18 Questions
What is considered 'personal information' according to the Act?
Any information that can be used to identify an individual directly.
What is necessary for the collection of personal data?
Both the customer's proper consent and the company's legitimate reason for collection.
What is the responsibility of companies in protecting customer information?
To protect customer information from collection to disposal, regardless of the customer's request.
What is required for the data subject's consent to be considered valid?
The consent must be freely given, specific, and informed.
What is the scope of the Act's application?
The Act applies to any process of personal data by anyone in government or private sectors.
What is the purpose of the Act's requirement for personal data to be relevant and used solely for its intended purpose?
To ensure that personal data is used for its intended purpose and not for any other purpose.
What does authentication primarily deal with?
Ensuring an individual's identity
What is the primary focus of information ethics?
Agreeing on standards for right and wrong behavior in IT
What is a unique attribute of information systems addressed by information ethics?
Separation of act from consequences
What is the primary purpose of the Fair Credit Reporting Act of 1970?
Controlling the operations of credit-reporting bureaus
What is a key aspect of business ethics in the context of information systems?
Developing a code of morals for a particular profession
What is a challenge to information ethics in the context of computer crime?
Would-be criminals often need help to misbehave
What information must be provided to the data subject according to the Data Privacy Act?
Method of access, identity and contact details of the personal information controller, duration of storage, reason for use, and their rights
What is the penalty for non-compliance with the Data Privacy Act?
Imprisonment up to six years and a fine of not less than Five hundred thousand pesos (PHP 500,000)
What is one of the requirements for compliance with the Data Privacy Act?
Appointing a Data Protection Officer, conducting a privacy impact assessment, and exercising a breach reporting procedure
Which of the following is a right of the data subject under the 1987 Constitution of the Republic of the Philippines?
Right to freedom of expression and privacy of communication and correspondence
What is the purpose of the 'Great Firewall of China'?
To control the access to the Internet
What happens to evidence obtained in violation of the right to privacy of communication and correspondence?
It is inadmissible for any purpose in any proceeding
Test your knowledge of information security principles, including authentication and nonrepudiation, and learn about the role of ethics in business and systems.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free