Question: An organization that fails to protect PII can face consequences including
Answer: All of the Above
Question: True or False?
Information that can be combined with other information to link solely to an individual is considered PII.
Answer: True
Question: Which of the following is NOT a permitted disclosure of PII contained in a system of records?
Answer: The purpose is disclosed with a new purpose that is not encompassed by SORN
Question: What guidance identifies federal information security controls?
Answer: OMB Memorandum M-17-12
Question: Which of the following must Privacy Impact Assessments (PIAs) do?
Answer: All of the Above
Question: What regulation governs the DoD Privacy Program?
Answer: DoD 5400.11-R: DoD Privacy Program
Question: What law establishes the federal government’s legal responsibility for safeguarding PII?
Answer: Privacy Act of 1974
Question: What law establishes the public’s right to access federal government information?
Answer: FOIA
Question: No disclosure of a record in a system of records unless:
Answer: The individual to whom the record pertains:
– submits a written request
– has given prior written consent
OR
Includes “routine use” of records, as defined in the SORN
Question: Your coworker was teleworking when the agency e-mail system shut down. She had an urgent deadline so she sent you an encrypted set of records containing PII from her personal e-mail account. Is this compliant with PII safeguarding procedures?
Answer: No