Personally Identifiable Information (PII) v5.0

Information that can be combined with other information to link solely to an individual is considered PII
True or False

True

Where is a System of Records Notice (SORN) filed?
A. National Archives and Records Administration
B. Congress
C. Federal Register
D. SORNs are for internal reference only, and don't need to be filed with a third party.

C. Federal Register

Using a social security number to track individuals' training requirements is an acceptable use of PII.
True or False

False

Which law establishes the federal governments legal responsibility for safeguarding PII?
A. DoD 5400.11-R: DoD Privacy Program
B. FOIA
C. OMB-M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information
D. The Privacy Act of 1974

D. The Privacy Act of 1974

A PIA is required if your system for storing PII is entirely on paper.
True or False

False

Misuse of PII can result in legal liability of the organization.
True or False

True

Which regulation governs the DoD Privacy Program?
A. DoD 5400.11-R: DoD Privacy Program
B. FOIA
C. OMB-M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information
D. The Privacy Act of 1974

A. DoD 5400.11-R: DoD Privacy Program

Exceptions that allow for the disclosure of PII include:
A. When the Freedom of Information Act requires disclosure of the information.
B. To the Census Bureau for a survey.
C. To a law enforcement agency conducting a civil investigation.
D. For a routine use that had been previously identified and registered.
E. All of the above.
F. A, B, and C

E. All of the above.

The acronym PHI, in this context, refers to:
A. Protected Health Information
B. Public Health Institute
C. Public Health Informatics
D. Public Health Intelligence

A. Protected Health Information

Which type of safeguarding measure involves restricting PII access to people with a need-to-know?
A. Administrative
B. Physical
C. Technical
D. All of the above

A. Administrative