the information relates.
What two techniques does the HHS use to render information unidentifiable?
Expert determination and safe harbor
What does “expert determination” require for rendering information unidentifiable?
The involvement of a trained statistician who analyzes a de-identified dataset and determines that there is very little risk that the information could be used to identify an individual, even if that information is combined with other publicly available information.
What does “safe harbor” require for rendering information unidentifiable?
Requires the removal of 18 different types of information to remove direct and indirect links to an individual. (names, geographic divisions and zip codes containing fewer than 20K people, phone numbers, VIN numbers, Fax numbers, device id/serial numbers, email addresses, URLs, SSNs, IP addresses, medical record numbers, fingerprints (and other biometrics) health plan beneficiary numbers, full-face photos, account numbers, certificate or license numbers, etc.)
What does “aggregation” mean?
Summarizing data about a group of individuals in a matter that makes it impossible to draw conclusions about a single person.
What are the 10 GAPP principles? (What do we need to do to protect privacy?)
- Management
- Notice
- Choice & Consent
- Collection
- Use, Retention, and Disposal
- Access
- Disclosure to Third Parties
- Security for Privacy
- Quality
- Monitoring & Enforcement
Define “Management”
The entity defines, documents, communicates, and assigns accountability for its privacy policies and procedures.
What criteria should an organization follow to establish control over the management of their privacy program?
- Create written privacy policies and communicate those policies to personnel.
- Assign responsibility and accountability for those responsibilities to an individual or team.
- Establish procedures for review and approval of privacy policies and changes to those policies
- Ensuring that privacy policies are consistent with applicable laws and regulations
- Perform risk assessments no less than annually
- Ensure that contractual obligations to customers, vendors and partners are consistent with privacy policies
- Assess privacy risks when implementing or changing technology infrastructure
- Create and maintain a privacy incident management process
- Conduct privacy awareness and training and establish qualifications for employees with privacy responsibilities.
Define “Notice”
The entity provides notice about its privacy policies and procedures and identifies the purposes for which personal information is collected, used, retained and disclosed.
Define “Choice & Consent”
The entity describes the choices available to the individual and obtains implicit or explicit consent with respect to the collection, use, and disclosure of personal information.
Define “Collection”
The entity collects personal information only for the purposes identified in the notice.
This governs the ways that organizations come into possession of personal information.
Define “Use, Retention, & Disposal”
Use: the entity limits the use of PI to the purpose identified in the notice.
Retention: The entity retains PI only as long as necessary to fulfill the stated purpose or as required by law.
Disposal: timely and appropriately disposes of the collected PI
Define “Access”
The entity allows data subjects the right to access information held about them, and when necessary, to correct that information.
Define “Disclosure to Third Parties”
The entity discloses PI to third parties only for the purposes identified in the notice and with the implicit or explicit consent of the individual.
Define “Security for Privacy”
The entity protects personal information against unauthorized access (both physical and logical)
Define “Quality”
The entity maintains accurate, complete, and relevant personal information for the purposes identified in the notice.
ie: incorrect information can be just as damaging (or more) than information improperly handled
Define “Monitoring & Enforcement”
The entity monitors compliance with its privacy policies and procedures and has procedures to address privacy related inquiries, complaints and disputes.
Define “Data Subjects”
the individuals about whom personal information is collected.
Define “Data Controller”
The organizations who determine the purpose and means of collecting personal information from data subjects
Define “Data Processor”
service providers who collect or process personal information on behalf of data controllers.
