Back to AI Flashcard MakerInformation Technology /Identifying and Safeguarding PII Online Course
Identifying and Safeguarding PII Online Course
This deck covers key concepts and regulations related to the use, disclosure, and safeguarding of Personally Identifiable Information (PII) as outlined in an online course.
Use and Disclosure of PII An organization that fails to protect PII can face consequences including
All of the Above
Tap or swipe ↕ to flip
Swipe ←→Navigate
1/14
Key Terms
Term
Definition
Use and Disclosure of PII
An organization that fails to protect PII can face consequences including
All of the Above
Use and Disclosure of PII
True or False?
Information that can be combined with other information to link solely to an individual is considered PII.
True
Use and Disclosure of PII
Which of the following is NOT a permitted disclosure of PII contained in a system of records?
The purpose is disclosed with a new purpose that is not encompassed by SORN
Use and Disclosure of PII
What guidance identifies federal information security controls?
OMB Memorandum M-17-12
Use and Disclosure of PII
Which of the following must Privacy Impact Assessments (PIAs) do?
All of the Above
Use and Disclosure of PII
What regulation governs the DoD Privacy Program?
DoD 5400.11-R: DoD Privacy Program
Related Flashcard Decks
Study Tips
- Press F to enter focus mode for distraction-free studying
- Review cards regularly to improve retention
- Try to recall the answer before flipping the card
- Share this deck with friends to study together
| Term | Definition |
|---|---|
Use and Disclosure of PII
An organization that fails to protect PII can face consequences including | All of the Above |
Use and Disclosure of PII
True or False?
Information that can be combined with other information to link solely to an individual is considered PII. | True |
Use and Disclosure of PII
Which of the following is NOT a permitted disclosure of PII contained in a system of records? | The purpose is disclosed with a new purpose that is not encompassed by SORN |
Use and Disclosure of PII
What guidance identifies federal information security controls? | OMB Memorandum M-17-12 |
Use and Disclosure of PII
Which of the following must Privacy Impact Assessments (PIAs) do? | All of the Above |
Use and Disclosure of PII
What regulation governs the DoD Privacy Program? | DoD 5400.11-R: DoD Privacy Program |
Use and Disclosure of PII
What law establishes the federal government's legal responsibility for safeguarding PII? | Privacy Act of 1974 |
Use and Disclosure of PII
What law establishes the public's right to access federal government information? | FOIA |
Use and Disclosure of PII
No disclosure of a record in a system of records unless: | The individual to whom the record pertains:
- submits a written request
- has given prior written consent OR Includes "routine use" of records, as defined in the SORN |
Safeguarding PII
Your coworker was teleworking when the agency e-mail system shut down. She had an urgent deadline so she sent you an encrypted set of records containing PII from her personal e-mail account. Is this compliant with PII safeguarding procedures? | No |
If you discover a data breach you should immediately notify the proper authority and also: | document where and when the potential breach was found:
-record URL for PII on the web |
Officials or employees who knowingly disclose PII to someone without a need-to-know may be subject to which of the following? | Both civil and criminal penalties |
Which of the following is NOT an example of an administrative safeguard that organizations use to protect PII? | List all potential future uses of PII in the System of Records Notice (SORN) |
True or False?
Phishing is not often responsible for PII data breaches. | False |