CHAPTER 3 ITM

Chapter 3 

American Recovery and Reinvestment Act Title XIII

Includes strong privacy provisions for electronic health records (EHRs), including banning the sale of health information, promoting the use of audit trails and encryption, providing rights of access for patients, and mandating that each individual whose health information has been exposed be notified within 60 days after discovery of a data breach.

anonymous expression

The expression of opinions by people who do not reveal their identity.

Children’s Online Privacy Protection Act (COPPA)

States that any Web site that caters to children must offer comprehensive privacy policies, notify parents or guardians about its data collection practices, and receive parental consent before collecting any personal information from children under 13 years of age.

Defamation

The making of either an oral or a written statement of alleged fact that is false and that harms another person.

Ethics

A statement of the principles and core values that that an organization wishes to develop in its leaders and members.

Fair and Accurate Credit Transactions Act

Allows consumers to request and obtain a free credit report once each year from each of the three primary consumer credit reporting companies (Equifax, Experian, and TransUnion).

Fair Credit Reporting Act

Regulates the operations of credit-reporting bureaus, including how they collect, store, and use credit information.

fair information practices

A term for a set of guidelines that govern the collection and use of personal data.

fake news

A false story that is presented as being factually accurate and appears to be news.

Family Educational Rights and Privacy Act (FERPA)

Assigns certain rights to parents regarding their children’s educational records.

First Amendment

Protects Americans’ rights to freedom of religion, freedom of expression, and freedom to assemble peaceably.

Fourth Amendment

Protects us from illegal searches and seizures.

General Data Protection Regulation (GDPR)

A set of data privacy requirements that apply across the European Union and apply as well to organizations that market to or process information of EU end users, customers, or employees.

hate speech

Persistent or malicious harassment aimed at a specific person.

Health Insurance Portability and Accountability Act (HIPAA)

Requires health care organizations to employ standardized electronic transactions, codes, and identifiers to enable them to fully digitize medical records, thus making it possible to exchange medical data over the Internet.

high-quality software systems

Systems that are easy to learn and use because they perform quickly and efficiently; they meet their users’ needs; and they operate safely and reliably so that system downtime is kept to a minimum.

Internet censorship

The control or suppression of the publishing or accessing of information on the Internet.

Internet filter

Software that can be used to block access to certain websites that contain material deemed inappropriate or offensive.

problem statement

A clear, concise description of the issue that needs to be addressed.

professional code of ethics

A statement of the principles and core values that an organization wishes to develop in its leaders and members.

Right to Financial Privacy Act

Protects the records of financial institutions’ customers from unauthorized scrutiny by the federal government.

safety-critical system

A system whose failure may cause human injury or death.

Section 230 of the CDA

Provides immunity to an Internet service provider (ISP) that publishes user-generated content, provided its actions do not rise to the level of a content provider.

software defect

Any error that, if not removed, could cause a software system to fail to meet its users’ needs or open a door for a cyberattacker.