Identifying and Safeguarding PII V4.0 Flashcards
Test your knowledge on Privacy Impact Assessments and the proper handling of Personally Identifiable Information (PII) with these flashcards. This quiz will help you understand the requirements and privacy risks organizations face in managing PII, as outlined in version 4.0, 2022. Boost your privacy assessment skills and awareness.
Recommended next
21 questions ready
Start with a quiz
Answer from memory first, then use the existing quiz review flow for anything you miss.
Activities
Quiz21 Questions
Flashcards17 Cards
Study Notes1 Note
Podcast1 Episode
Modules
Learn in sequence
Start with the earlier modules and work forward. Each one builds on the last, so the course gets more advanced as you go.
Identifying and Safeguarding PII V4.0 Flashcards
Quiz • 21 Questions
Identifying and Safeguarding PII V4.0 Flashcards - Flashcards
Flashcards • 17 Cards
Study Notes
2 min • Summary
Identifying and Safeguarding PII V4.0 Flashcards - Podcast
Podcast
Materials
List of Questions21 questions
- Question 1
- Analyze how an organization handles information to ensure it satisfies requirements
- Mitigate privacy risks
- Determine the risks of collecting, using, maintaining, and disseminating PII on electronic information systems
- All of the above
- Question 2
- True
- False
- Question 3
- The Privacy Act of 1974
- The Freedom of Information Act (FOIA)
- OMB Memorandum M-17-12: Preparing for and responding to a breach of PII
- DOD 5400.11-R: DOD Privacy Program
- Question 4
- Social Security Number
- Driver's License Number
- Pet's nickname
- Fingerprints
- Question 5
- The individual has requested that their record be disclosed
- The record is disclosed for a new purpose that is not specified in the SORN
- The record is disclosed for routine use
- These are all permitted disclosures
- Question 6
- When an organization collects PII from existing information systems and electronic collections for which no PIA was previously completed, or for new information systems or electronic collections.
- Question 7
- When the information system or electronic collection does not collect, maintain, or disseminate PII, is a national security system, or is solely paper-based.
- Question 8
- 12 hours
- 24 hours
- 1 hour
- 48 hours
- Question 9
- True
- False
- Question 10
- True
- False
- Question 11
- Criminal penalties
- Neither civil nor criminal penalties
- Civil penalties
- Both civil and criminal penalties
- Question 12
- True
- False
- Question 13
- DOD 5400.11-R: DOD Privacy Program
- The Privacy Act of 1974
- The Freedom of Information Act (FOIA)
- OMB Memorandum M-17-12: Preparing for and responding to a breach of PII
- Question 14
- Point of contact for affected individuals
- Whether the information was encrypted or otherwise protected
- What happened, date of breach, and discovery
- Articles and other media reporting the breach
- Question 15
- True
- False
- Question 16
- True
- False
- Question 17
- True
- False
- Question 18
- Federal Register
- SORNs are for internal reference only, and don't need to be filed with a third party
- National Archives and Records Administration
- Congress
- Question 19
- Organizations are not required to report to Congress
- Year
- Five years
- Six Months
- Question 20
- Mark the document CUI and deliver it without the cover sheet
- Mark the document as sensitive and deliver it without the cover sheet
- Mark the document CUI and wait to deliver it until she has the cover sheet
- None of the above; provided she is delivering it by hand, it does not require a cover sheet or markings
- Question 21
- Public Health Informatics
- Protected Health Information
- Public Health Intelligence
- Public Health Institute
List of Flashcards17 flashcards
- Card 1HintThink about evaluating privacy implications.Memory TipPIA: Protecting Information Always
- Card 2HintSomeone steals your personal data.Memory TipStolen PII can lead to stolen identity.
- Card 3HintGuidance after a PII breach.Memory TipM-17-12: Remember breach control.
- Card 4HintData unique to an individual.Memory TipPII: Personal, Identifying Info
- Card 5HintUsing PII for an unapproved reason.Memory TipNew purpose = Needs new SORN.
- Card 6HintWhen is a PIA needed?Memory TipNew system? Do a PIA!
- Card 7HintWhen is a PIA not needed?Memory TipNo PII, No PIA!
- Card 8HintHow fast to report a breach?Memory TipOne hour to report!
- Card 9HintUtilizing SSNs improperly.Memory TipDon't use SSNs for tracking!
- Card 10HintHow do you securely discard PII?Memory TipShred it to protect it!
- Card 11HintWhat happens when info is wrong?Memory TipIncorrect info = Fines!
- Card 12HintWhat's not included in a breach notification?Memory TipExclude media reports from breach data.
- Card 13HintWhat's the risk of misusing PII?Memory TipMisuse PII, face the law!
- Card 14HintWhere are SORNs stored?Memory TipSORNs: Federally Registered
- Card 15HintHow often to report PII status?Memory TipReport PII yearly.
- Card 16HintCorrect processing for a mislabeled documentMemory TipNo correct cover page? Do not deliver!
- Card 17HintWhat does PHI stand for?Memory TipPHI: Protect Health data