IAPP CIPP / US Certified Information Privacy Professional Study Guide

IAPP CIPP / US Certified Information Privacy Professional Study Guide

Chapple, Mike; Shelley, Joe

John Wiley & Sons Inc

12/2024

352

Mole

9781394284900

Pré-lançamento - envio 15 a 20 dias após a sua edição

Descrição não disponível.
Contents

Introduction xix

Assessment Test xxix

Chapter 1 Privacy in the Modern Era 1

Introduction to Privacy 2

What Is Privacy? 3

What Is Personal Information? 4

What Isn't Personal Information? 5

Why Should We Care About Privacy? 7

Generally Accepted Privacy Principles 8

Management 9

Notice 9

Choice and Consent 10

Collection 10

Use, Retention, and Disposal 11

Access 11

Disclosure to Third Parties 12

Security for Privacy 12

Quality 14

Monitoring and Enforcement 14

Developing a Privacy Program 15

Crafting Strategy, Goals, and Objectives 15

Appointing a Privacy Official 16

Privacy Roles 17

Building Inventories 18

Conducting a Privacy Assessment 18

Implementing Privacy Controls 20

Ongoing Operation and Monitoring 20

Online Privacy 20

Privacy Notices 21

Privacy and Cybersecurity 21

Cybersecurity Goals 22

Relationship Between Privacy and Cybersecurity 23

Privacy by Design 24

Summary 25

Exam Essentials 25

Review Questions 27

Chapter 2 Legal Environment 31

Branches of Government 32

Legislative Branch 32

Executive Branch 33

Judicial Branch 34

Understanding Laws 36

Sources of Law 36

Analyzing a Law 41

Legal Concepts 43

Legal Liability 44

Torts and Negligence 45

Summary 46

Exam Essentials 46

Review Questions 48

Chapter 3 Regulatory Enforcement 53

Federal Regulatory Authorities 54

Federal Trade Commission 54

Federal Communications Commission 60

Department of Commerce 61

Department of Health and Human Services 61

Banking Regulators 62

Department of Education 63

State Regulatory Authorities 63

Self-Regulatory Programs 64

Payment Card Industry 65

Advertising 65

Trust Marks 66

Safe Harbors 66

Summary 67

Exam Essentials 68

Review Questions 69

Chapter 4 Information Management 73

Data Governance 74

Building a Data Inventory 74

Data Classification 75

Data Flow Mapping 77

Data Lifecycle Management 78

Workforce Training 79

Cybersecurity Threats 80

Threat Actors 81

Incident Response 86

Phases of Incident Response 86

Preparation 87

Detection and Analysis 88

Containment, Eradication, and Recovery 88

Post-incident Activity 88

Building an Incident Response Plan 90

Data Breach Notification 92

Vendor Management 93

Summary 94

Exam Essentials 95

Review Questions 97

Chapter 5 Private Sector Data Collection 101

FTC Privacy Protection 103

General FTC Privacy Protection 103

The Children's Online Privacy Protection Act (COPPA) 104

Future of Federal Enforcement 107

Medical Privacy 110

The Health Insurance Portability and Accountability

Act (HIPAA) 111

The Health Information Technology for Economic and

Clinical Health Act 119

The 21st Century Cures Act 120

Confidentiality of Substance Use Disorder Patient

Records Rule 121

Financial Privacy 122

Privacy in Credit Reporting 122

Gramm-Leach-Bliley Act (GLBA) 125

Red Flags Rule 129

Consumer Financial Protection Bureau 130

Educational Privacy 131

Family Educational Rights and Privacy Act (FERPA) 131

Telecommunications and Marketing Privacy 132

Telephone Consumer Protection Act (TCPA) and

Telemarketing Sales Rule (TSR) 133

The Junk Fax Prevention Act (JFPA) 136

Controlling the Assault of Non-solicited Pornography

and Marketing (CAN-SPAM) Act 136

Telecommunications Act and Customer Proprietary

Network Information 138

Cable Communications Policy Act 139

Video Privacy Protection Act (VPPA) of 1988 140

Driver's Privacy Protection Act (DPPA) 141

Digital Advertising and Data Ethics 142

Web Scraping 143

Summary 143

Exam Essentials 144

Review Questions 146

Chapter 6 Government and Court Access to Private Sector

Information 151

Law Enforcement and Privacy 152

Access to Financial Data 153

Access to Communications 157

National Security and Privacy 162

Foreign Intelligence Surveillance Act (FISA) of 1978 162

FISA Amendments Act Section 702 164

USA-PATRIOT Act 165

The USA Freedom Act of 2015 167

The Cybersecurity Information Sharing Act of 2015 168

Civil Litigation and Privacy 169

Compelled Disclosure of Media Information 170

Electronic Discovery 171

Summary 173

Exam Essentials 173

Review Questions 175

Chapter 7 Workplace Privacy 179

Introduction to Workplace Privacy 180

Workplace Privacy Concepts 180

U.S. Agencies Regulating Workplace Privacy Issues 181

U.S. Antidiscrimination Laws 182

Privacy Before, During, and After Employment 185

Automated Employment Decision Tools 186

Employee Background Screening 186

Employee Monitoring 190

Investigation of Employee Misconduct 194

Termination of the Employment Relationship 196

Summary 197

Exam Essentials 198

Review Questions 200

Chapter 8 State Privacy Laws 205

Federal vs. State Authority 206

Elements of State Privacy Laws 207

Applicability 207

Data Subject Rights 208

Privacy Notice Requirements 209

Data Protection 209

Enforcement 211

Data Breach Notification 212

Elements of State Data Breach Notification Laws 212

Key Differences Among States 214

Significant Developments 215

Other Recent Updates to State Breach Notification Laws 218

Comprehensive State Privacy Laws 220

California Consumer Privacy Act (2018) and

California Privacy Rights Act (2020) 220

Virginia Consumer Data Protection Act 223

Colorado Privacy Act 226

Connecticut Data Privacy Act 229

Utah 231

Florida 232

Oregon 234

Texas 237

Montana 239

Subject-Specific State Privacy Laws 241

Health and Genetic Information 241

Online Privacy 243

Biometric Information Privacy Regulations 247

AI and Automated Decision-Making 249

Data Brokers 250

Financial Privacy 251

California Financial Information Privacy Act 252

Recent Developments 253

Marketing Laws 254

Summary 255

Exam Essentials 256

Review Questions 258

Chapter 9 International Privacy Regulation 263

International Data Transfers 264

European Union General Data Protection Regulation 265

Adequacy Decisions 268

Binding Corporate Rules 272

Standard Contractual Clauses 273

Other Approved Transfer Mechanisms 273

APEC Privacy Framework 274

Cross-Border Enforcement Issues 276

Global Privacy Enforcement Network 276

Resolving Multinational Compliance Conflicts 276

Summary 277

Exam Essentials 277

Review Questions 279

Appendix Answers to Review Questions 283

Chapter 1: Privacy in the Modern Era 284

Chapter 2: Legal Environment 285

Chapter 3: Regulatory Enforcement 287

Chapter 4: Information Management 289

Chapter 5: Private Sector Data Collection 291

Chapter 6: Government and Court Access to Private Sector

Information 293

Chapter 7: Workplace Privacy 294

Chapter 8: State Privacy Laws 296

Chapter 9: International Privacy Regulation 298

Index 301
Este título pertence ao(s) assunto(s) indicados(s). Para ver outros títulos clique no assunto desejado.
certified information privacy professional exam prep; cipp exam prep; certified information privacy professional test prep; cipp test prep; cipp/us prep; cipp/us exam; cipp/us test prep; cipp/us study guide; cipp/us exam preparation; Mike Chapple; CertMike