Management > QUESTIONS & ANSWERS > Personally Identifiable Information (PII) v4.0 (All)

Personally Identifiable Information (PII) v4.0

Document Content and Description Below

Personally Identifiable Information (PII) v4.0 Which action requires an organization to carry out a Privacy Impact Assessment? A. Storing paper-based records B. Collecting PII to store in a new in... formation system C. Collecting any CUI. including but not limited to PII D. Collecting PII to store in a National Security System - ANS - B. Collecting PII to store in a new information system Which of the following is an example of a physical safeguard that individuals can use to protect PII? - ANS - All of the above What is the purpose of a Privacy Impact Assessment (PIA)? A. Determine whether paper-based records are stored securely B. Determine whether information must be disclosed according to the Freedom of Information Act (FOIA) C. Determine whether the collection and maintenance of PII is worth the risk to individuals D. Determine whether Protected Health Information (PHI) is held by a covered entity - ANS - C. Determine whether the collection and maintenance of PII is worth the risk to individuals T or F? Information that can be combined with other information to link solely to an individual is considered PII. - ANS - True What guidance identifies federal information security controls? A. DoD 5400.11-R: DoD Privacy Program B. The Freedom of Information Act (FOIA) C. OMB Memorandum M-17-12: Preparing for and Responding to a Breach of Personally Identifiable Information D. The Privacy Act of 1974 - ANS - C. OMB Memorandum M-17-12: Preparing for and Responding to a Breach of Personally Identifiable Information An organization that fails to protect PII can face consequences including: A. Remediation costs B. Loss of trust C. Legal liability D. All of the above - ANS - D. All of the above If someone tampers with or steals and individual's PII, they could be exposed to which of the following? A. Embarrassment B. Fraud C. Identity theft D. All of the above - ANS - D. All of the above Which of the following is NOT a permitted disclosure of PII contained in a system of records? a. The individual has requested that their record be disclosed. b. The record is disclosed for routine use. c. All permitted disclosures. d. The record is disclosed for a new purpose that is not specified in the SORN. - ANS - d. The record is disclosed for a new purpose that is not specified in the SORN. Which of the following is not an example of PII? [Show More]

Last updated: 2 years ago

Preview 1 out of 7 pages

Buy Now

Instant download

We Accept: