Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CIPP/US - Complete > State Laws > Flashcards

State Laws Flashcards

You may prefer our related Brainscape-certified flashcards:
U.S. Geography flashcards
1
Q

DOPPA (DE)

A

Similar to CalOPPA.

Must post privacy policy if working with kids, and can’t use PII to market alcohol, tobacco, tattoos, fireworks, piercings, etc to kids.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

CalOPPA (CA) - What is it?

A

1st law in nation to include websites, including mobile apps, to conspicuously post a privacy policy if they collect PII from CA residents. 2013

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

CalOPPA (CA) - Disclosure Requirements (4)

A

Must disclose:

  • categories of PII collected
  • types of 3rd parties that data can be shared to
  • how site responds to Do Not Track signals
  • If other parties can collect PII over time when using the site
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

ICRAA (CA)

A

Investigative Consumer Reporting Agencies Act- stricter than FCRA, requires written consent and includes a person’s “character.” Also requires that people can request a copy of the report, and a copy must be provided if adverse action is taken (regardless of whether you requested the copy)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

CMIA (CA)

A

Confidentiality of Medical Information Act- broader definition of contractor than HIPAA (eg, you’re considered a contractor if you made the healthcare software, phone apps with health data, etc)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

SB-1 (CA)

A

AKA Financial Info Privacy Act- limits financial data sharing to 3rd party partners

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

SB-1386 (CA)

A

If you store any customer data, you must notify CA residents of breaches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Do Not Track Law (CA)

A

CalOPPA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Massachusetts Personal Information Security Regulation

A

All parties that own or license PI of MA residents must encrypt all PI stored on laptops or other portable devices, as well as in transit when wireless or public networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

MA State 201 CMR 17

A

Most prescriptive breach law in nation.

Establishes minimum PI safeguards for physical and electronic records.Basically have to have an ISO-style compliance program and report breaches.

If the breach includes credit/debit #s, the financial institutions must report, too.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

TN SB 2005

A

1st state to require notification of any breach, whether encrypted or not. Original bill exempted encrypted data.

45 days to notify of breach

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

IL HB 1260

A

“Personal Info Protection Act,” or PIPA

PII = PHI, PI, email, address, passwords, security questions, biometric data

Limits encryption safe harbor if the keys were likely exposed or compromised

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

CA AB 2828

A

Requires notification of breached encrypted data, in addition to unencrypted data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

NM HB 15

A

Breach notification law

PII includes biometrics, like fingerprints and voice prints

Includes encrypted data if keys were likely compromised, and unencrypted data.

45 days to notify

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CIPP/US - Complete (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions