Unit 7 - PRIVACY, CONFIDENTIALITY, SECURITY, AND ETHICS

Question 1

____ is the right to be left alone

Answer 1

privacy

Question 2

____ the right to keep personal information secret

Answer 2

privacy

Question 3

____ is defined as the freedom from intrusion or invasion into one’s private affairs

Answer 3

privacy

Question 4

____ is known as the right to control personal information

Answer 4

privacy

Question 5

____ refers to the status accorded to data/information indicating sensitivity, therefore it needs to be protected

protected against theft, disclosure, and improper use

Answer 5

Confidentiality

Question 6

____ is a sharing or disseminating data only to those with a “need to know basis”

Answer 6

Confidentiality

Question 7

____ refers to the means to control access and protect information from accidental or intentional disclosure to unauthorized persons

Answer 7

Security

Question 8

Among privacy. confidentiality, and security, which of them refers to the mechanisms to ensure the safety of data and systems in which the data reside?

Answer 8

Security

Question 9

RA 10173 is also known as?

Answer 9

Data Privacy Act of 2012

Question 10

What law (or act) aims to protect the fundamental human right of privacy, of communication while ensuring free flow of information to promote innovation and growth?

Answer 10

Data Privacy Act of 2012

Question 11

____ refers to a subset of a security breach that actually leads to “accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of personal data

Answer 11

personal data breach

Question 12

An information breach may only be classified as it is if it possesses what characteristics?

4 requirements of breach notif

Answer 12

1. breached info must be sensitive (personal info)
2. reasonable belief that unauthorized acquisition has occurred
3. risk to data subj is real
4. potential harm is siryuz

Question 13

____ is defined by the Association of IT Professionals as the unauthorized use, access, modification, and destruction of hardware, software, data, or network resources

Answer 13

Computer crime

Question 14

What are the key features of a secure system and network?

Answer 14

• Authentication
• Authorization and access control
• Data integrity
• Accountability
• Availability
• Data storage
• Data transmission

Question 15

Identify the key feature of a secure system and network being described

Means of verifying the correct identity and/or group membership of individual or other entities

Answer 15

Authentication

Question 16

What are the 4 methods or classifications for [identity] authentication?

Answer 16

• Username
• Known only by the user
• Held only by the user
• Attributable ony to the user

Question 17

Identify the key feature of a secure system and network being described

• Feature that is dependent on the hierarchy of accession or permission of data.
• Data may be read, written, modified, and deleted

Answer 17

Authorization and Access Control

Question 18

Identify the key feature of a secure system and network being described

• Used to support information accuracy to ensure that data have not been altered or destroyed in an unauthorized manner
• Error detection and error correction protocols

Answer 18

Data Integrity

Question 19

Identify the key feature of a secure system and network being described

Ensures that the actions of any entity can be traced during the movement of data from its source to its recipient

Answer 19

Accountability

Question 20

Audit trails must embody five characteristics. What are they?

Answer 20

• Identification of the user
• Data source
• Whose information
• Date and time
• Nature of the activity

Question 21

Identify the key feature of a secure system and network being described

Ensures information is immediately accessible and usable by authorized entity

Answer 21

Availability

Question 22

Identify the key feature of a secure system and network being described

• Protecting and maintaining the physical location of the data and the data itself
• Physical protection of processors, storage media, cables, terminals, and workstations
• Retention of data for mandated period of time

Answer 22

Data storage

Question 23

Identify the key feature of a secure system and network being described

Exchange of data between person and program or program and program when the sender and receiver are remote from one another

Answer 23

Data Transmission

Question 24

____ identifies what should enter and what should not. This includes data going in and out.

Filtering mechanism so that only authorized traffic is allowed to pass

Answer 24

Firewall

Question 25

____ of data must scramble readable information and de-encrypt with proper key by ____.

Answer 25

Encryption; recipient

Question 26

Identify the principle of technology ethics described

The good achieved by the techonology must outweight the harm or risk. Moreover, there must be no alternative that achieves the same or comparable with less harm or risk

Answer 26

Proportionality

Question 27

Identify the principle of technology ethics described

The ppl affeted by technology shld understand and accept the risks

Answer 27

Informed consent

Question 28

Identify the principle of technology ethics described

The benefits and burdens of the technology should be distributed fairly.

Answer 28

Justice

Question 29

Identify the principle of technology ethics described

Technology implemented must be able to avoid all unnecessary possibility of loss or injury

Answer 29

Minimized risk

Question 30

EHRs and computer use should facilitate patient care, support physician ethical duties, and support the ____ relationship

Answer 30

patient-doctor

Question 31

True or False

Confidentiality is unintentional; security is intentional

Answer 31

True