Identifying and Safeguarding PII v4.0 - Questions and Answers Where is a System of Records Notice (SORN) filed? A. National Archives and Records
... [Show More] Administration B. Congress C. Federal Register D. SORNs are for internal reference only, and don't need to be filed with a third party. Organizations must report to Congress the status of their PII holdings every: A. Six Months B. Year C. Five years D. Organizations are not required to report to Congress Jane Student is delivering a document that contains PII, but she cannot find the correct cover sheet. She should: A. Mark the document CUI and deliver it without the cover sheet. B. Mark the document as sensitive and deliver it without the cover sheet. C. Mark the document CUI and wait to deliver it until she has the cover sheet. D. None of the above; provided she is delivering it by hand, it does not require a cover sheet or markings. The acronym PHI, in this context, refers to: A. Protected Health Information B. Public Health Institute C. Public Health Informatics D. Public Health Intelligence Organizations that fail to maintain accurate, relevant, timely, and complete information may be subject to which of the following? A. Neither civil nor criminal penalties B. civil penalties C. criminal penalties D. both civil and criminal penalties Which regulation governs the DoD Privacy Program? A. The Freedom of Information Act (FOIA) B. The Privacy Act of 1974 C. OMB Memorandum M-17-12: Preparing for and responding to a breach of PII D. DOD 5400.11-R: DOD Privacy Program Which of the following is NOT included in a breach notification? A. Articles and other media reporting the breach. B. What happened, date of breach, and discovery. C. Point of contact for affected individuals. D. Whether the information was encrypted or otherwise protected. Which of the following must Privacy Impact Assessments (PIAs) do? A. Analyze how an organization handles information to ensure it satisfies requirements B. mitigate privacy risks C. determine the risks of collecting, using, maintaining, and disseminating PII on electronic information systems. D. all of the above True or False? An Individual whose PII has been stolen is susceptible to identity theft, fraud, and other damage. True What / Which guidance identifies federal information security controls? A. The Freedom of Information Act (FOIA) B. The Privacy Act of 1974 C. OMB Memorandum M-17-12: Preparing for and responding to a breach of PII D. DOD 5400.11-R: DOD Privacy Program [Show Less]