Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
23 Cards in this Set
- Front
- Back
What are the Classes of Privacy (4)
|
i) Information Privacy (rules govern collection/handling)
ii) Bodily Privacy (protect physical well-behing) iii) Territorial Privacy (limit ability to intrude personal environment) iv) Communications Privacy (protect correspondence) |
|
Personal Information Defined (EU vs US vs Canada vs Japan)
|
EU - Any and all data that relates to an identified or identifiable individual.
US - PII - Info covered by privacy laws Canda - PI - information about an individual minus some business contact information Japan - PI - relates to living individual and can identify specific individuals by name, dob, other descriptiong |
|
Special Categories of Data (EU)
|
- race/ethnicity
- political opinion - religion/philosophical - union membership - health - sex life |
|
Sensitive Personal Informaiton (US)
|
- SSN
- Financials - DL # - Health |
|
Sensitive Information PIPEDA (Canada)
|
Any information can be sensitive depending on context.
|
|
Sources of Personal Information (3)
|
i) Public Records (Info collected maintained by Gov)
ii) Publicily Available Information (Phone book, newspaper, etc) iii) Non-public Information (company database, legal request, etc) |
|
Standard PI (7)
|
i) Name
ii) DOB iii) Gender iv) Contact Info v) Marital Status vi) Income/Ed vii) Languages spoken |
|
HR Personal Information (8)
|
i) Salary
ii) Job Title iii) Performance Metrics iv) Benefits v) Evaluations vi) Status (veteran) vii) Location viii) Nationality |
|
Customer Information (8)
|
i) Purchase History
ii) Interaction History iii) Leads/Prospects iv) Former Customers v) Market Research Participants vi) Voice Recordings vii) Benefits (Gov) viii) Tax Records |
|
Types of Safeguards (3)
|
i) Administrative
ii) Technical iii) Physical (ATP) |
|
Information Life Cycle Principles (4)
|
i) Collection
ii) Use iii) Disclosure vi) Storage / Destruction |
|
OECD Guidelines (8 Principles)
|
i) Collection Limitation
ii) Data Quality iii) Purpose Specification iv) Use Limitation v) Security Safeguards vi) Openness vii) Individual Participation (consumer right ot review/correct/etc) viii) Accountability |
|
APEC Guidelines (9 Principles)
|
i) Prevent Harm
ii) Notice iii) Collection Limitation iv) Use Limitation v) Choice (Consumer) vi) Integrity of Data vii) Security viii) Access/Correction (Individual Participation) ix) Accountability |
|
Madrid Guidelines (6 Principles)
|
i) Lawfulness/Fairness (Processing)
ii) Define Purpose iii) Limit Processing iv) Data Quality v) Openness vi) Accountability |
|
What are the 4 Standard Data Security Models
|
i) Comprehensive (EU/Russia/Argentina)
ii) Coregulatory (Australia) iii) Sectoral (US/Japan) iv) None (China) |
|
What are the 4 sources of Privacy Protection
|
i) Markets
ii) Technology iii) Laws iv) Self-Regulation (PCIDSS) / Co-Regulation |
|
Sectors of Privacy (8)
|
i) Healthcare
ii) Financial iii) Telecommunications iv) Online Privacy v) Public Sector vi) HR vii) Electronic (Smart Grid / Smart Home) viii) Marketing |
|
Risk Equation
|
Risk = Threat x Vulnerability x Expected Loss
|
|
Standard Information Categorization (3)
|
i) Public
ii) Sensitive iii) Confidential |
|
Incident Management Life Cycle
|
i) Discover
ii) Contain / Analyze iii) Notify iv) Eradicate |
|
TCP vs SSL vs TLS
|
TCP - Communication Protocol (2 devices)
SSL - Secure connection (HTTPS) private, identify authenticated, reliable connection TLS - Privacy between client-server application & internet |
|
5 Essential Characteristics of Cloud Computing
|
i) On-Demand Self-Service
ii) Broad Network Access iii) Resource Pooling iv) Rapid Elasticity v) Measured Service |
|
4 Deployment Models of Cloud Computing
|
i) Private
ii) Public (self-service basis) iii) Community (shared by orgs in a specific community) iv) Hybrid |