PII Flashcards

Questions and Answers

What does PII stand for?

Personally Identifiable Information

What is PII?

Information that can be used on its own, or with other information, to identify, contact, or locate a single person.

What does PHI stand for?

Protected Health Information

What is the Risk Formula?

Threat X Vulnerability X Impact Signup and view all the answers

What is risk management?

The process of identifying risk, assessing risk, and taking steps to reduce risk to an acceptable level. Signup and view all the answers

What is quantitative risk assessment?

Trying to map a dollar amount to each specific risk. Signup and view all the answers

What is qualitative risk assessment?

Assigning a risk level such as low, medium, or high to each specific risk. Signup and view all the answers

What does APT stand for?

Advanced Persistent Threat Signup and view all the answers

What is an APT?

A network attack where an unauthorized person gains access to a network and stays undetected for a long time. Signup and view all the answers

What is risk acceptance?

A common option when the cost of other risk management options outweighs the cost of the risk itself. Signup and view all the answers

What is risk avoidance?

The action that avoids any exposure to the risk. Signup and view all the answers

What is risk limitation?

Limits a company's risk exposure by taking some action. Signup and view all the answers

What is risk transfer?

The transference of risk to a willing third party, such as an insurance company. Signup and view all the answers

Study Notes

PII Overview

PII stands for Personally Identifiable Information, crucial for identifying individuals.
PII can be used alone or combined with other data to identify, contact, or locate an individual.

Health Information

PHI stands for Protected Health Information, a type of PII specifically related to health data.

Risk Management Fundamentals

The risk formula is defined as Threat X Vulnerability X Impact, used to evaluate potential risks.
Risk management encompasses identifying risks, assessing their magnitude, and implementing strategies to mitigate them to an acceptable level.

Risk Assessment Types

Quantitative risk assessment assigns a dollar value to specific risks, aiding in financial evaluation.
Qualitative risk assessment categorizes risks into levels such as low, medium, or high, focusing on degree rather than financial impact.

Advanced Persistent Threats (APTs)

APT stands for Advanced Persistent Threat, denoting prolonged, unauthorized network attacks.
An APT enables intruders to gain long-term access to computer systems without detection.

Risk Management Strategies

Risk acceptance is when a decision is made to tolerate a risk when its management costs exceed the potential loss.
Risk avoidance entails eliminating exposure to risks, often leading to the highest costs in risk mitigation.
Risk limitation blends acceptance and avoidance strategies to reduce overall risk exposure.
Risk transfer involves shifting risk responsibility to a third party, commonly through insurance arrangements.

Description

Test your knowledge of Personally Identifiable Information (PII) with these flashcards. Each card provides definitions and examples to help reinforce your understanding of PII and related concepts. Perfect for anyone looking to learn more about privacy and data protection.