Exam (elaborations)
CIPP Exam Prep.
- Course
- Institution
Exam of 35 pages for the course Biology 101 at Biology 101 (CIPP Exam Prep.)
[Show more]
Seller
Follow
modockochieng06
Content preview
CIPP Exam Prepwhistle-blowing - ANS-If illegal or improper activity is taking place within an
organization, employees may first observe it and report it to individuals with more
authority or an agency outside of the organization. In setting up procedures to make it
possible for an employee to report such activity, per laws in a variety of jurisdictions that
protect the rights of these so-called whistleblowers, an organization will want to be sure
that appropriate privacy safeguards are put in place.
Associated term(s): Whistleblower
Associated law(s): Sarbanes-Oxley Act
Web Trust - ANS-Created by the American Institute of Certified Public Accountants
(AICPA) and the Canadian Institute of Chartered Accountants (CICA). It is a
self-regulating seal program which licenses qualifying certified public accountants.
Associated term(s): Seal Programs
Voice over Internet Protocol (VoIP) - ANS-A technology that allows telephone calls to be
made over a LAN or the Internet itself. Skype is a well-known example. VoIP poses the
same risk as network-connected PBX systems but also poses the additional risk of data
interception when such data travel over an unsecured connection. VoIP functionality
should be encrypted where possible and equipment monitored with intrusion-detection
systems.
Acronym(s): VoIP
Video Surveillance - ANS-Recordings that do not have sound.
Associated term(s): Video Surveillance Guidelines
Associated law(s): FISA
Value-Added Services - ANS-A telecommunications industry term for non-core services;
i.e., services beyond voice calls and fax transmissions. More broadly, the term is used in
the service sector to refer to services, which are available at little or no cost, and
promote their primary business. For mobile phones, while technologies like SMS, MMS
,and GPRS are usually considered value-added services, a distinction may also be
made between standard (peer-to-peer) content and premium-charged content. These
are called mobile value-added services (MVAS), which are often simply referred to as
VAS. Value-added services are supplied either in-house by the mobile network operator
themselves or by a third-party value-added service provider (VASP), also known as a
content provider (CP) such as Headline News or Reuters. VASPs typically connect to
the operator using protocols like short message peer-to-peer protocol (SMPP),
connecting either directly to the short message service centre (SMSC) or, increasingly,
to a messaging gateway that gives the operator better control of the content.
Associated term(s): MVAS, VASP
US Patriot Act - ANS-The Uniting and Strengthening America by Providing Appropriate
Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act of 2001 is
a broad-ranging act designed to counter terrorism that expanded U.S. law enforcement
authority to surveillance and capturing communications and records. Commonly
referred to as the Patriot Act.
Link to text of act: USA PATRIOT Act
The United States Department of Health, Education, and Welfare Fair Information
Practices Principle (1973) - ANS-A code of fair information practices that contains five
principles:
There must be no personal data record keeping systems whose very existence is
secret.
There must be a way for an individual to find out what information about him (or her) is
in a record and how it is used.
There must be a way for an individual to prevent information about him (or her) that was
obtained for one purpose from being used or made available for other purposes without
his (or her) consent.
There must be a way for an individual to correct or amend a record of identifiable
information about him (or her).
Any organization creating, maintaining, using or disseminating records of identifiable
personal data must assure the reliability of the data for their intended use and must take
precautions to prevent misuse of the data.
Link to text of: United States Department of Health, Education and Welfare Fair
Information Practice Principles (1973)
Associated term(s): HEW Principles; HEW Report, The
,Unfair Trade Practices - ANS-Commercial conduct that intentionally causes substantial
injury, without offsetting benefits, and that consumers cannot reasonably avoid.
Associated term(s): Deceptive Trade Practices
Associated law(s): U.S. Federal Trade Commission Act
U.S. Department of Labor (DOL) - ANS-A U.S. federal agency that oversees "the
welfare of the job seekers, wage earners and retirees of the United States by improving
their working conditions, advancing their opportunities for profitable employment,
protecting their retirement and healthcare benefits, helping employers find workers,
strengthening free collective bargaining and tracking changes in employment, prices
and other national economic measurements." To achieve this mission, the department
administers a variety of federal laws including, but not limited to, the Fair Labor
Standards Act (FLSA), the Occupational Safety and Health Act (OSHA) and the
Employee Retirement Income Security Act (ERISA).
Link to: U.S. Department of Labor
Link to text of act: Fair Labor Standards Act
Link to text of act: Occupational Safety and Health Act
Link to text of act: Employee Retirement Income Security Act
Acronym(s): DOL
Associated law(s): FLSA; ERISA, OSHA
Transparency - ANS-Taking appropriate measures to provide any information relating to
processing to the data subject in a concise, intelligible and easily accessible form, using
clear and plain language.
Transfer - ANS-The movement of personal data from one organization to another.
Territorial Privacy - ANS-One of the four classes of privacy, along with information
privacy, bodily privacy and communications privacy. It is concerned with placing
limitations on the ability of one to intrude into another individual's environment.
Environment is not limited to the home; it may be defined as the workplace or public
, space and environmental considerations can be extended to an international level.
Invasion into an individual's territorial privacy typically comes in the form of video
surveillance, ID checks and use of similar technology and procedures.
Associated term(s): Home Privacy
Telephone Consumer Protection Act of 1991 - ANS-The first enactment of laws limiting
unsolicited and automated telemarketing for both telephone and fax communications.
Most notably the act creates a private right of action for those receiving unsolicited
faxes, carrying a $500 fine per violation and any damages sustained because of the fax.
The Telephone Consumer Protection Act also gives rule-making authority to the Federal
Communications Commission, allowing it to make further regulations in this area.
Among other provisions, the act prevents faxing without consent from the recipient (this
requirement was amended by the Junk Fax Prevention Act of 2005 to not include
customers with an existing business relationship) and requires companies to create and
honor internal do-not-call registries (in 2003 the National Registry was created by the
Federal Trade Commission).
Link to text of law: Telephone Consumer Protection Act
Acronym: TCPA
Associated term(s): Junk Fax Prevention Act of 2005, Federal Communications
Commission, Federal Trade Commission
Substitute Notice - ANS-Most legislation recognizes that data breach notifications
involving thousands of impacted data subjects could place an undue financial burden on
the organization and therefore allow substitute notification methods. In Connecticut, for
example, "Substitute notice shall consist of the following: (A) Electronic mail notice
when the person, business or agency has an electronic mail address for the affected
persons; (B) conspicuous posting of the notice on the website of the person, business
or agency if the person maintains one, and (C) notification to major state-wide media,
including newspapers, radio and television."
Associated term(s): Data Breach
Substance Testing - ANS-A screening to identify drug use. Substance testing can be
used in a variety of settings such as preemployment, reasonable suspicion, routine
testing, post-accident testing or randomly.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller modockochieng06. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
77764 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now