Op werkdagen voor 23:00 besteld, morgen in huis Gratis verzending vanaf €20
010-4091943
William Stallings Meer over William Stallings

Information Privacy Engineering and Privacy by Design

Understanding Privacy Threats, Technology, and Regulations Based on Standards and Best Practices
Specificaties
E-book, blz. | Engels
Pearson Education | 2019
ISBN13: 9780135278376
Rubricering
Pearson Education e druk, 2019 9780135278376
Verwachte levertijd ongeveer 9 werkdagen
68,19
In winkelwagen
 

Samenvatting

Organisations of all kinds are recognising the crucial importance of protecting privacy. Their customers, employees, and other stakeholders demand it. Today, failures to safeguard privacy can destroy organisational reputations — and even the organisations themselves. But implementing effective privacy protection is difficult, and there are few comprehensive resources for those tasked with doing so. In Information Privacy Engineering and Privacy by Design, renowned information technology author William Stallings brings together the comprehensive and practical guidance you need to succeed. Stallings shows how to apply today’s consensus best practices and widely-accepted standards documents in your environment, leveraging policy, procedures, and technology to meet legal and regulatory requirements and protect everyone who depends on you. Like Stallings’ other award-winning texts, this guide is designed to help readers quickly find the information and gain the mastery needed to implement effective privacy.
Coverage includes: Planning for privacy: approaches for managing and controlling the privacy control function; how to define your IT environment’s requirements; and how to develop appropriate policies and procedures for it Privacy threats: Understanding and identifying the full range of threats to privacy in information collection, storage, processing, access, and dissemination Information privacy technology: Satisfying the privacy requirements you’ve defined by using technical controls, privacy policies, employee awareness, acceptable use policies, and other techniques Legal and regulatory requirements: Understanding GDPR as well as the current spectrum of U.S. privacy regulations, with insight for mapping regulatory requirements to IT actions

The full text downloaded to your computer

With eBooks you can: search for key concepts, words and phrases make highlights and notes as you study share your notes with friends

eBooks are downloaded to your computer and accessible either offline through the Bookshelf (available as a free download), available online and also via the iPad and Android apps.

Upon purchase, you will receive via email the code and instructions on how to access this product.

Time limit

The eBooks products do not have an expiry date. You will continue to access your digital ebook products whilst you have your Bookshelf installed.

Specificaties

ISBN13:9780135278376
Taal:Engels
Bindwijze:e-book
Uitgever:Pearson Education

Inhoudsopgave

Preface&nbsp;&nbsp;&nbsp;&nbsp; xxii <br> PART I:&nbsp; OVERVIEW&nbsp;&nbsp;&nbsp;&nbsp; 1<br>Chapter 1:&nbsp; Security and Cryptography Concepts&nbsp;&nbsp;&nbsp;&nbsp; 2 <br>1.1 Cybersecurity, Information Security, and Network Security&nbsp;&nbsp;&nbsp;&nbsp; 2 <br>&nbsp;&nbsp;&nbsp; Security Objectives&nbsp;&nbsp;&nbsp;&nbsp; 3 <br>&nbsp;&nbsp;&nbsp; The Challenges of Information Security&nbsp;&nbsp;&nbsp;&nbsp; 5 <br>1.2 Security Attacks&nbsp;&nbsp;&nbsp;&nbsp; 6 <br>&nbsp;&nbsp;&nbsp; Passive Attacks&nbsp;&nbsp;&nbsp;&nbsp; 8 <br>&nbsp;&nbsp;&nbsp; Active Attacks&nbsp;&nbsp;&nbsp;&nbsp; 8 <br>1.3 Security Services&nbsp;&nbsp;&nbsp;&nbsp; 10 <br>&nbsp;&nbsp;&nbsp; Authentication&nbsp;&nbsp;&nbsp;&nbsp; 10 <br>&nbsp;&nbsp;&nbsp; Access Control&nbsp;&nbsp;&nbsp;&nbsp; 11 <br>&nbsp;&nbsp;&nbsp; Data Confidentiality&nbsp;&nbsp;&nbsp;&nbsp; 11 <br>&nbsp;&nbsp;&nbsp; Data Integrity&nbsp;&nbsp;&nbsp;&nbsp; 11 <br>&nbsp;&nbsp;&nbsp; Nonrepudiation&nbsp;&nbsp;&nbsp;&nbsp; 12 <br>&nbsp;&nbsp;&nbsp; Availability Service&nbsp;&nbsp;&nbsp;&nbsp; 12 <br>1.4 Security Mechanisms&nbsp;&nbsp;&nbsp;&nbsp; 12 <br>1.5 Cryptographic Algorithms&nbsp;&nbsp;&nbsp;&nbsp; 13 <br>&nbsp;&nbsp;&nbsp; Keyless Algorithms&nbsp;&nbsp;&nbsp;&nbsp; 14 <br>&nbsp;&nbsp;&nbsp; Single-Key Algorithms&nbsp;&nbsp;&nbsp;&nbsp; 14 <br>&nbsp;&nbsp;&nbsp; Two-Key Algorithms&nbsp;&nbsp;&nbsp;&nbsp; 15 <br>1.6 Symmetric Encryption&nbsp;&nbsp;&nbsp;&nbsp; 15 <br>1.7 Asymmetric Encryption&nbsp;&nbsp;&nbsp;&nbsp; 17 <br>1.8 Cryptographic Hash Functions&nbsp;&nbsp;&nbsp;&nbsp; 20 <br>1.9 Digital Signatures&nbsp;&nbsp;&nbsp;&nbsp; 22 <br>1.10 Practical Considerations&nbsp;&nbsp;&nbsp;&nbsp; 23 <br>&nbsp;&nbsp;&nbsp; Selection of Cryptographic Algorithms and Key Lengths&nbsp;&nbsp;&nbsp;&nbsp; 23 <br>&nbsp;&nbsp;&nbsp; Implementation Considerations&nbsp;&nbsp;&nbsp;&nbsp; 24 <br>&nbsp;&nbsp;&nbsp; Lightweight Cryptographic Algorithms&nbsp;&nbsp;&nbsp;&nbsp; 24 <br>&nbsp;&nbsp;&nbsp; Post-Quantum Cryptographic Algorithms&nbsp;&nbsp;&nbsp;&nbsp; 25 <br>1.11 Public-Key Infrastructure&nbsp;&nbsp;&nbsp;&nbsp; 25 <br>&nbsp;&nbsp;&nbsp; Public-Key Certificates&nbsp;&nbsp;&nbsp;&nbsp; 25 <br>&nbsp;&nbsp;&nbsp; PKI Architecture&nbsp;&nbsp;&nbsp;&nbsp; 27 <br>1.12 Network Security&nbsp;&nbsp;&nbsp;&nbsp; 29 <br>&nbsp;&nbsp;&nbsp; Communications Security&nbsp;&nbsp;&nbsp;&nbsp; 29 <br>&nbsp;&nbsp;&nbsp; Device Security&nbsp;&nbsp;&nbsp;&nbsp; 30 <br>1.13 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 30 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 30 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 31 <br>1.14 References&nbsp;&nbsp;&nbsp;&nbsp; 31 <br> Chapter 2:&nbsp; Information Privacy Concepts&nbsp;&nbsp;&nbsp;&nbsp; 32 <br>2.1 Key Privacy Terminology&nbsp;&nbsp;&nbsp;&nbsp; 32 <br>2.2 Privacy by Design&nbsp;&nbsp;&nbsp;&nbsp; 35 <br>&nbsp;&nbsp;&nbsp; Privacy by Design Principles&nbsp;&nbsp;&nbsp;&nbsp; 35 <br>&nbsp;&nbsp;&nbsp; Requirements and Policy Development&nbsp;&nbsp;&nbsp;&nbsp; 37 <br>&nbsp;&nbsp;&nbsp; Privacy Risk Assessment&nbsp;&nbsp;&nbsp;&nbsp; 37 <br>&nbsp;&nbsp;&nbsp; Privacy and Security Control Selection&nbsp;&nbsp;&nbsp;&nbsp; 39 <br>&nbsp;&nbsp;&nbsp; Privacy Program and Integration Plan&nbsp;&nbsp;&nbsp;&nbsp; 40 <br>2.3 Privacy Engineering&nbsp;&nbsp;&nbsp;&nbsp; 41 <br>&nbsp;&nbsp;&nbsp; Privacy Implementation&nbsp;&nbsp;&nbsp;&nbsp; 44 <br>&nbsp;&nbsp;&nbsp; System Integration&nbsp;&nbsp;&nbsp;&nbsp; 44 <br>&nbsp;&nbsp;&nbsp; Privacy Testing and Evaluation&nbsp;&nbsp;&nbsp;&nbsp; 45 <br>&nbsp;&nbsp;&nbsp; Privacy Auditing and Incident Response&nbsp;&nbsp;&nbsp;&nbsp; 45 <br>2.4 Privacy and Security&nbsp;&nbsp;&nbsp;&nbsp; 46 <br>&nbsp;&nbsp;&nbsp; Areas of Overlap Between Security and Privacy&nbsp;&nbsp;&nbsp;&nbsp; 46 <br>&nbsp;&nbsp;&nbsp; Trade-Offs Between Security and Privacy&nbsp;&nbsp;&nbsp;&nbsp; 48 <br>2.5 Privacy Versus Utility&nbsp;&nbsp;&nbsp;&nbsp; 48 <br>2.6 Usable Privacy&nbsp;&nbsp;&nbsp;&nbsp; 49 <br>&nbsp;&nbsp;&nbsp; Users of Privacy Services and Functions&nbsp;&nbsp;&nbsp;&nbsp; 50 <br>&nbsp;&nbsp;&nbsp; Usability and Utility&nbsp;&nbsp;&nbsp;&nbsp; 50 <br>2.7 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 50 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 50 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 51 <br>2.8 References&nbsp;&nbsp;&nbsp;&nbsp; 51 <br> PART II:&nbsp; PRIVACY REQUIREMENTS AND THREATS&nbsp;&nbsp;&nbsp;&nbsp; 53<br>Chapter 3:&nbsp; Information Privacy Requirements and Guidelines&nbsp;&nbsp;&nbsp;&nbsp; 54 <br>3.1 Personally Identifiable Information and Personal Data&nbsp;&nbsp;&nbsp;&nbsp; 55 <br>&nbsp;&nbsp;&nbsp; Sources of PII&nbsp;&nbsp;&nbsp;&nbsp; 57 <br>&nbsp;&nbsp;&nbsp; Sensitivity of PII&nbsp;&nbsp;&nbsp;&nbsp; 58 <br>3.2 Personal Information That Is Not PII&nbsp;&nbsp;&nbsp;&nbsp; 59 <br>3.3 Fair Information Practice Principles&nbsp;&nbsp;&nbsp;&nbsp; 63 <br>3.4 Privacy Regulations&nbsp;&nbsp;&nbsp;&nbsp; 66 <br>&nbsp;&nbsp;&nbsp; European Union&nbsp;&nbsp;&nbsp;&nbsp; 66 <br>&nbsp;&nbsp;&nbsp; U.S. Privacy Laws and Regulations&nbsp;&nbsp;&nbsp;&nbsp; 67 <br>3.5 Privacy Standards&nbsp;&nbsp;&nbsp;&nbsp; 68 <br>&nbsp;&nbsp;&nbsp; International Organization for Standardization (ISO)&nbsp;&nbsp;&nbsp;&nbsp; 69 <br>&nbsp;&nbsp;&nbsp; National Institute of Standards and Technology&nbsp;&nbsp;&nbsp;&nbsp; 77 <br>3.6 Privacy Best Practices&nbsp;&nbsp;&nbsp;&nbsp; 88 <br>&nbsp;&nbsp;&nbsp; Information Security Forum (ISF)&nbsp;&nbsp;&nbsp;&nbsp; 88 <br>&nbsp;&nbsp;&nbsp; Cloud Security Alliance (CSA)&nbsp;&nbsp;&nbsp;&nbsp; 90 <br>3.7 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 91 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 91 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 91 <br>3.8 References&nbsp;&nbsp;&nbsp;&nbsp; 92 <br> Chapter 4:&nbsp; Information Privacy Threats and Vulnerabilities&nbsp;&nbsp;&nbsp;&nbsp; 94 <br>4.1 The Evolving Threat Environment&nbsp;&nbsp;&nbsp;&nbsp; 95 <br>&nbsp;&nbsp;&nbsp; Overall Impact of Advances in Technology&nbsp;&nbsp;&nbsp;&nbsp; 95 <br>&nbsp;&nbsp;&nbsp; Repurposing Collected Data&nbsp;&nbsp;&nbsp;&nbsp; 96 <br>&nbsp;&nbsp;&nbsp; Means of Collection of PII&nbsp;&nbsp;&nbsp;&nbsp; 96 <br>4.2 Privacy Threat Taxonomy&nbsp;&nbsp;&nbsp;&nbsp; 97 <br>&nbsp;&nbsp;&nbsp; Information Collection&nbsp;&nbsp;&nbsp;&nbsp; 98 <br>&nbsp;&nbsp;&nbsp; Information Processing&nbsp;&nbsp;&nbsp;&nbsp; 98 <br>&nbsp;&nbsp;&nbsp; Information Dissemination&nbsp;&nbsp;&nbsp;&nbsp; 98 <br>&nbsp;&nbsp;&nbsp; Invasions&nbsp;&nbsp;&nbsp;&nbsp; 99 <br>4.3 NIST Threat Model&nbsp;&nbsp;&nbsp;&nbsp; 100 <br>4.4 Threat Sources&nbsp;&nbsp;&nbsp;&nbsp; 105 <br>4.5 Identifying Threats&nbsp;&nbsp;&nbsp;&nbsp; 106 <br>4.6 Privacy Vulnerabilities&nbsp;&nbsp;&nbsp;&nbsp; 108 <br>&nbsp;&nbsp;&nbsp; Vulnerability Categories&nbsp;&nbsp;&nbsp;&nbsp; 108 <br>&nbsp;&nbsp;&nbsp; Location of Privacy Vulnerabilities&nbsp;&nbsp;&nbsp;&nbsp; 109 <br>&nbsp;&nbsp;&nbsp; National Vulnerability Database and Common Vulnerability Scoring System&nbsp;&nbsp;&nbsp;&nbsp; 110 <br>4.7 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 114 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 114 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 115 <br>4.8 References&nbsp;&nbsp;&nbsp;&nbsp; 116 <br> PART III:&nbsp; TECHNICAL SECURITY CONTROLS FOR PRIVACY&nbsp;&nbsp;&nbsp;&nbsp; 117<br>Chapter 5:&nbsp; System Access&nbsp;&nbsp;&nbsp;&nbsp; 118 <br>5.1 System Access Concepts&nbsp;&nbsp;&nbsp;&nbsp; 119 <br>&nbsp;&nbsp;&nbsp; Privileges&nbsp;&nbsp;&nbsp;&nbsp; 119 <br>&nbsp;&nbsp;&nbsp; System Access Functions&nbsp;&nbsp;&nbsp;&nbsp; 120 <br>&nbsp;&nbsp;&nbsp; Privacy Considerations for System Access&nbsp;&nbsp;&nbsp;&nbsp; 121 <br>5.2 Authorization&nbsp;&nbsp;&nbsp;&nbsp; 122 <br>&nbsp;&nbsp;&nbsp; Privacy Authorization&nbsp;&nbsp;&nbsp;&nbsp; 123 <br>5.3 User Authentication&nbsp;&nbsp;&nbsp;&nbsp; 124 <br>&nbsp;&nbsp;&nbsp; Means of Authentication&nbsp;&nbsp;&nbsp;&nbsp; 125 <br>&nbsp;&nbsp;&nbsp; Multifactor Authentication&nbsp;&nbsp;&nbsp;&nbsp; 126 <br>&nbsp;&nbsp;&nbsp; A Model for Electronic User Authentication&nbsp;&nbsp;&nbsp;&nbsp; 127 <br>5.4 Access Control&nbsp;&nbsp;&nbsp;&nbsp; 129 <br>&nbsp;&nbsp;&nbsp; Subjects, Objects, and Access Rights&nbsp;&nbsp;&nbsp;&nbsp; 130 <br>&nbsp;&nbsp;&nbsp; Access Control Policies&nbsp;&nbsp;&nbsp;&nbsp; 131 <br>&nbsp;&nbsp;&nbsp; Discretionary Access Control&nbsp;&nbsp;&nbsp;&nbsp; 131 <br>&nbsp;&nbsp;&nbsp; Role-Based Access Control&nbsp;&nbsp;&nbsp;&nbsp; 133 <br>&nbsp;&nbsp;&nbsp; Attribute-Based Access Control&nbsp;&nbsp;&nbsp;&nbsp; 135 <br>5.5 Identity and Access Management&nbsp;&nbsp;&nbsp;&nbsp; 140 <br>&nbsp;&nbsp;&nbsp; IAM Architecture&nbsp;&nbsp;&nbsp;&nbsp; 140 <br>&nbsp;&nbsp;&nbsp; Federated Identity Management&nbsp;&nbsp;&nbsp;&nbsp; 142 <br>5.6 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 144 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 144 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 145 <br>5.7 Reference&nbsp;&nbsp;&nbsp;&nbsp; 145 <br> Chapter 6:&nbsp; Malicious Software and Intruders&nbsp;&nbsp;&nbsp;&nbsp; 146 <br>6.1 Malware Protection Activities&nbsp;&nbsp;&nbsp;&nbsp; 147 <br>&nbsp;&nbsp;&nbsp; Types of Malware&nbsp;&nbsp;&nbsp;&nbsp; 147 <br>&nbsp;&nbsp;&nbsp; The Nature of the Malware Threat&nbsp;&nbsp;&nbsp;&nbsp; 149 <br>&nbsp;&nbsp;&nbsp; Practical Malware Protection&nbsp;&nbsp;&nbsp;&nbsp; 150 <br>6.2 Malware Protection Software&nbsp;&nbsp;&nbsp;&nbsp; 153 <br>&nbsp;&nbsp;&nbsp; Capabilities of Malware Protection Software&nbsp;&nbsp;&nbsp;&nbsp; 153 <br>&nbsp;&nbsp;&nbsp; Managing Malware Protection Software&nbsp;&nbsp;&nbsp;&nbsp; 154 <br>6.3 Firewalls&nbsp;&nbsp;&nbsp;&nbsp; 155 <br>&nbsp;&nbsp;&nbsp; Firewall Characteristics&nbsp;&nbsp;&nbsp;&nbsp; 155 <br>&nbsp;&nbsp;&nbsp; Types of Firewalls&nbsp;&nbsp;&nbsp;&nbsp; 156 <br>&nbsp;&nbsp;&nbsp; Next-Generation Firewalls&nbsp;&nbsp;&nbsp;&nbsp; 163 <br>&nbsp;&nbsp;&nbsp; DMZ Networks&nbsp;&nbsp;&nbsp;&nbsp; 164 <br>&nbsp;&nbsp;&nbsp; The Modern IT Perimeter&nbsp;&nbsp;&nbsp;&nbsp; 165 <br>6.4 Intrusion Detection&nbsp;&nbsp;&nbsp;&nbsp; 166 <br>&nbsp;&nbsp;&nbsp; Basic Intrusion Detection Principles&nbsp;&nbsp;&nbsp;&nbsp; 167 <br>&nbsp;&nbsp;&nbsp; Approaches to Intrusion Detection&nbsp;&nbsp;&nbsp;&nbsp; 167 <br>&nbsp;&nbsp;&nbsp; Host-Based Intrusion Detection Techniques&nbsp;&nbsp;&nbsp;&nbsp; 169 <br>&nbsp;&nbsp;&nbsp; Network-Based Intrusion Detection Systems&nbsp;&nbsp;&nbsp;&nbsp; 169 <br>&nbsp;&nbsp;&nbsp; IDS Best Practices&nbsp;&nbsp;&nbsp;&nbsp; 171 <br>6.5 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 172 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 172 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 173 <br>6.6 References&nbsp;&nbsp;&nbsp;&nbsp; 174 <br> PART IV:&nbsp; PRIVACY ENHANCING TECHNOLOGIES&nbsp;&nbsp;&nbsp;&nbsp; 175<br>Chapter 7:&nbsp; Privacy in Databases&nbsp;&nbsp;&nbsp;&nbsp; 176 <br>7.1 Basic Concepts&nbsp;&nbsp;&nbsp;&nbsp; 178 <br>&nbsp;&nbsp;&nbsp; Personal Data Attributes&nbsp;&nbsp;&nbsp;&nbsp; 179 <br>&nbsp;&nbsp;&nbsp; Types of Data Files&nbsp;&nbsp;&nbsp;&nbsp; 180 <br>7.2 Re-Identification Attacks&nbsp;&nbsp;&nbsp;&nbsp; 183 <br>&nbsp;&nbsp;&nbsp; Types of Attacks&nbsp;&nbsp;&nbsp;&nbsp; 184 <br>&nbsp;&nbsp;&nbsp; Potential Attackers&nbsp;&nbsp;&nbsp;&nbsp; 186 <br>&nbsp;&nbsp;&nbsp; Disclosure Risks&nbsp;&nbsp;&nbsp;&nbsp; 186 <br>&nbsp;&nbsp;&nbsp; Applicability to Privacy Threats&nbsp;&nbsp;&nbsp;&nbsp; 187 <br>7.3 De-Identification of Direct Identifiers&nbsp;&nbsp;&nbsp;&nbsp; 188 <br>&nbsp;&nbsp;&nbsp; Anonymization&nbsp;&nbsp;&nbsp;&nbsp; 189 <br>&nbsp;&nbsp;&nbsp; Pseudonymization&nbsp;&nbsp;&nbsp;&nbsp; 189 <br>7.4 De-Identification of Quasi-Identifiers in Microdata Files&nbsp;&nbsp;&nbsp;&nbsp; 190 <br>&nbsp;&nbsp;&nbsp; Privacy-Preserving Data Publishing&nbsp;&nbsp;&nbsp;&nbsp; 192 <br>&nbsp;&nbsp;&nbsp; Disclosure Risk Versus Data Utility&nbsp;&nbsp;&nbsp;&nbsp; 193 <br>&nbsp;&nbsp;&nbsp; PPDP Techniques&nbsp;&nbsp;&nbsp;&nbsp; 194 <br>7.5 K-Anonymity, L-Diversity, and T-Closeness&nbsp;&nbsp;&nbsp;&nbsp; 196 <br>&nbsp;&nbsp;&nbsp; K-Anonymity&nbsp;&nbsp;&nbsp;&nbsp; 196 <br>&nbsp;&nbsp;&nbsp; L-Diversity&nbsp;&nbsp;&nbsp;&nbsp; 198 <br>&nbsp;&nbsp;&nbsp; T-Closeness&nbsp;&nbsp;&nbsp;&nbsp; 199 <br>7.6 Summary Table Protection&nbsp;&nbsp;&nbsp;&nbsp; 199 <br>&nbsp;&nbsp;&nbsp; Frequency Tables&nbsp;&nbsp;&nbsp;&nbsp; 200 <br>&nbsp;&nbsp;&nbsp; Magnitude Tables&nbsp;&nbsp;&nbsp;&nbsp; 203 <br>7.7 Privacy in Queryable Databases&nbsp;&nbsp;&nbsp;&nbsp; 204 <br>&nbsp;&nbsp;&nbsp; Privacy Threats&nbsp;&nbsp;&nbsp;&nbsp; 205 <br>&nbsp;&nbsp;&nbsp; Protecting Queryable Databases&nbsp;&nbsp;&nbsp;&nbsp; 206 <br>7.8 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 211 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 211 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 212 <br>7.9 References&nbsp;&nbsp;&nbsp;&nbsp; 212 <br> Chapter 8:&nbsp; Online Privacy&nbsp;&nbsp;&nbsp;&nbsp; 214 <br>8.1 The Online Ecosystem for Personal Data&nbsp;&nbsp;&nbsp;&nbsp; 215 <br>8.2 Web Security and Privacy&nbsp;&nbsp;&nbsp;&nbsp; 217 <br>&nbsp;&nbsp;&nbsp; Web Server Security and Privacy&nbsp;&nbsp;&nbsp;&nbsp; 218 <br>&nbsp;&nbsp;&nbsp; Web Application Security and Privacy&nbsp;&nbsp;&nbsp;&nbsp; 219 <br>&nbsp;&nbsp;&nbsp; Web Browser Security and Privacy&nbsp;&nbsp;&nbsp;&nbsp; 222 <br>8.3 Mobile App Security&nbsp;&nbsp;&nbsp;&nbsp; 224 <br>&nbsp;&nbsp;&nbsp; Mobile Ecosystem&nbsp;&nbsp;&nbsp;&nbsp; 224 <br>&nbsp;&nbsp;&nbsp; Mobile Device Vulnerabilities&nbsp;&nbsp;&nbsp;&nbsp; 225 <br>&nbsp;&nbsp;&nbsp; BYOD Policies&nbsp;&nbsp;&nbsp;&nbsp; 227 <br>&nbsp;&nbsp;&nbsp; Mobile Application Vetting&nbsp;&nbsp;&nbsp;&nbsp; 229 <br>&nbsp;&nbsp;&nbsp; Resources for Mobile Device Security&nbsp;&nbsp;&nbsp;&nbsp; 230 <br>8.4 Online Privacy Threats&nbsp;&nbsp;&nbsp;&nbsp; 231 <br>&nbsp;&nbsp;&nbsp; Web Application Privacy&nbsp;&nbsp;&nbsp;&nbsp; 231 <br>&nbsp;&nbsp;&nbsp; Mobile App Privacy&nbsp;&nbsp;&nbsp;&nbsp; 232 <br>8.5 Online Privacy Requirements&nbsp;&nbsp;&nbsp;&nbsp; 234 <br>&nbsp;&nbsp;&nbsp; Online Privacy Principles&nbsp;&nbsp;&nbsp;&nbsp; 234 <br>&nbsp;&nbsp;&nbsp; Online Privacy Framework&nbsp;&nbsp;&nbsp;&nbsp; 236 <br>&nbsp;&nbsp;&nbsp; Simplified Consumer Choice&nbsp;&nbsp;&nbsp;&nbsp; 241 <br>&nbsp;&nbsp;&nbsp; Transparency of Data Practices&nbsp;&nbsp;&nbsp;&nbsp; 241 <br>8.6 Privacy Notices&nbsp;&nbsp;&nbsp;&nbsp; 242 <br>&nbsp;&nbsp;&nbsp; Notice Requirements&nbsp;&nbsp;&nbsp;&nbsp; 243 <br>&nbsp;&nbsp;&nbsp; Notice Content&nbsp;&nbsp;&nbsp;&nbsp; 243 <br>&nbsp;&nbsp;&nbsp; Notice Structure&nbsp;&nbsp;&nbsp;&nbsp; 246 <br>&nbsp;&nbsp;&nbsp; Mobile App Privacy Notices&nbsp;&nbsp;&nbsp;&nbsp; 246 <br>&nbsp;&nbsp;&nbsp; Privacy Notice Design Space&nbsp;&nbsp;&nbsp;&nbsp; 248 <br>8.7 Tracking&nbsp;&nbsp;&nbsp;&nbsp; 250 <br>&nbsp;&nbsp;&nbsp; Cookies&nbsp;&nbsp;&nbsp;&nbsp; 250 <br>&nbsp;&nbsp;&nbsp; Other Tracking Technologies&nbsp;&nbsp;&nbsp;&nbsp; 253 <br>&nbsp;&nbsp;&nbsp; Do Not Track&nbsp;&nbsp;&nbsp;&nbsp; 254 <br>8.8 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 254 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 254 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 255 <br>8.9 References&nbsp;&nbsp;&nbsp;&nbsp; 255 <br> Chapter 9:&nbsp; Other PET Topics&nbsp;&nbsp;&nbsp;&nbsp; 258 <br>9.1 Data Loss Prevention&nbsp;&nbsp;&nbsp;&nbsp; 258 <br>&nbsp;&nbsp;&nbsp; Data Classification and Identification&nbsp;&nbsp;&nbsp;&nbsp; 259 <br>&nbsp;&nbsp;&nbsp; Data States&nbsp;&nbsp;&nbsp;&nbsp; 260 <br>&nbsp;&nbsp;&nbsp; DLP for Email&nbsp;&nbsp;&nbsp;&nbsp; 262 <br>&nbsp;&nbsp;&nbsp; DLP Model&nbsp;&nbsp;&nbsp;&nbsp; 263 <br>9.2 The Internet of Things&nbsp;&nbsp;&nbsp;&nbsp; 266 <br>&nbsp;&nbsp;&nbsp; Things on the Internet of Things&nbsp;&nbsp;&nbsp;&nbsp; 266 <br>&nbsp;&nbsp;&nbsp; Components of IoT-Enabled Things&nbsp;&nbsp;&nbsp;&nbsp; 266 <br>&nbsp;&nbsp;&nbsp; IoT and Cloud Context&nbsp;&nbsp;&nbsp;&nbsp; 267 <br>9.3 IoT Security&nbsp;&nbsp;&nbsp;&nbsp; 270 <br>&nbsp;&nbsp;&nbsp; IoT Device Capabilities&nbsp;&nbsp;&nbsp;&nbsp; 270 <br>&nbsp;&nbsp;&nbsp; Security Challenges of the IoT Ecosystem&nbsp;&nbsp;&nbsp;&nbsp; 271 <br>&nbsp;&nbsp;&nbsp; IoT Security Objectives&nbsp;&nbsp;&nbsp;&nbsp; 273 <br>9.4 IoT Privacy&nbsp;&nbsp;&nbsp;&nbsp; 274 <br>&nbsp;&nbsp;&nbsp; An IoT Model&nbsp;&nbsp;&nbsp;&nbsp; 275 <br>&nbsp;&nbsp;&nbsp; Privacy Engineering Objectives and Risks&nbsp;&nbsp;&nbsp;&nbsp; 276 <br>&nbsp;&nbsp;&nbsp; Challenges for Organizations&nbsp;&nbsp;&nbsp;&nbsp; 278 <br>9.5 Cloud Computing&nbsp;&nbsp;&nbsp;&nbsp; 280 <br>&nbsp;&nbsp;&nbsp; Cloud Computing Elements&nbsp;&nbsp;&nbsp;&nbsp; 280 <br>&nbsp;&nbsp;&nbsp; Threats for Cloud Service Users&nbsp;&nbsp;&nbsp;&nbsp; 284 <br>9.6 Cloud Privacy&nbsp;&nbsp;&nbsp;&nbsp; 285 <br>&nbsp;&nbsp;&nbsp; Data Collection&nbsp;&nbsp;&nbsp;&nbsp; 286 <br>&nbsp;&nbsp;&nbsp; Storage&nbsp;&nbsp;&nbsp;&nbsp; 287 <br>&nbsp;&nbsp;&nbsp; Sharing and Processing&nbsp;&nbsp;&nbsp;&nbsp; 290 <br>&nbsp;&nbsp;&nbsp; Deletion&nbsp;&nbsp;&nbsp;&nbsp; 290 <br>9.7 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 290 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 290 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 291 <br>9.8 References&nbsp;&nbsp;&nbsp;&nbsp; 291 <br> PART V:&nbsp; INFORMATION PRIVACY MANAGEMENT&nbsp;&nbsp;&nbsp;&nbsp; 293<br>Chapter 10:&nbsp; Information Privacy Governance and Management&nbsp;&nbsp;&nbsp;&nbsp; 294 <br>10.1 Information Security Governance&nbsp;&nbsp;&nbsp;&nbsp; 295 <br>&nbsp;&nbsp;&nbsp; Information Security Management System&nbsp;&nbsp;&nbsp;&nbsp; 295 <br>&nbsp;&nbsp;&nbsp; Information Security Governance Concepts&nbsp;&nbsp;&nbsp;&nbsp; 295 <br>&nbsp;&nbsp;&nbsp; Security Governance Components&nbsp;&nbsp;&nbsp;&nbsp; 298 <br>&nbsp;&nbsp;&nbsp; Integration with Enterprise Architecture&nbsp;&nbsp;&nbsp;&nbsp; 303 <br>&nbsp;&nbsp;&nbsp; Policies and Guidance&nbsp;&nbsp;&nbsp;&nbsp; 307 <br>10.2 Information Privacy Governance&nbsp;&nbsp;&nbsp;&nbsp; 308 <br>&nbsp;&nbsp;&nbsp; Information Privacy Roles&nbsp;&nbsp;&nbsp;&nbsp; 308 <br>&nbsp;&nbsp;&nbsp; The Privacy Program Plan&nbsp;&nbsp;&nbsp;&nbsp; 312 <br>10.3 Information Privacy Management&nbsp;&nbsp;&nbsp;&nbsp; 315 <br>&nbsp;&nbsp;&nbsp; Key Areas of Privacy Management&nbsp;&nbsp;&nbsp;&nbsp; 316 <br>&nbsp;&nbsp;&nbsp; Privacy Planning&nbsp;&nbsp;&nbsp;&nbsp; 317 <br>&nbsp;&nbsp;&nbsp; Privacy Policy&nbsp;&nbsp;&nbsp;&nbsp; 319 <br>10.4 OASIS Privacy Management Reference Model&nbsp;&nbsp;&nbsp;&nbsp; 322 <br>&nbsp;&nbsp;&nbsp; Privacy Management Reference Model and Methodology (PMRM)&nbsp;&nbsp;&nbsp;&nbsp; 322 <br>&nbsp;&nbsp;&nbsp; Privacy by Design Documentation for Software Engineers&nbsp;&nbsp;&nbsp;&nbsp; 328 <br>10.5 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 331 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 331 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 331 <br>10.6 Reference&nbsp;&nbsp;&nbsp;&nbsp; 332 <br> Chapter 11:&nbsp; Risk Management and Privacy Impact Assessment&nbsp;&nbsp;&nbsp;&nbsp; 334 <br>11.1 Risk Assessment&nbsp;&nbsp;&nbsp;&nbsp; 335 <br>&nbsp;&nbsp;&nbsp; Risk Assessment Process&nbsp;&nbsp;&nbsp;&nbsp; 335 <br>&nbsp;&nbsp;&nbsp; Risk Assessment Challenges&nbsp;&nbsp;&nbsp;&nbsp; 339 <br>&nbsp;&nbsp;&nbsp; Quantitative Risk Assessment&nbsp;&nbsp;&nbsp;&nbsp; 340 <br>&nbsp;&nbsp;&nbsp; Qualitative Risk Assessment&nbsp;&nbsp;&nbsp;&nbsp; 342 <br>11.2 Risk Management&nbsp;&nbsp;&nbsp;&nbsp; 346 <br>&nbsp;&nbsp;&nbsp; NIST Risk Management Framework&nbsp;&nbsp;&nbsp;&nbsp; 347 <br>&nbsp;&nbsp;&nbsp; ISO 27005: Information Security Risk Management&nbsp;&nbsp;&nbsp;&nbsp; 348 <br>&nbsp;&nbsp;&nbsp; Risk Evaluation&nbsp;&nbsp;&nbsp;&nbsp; 351 <br>&nbsp;&nbsp;&nbsp; Risk Treatment&nbsp;&nbsp;&nbsp;&nbsp; 352 <br>11.3 Privacy Risk Assessment&nbsp;&nbsp;&nbsp;&nbsp; 353 <br>&nbsp;&nbsp;&nbsp; Privacy Impact&nbsp;&nbsp;&nbsp;&nbsp; 356 <br>&nbsp;&nbsp;&nbsp; Likelihood&nbsp;&nbsp;&nbsp;&nbsp; 361 <br>&nbsp;&nbsp;&nbsp; Assessing Privacy Risk&nbsp;&nbsp;&nbsp;&nbsp; 363 <br>11.4 Privacy Impact Assessment&nbsp;&nbsp;&nbsp;&nbsp; 365 <br>&nbsp;&nbsp;&nbsp; Privacy Threshold Analysis&nbsp;&nbsp;&nbsp;&nbsp; 365 <br>&nbsp;&nbsp;&nbsp; Preparing for a PIA&nbsp;&nbsp;&nbsp;&nbsp; 366 <br>&nbsp;&nbsp;&nbsp; Identify PII Information Flows&nbsp;&nbsp;&nbsp;&nbsp; 367 <br>&nbsp;&nbsp;&nbsp; Identify Potential User Behavior&nbsp;&nbsp;&nbsp;&nbsp; 367 <br>&nbsp;&nbsp;&nbsp; Determine Relevant Privacy Safeguarding Requirements&nbsp;&nbsp;&nbsp;&nbsp; 368 <br>&nbsp;&nbsp;&nbsp; Assess Privacy Risk&nbsp;&nbsp;&nbsp;&nbsp; 368 <br>&nbsp;&nbsp;&nbsp; Determine Risk Treatment&nbsp;&nbsp;&nbsp;&nbsp; 368 <br>&nbsp;&nbsp;&nbsp; The PIA Report&nbsp;&nbsp;&nbsp;&nbsp; 369 <br>&nbsp;&nbsp;&nbsp; Implement Risk Treatment&nbsp;&nbsp;&nbsp;&nbsp; 370 <br>&nbsp;&nbsp;&nbsp; Review/Audit Implementation&nbsp;&nbsp;&nbsp;&nbsp; 370 <br>&nbsp;&nbsp;&nbsp; Examples&nbsp;&nbsp;&nbsp;&nbsp; 371 <br>11.5 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 371 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 371 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 372 <br>11.6 References&nbsp;&nbsp;&nbsp;&nbsp; 372 <br> Chapter 12:&nbsp; Privacy Awareness, Training, and Education&nbsp;&nbsp;&nbsp;&nbsp; 374 <br>12.1 Information Privacy Awareness&nbsp;&nbsp;&nbsp;&nbsp; 376 <br>&nbsp;&nbsp;&nbsp; Awareness Topics&nbsp;&nbsp;&nbsp;&nbsp; 377 <br>&nbsp;&nbsp;&nbsp; Awareness Program Communication Materials&nbsp;&nbsp;&nbsp;&nbsp; 378 <br>&nbsp;&nbsp;&nbsp; Awareness Program Evaluation&nbsp;&nbsp;&nbsp;&nbsp; 379 <br>12.2 Privacy Training and Education&nbsp;&nbsp;&nbsp;&nbsp; 380 <br>&nbsp;&nbsp;&nbsp; Cybersecurity Essentials&nbsp;&nbsp;&nbsp;&nbsp; 380 <br>&nbsp;&nbsp;&nbsp; Role-Based Training&nbsp;&nbsp;&nbsp;&nbsp; 381 <br>&nbsp;&nbsp;&nbsp; Education and Certification&nbsp;&nbsp;&nbsp;&nbsp; 383 <br>12.3 Acceptable Use Policies&nbsp;&nbsp;&nbsp;&nbsp; 384 <br>&nbsp;&nbsp;&nbsp; Information Security Acceptable Use Policy&nbsp;&nbsp;&nbsp;&nbsp; 384 <br>&nbsp;&nbsp;&nbsp; PII Acceptable Use Policy&nbsp;&nbsp;&nbsp;&nbsp; 386 <br>12.4 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 386 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 386 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 387 <br>12.5 References&nbsp;&nbsp;&nbsp;&nbsp; 387 <br> Chapter 13:&nbsp; Event Monitoring, Auditing, and Incident Response&nbsp;&nbsp;&nbsp;&nbsp; 388 <br>13.1 Event Monitoring&nbsp;&nbsp;&nbsp;&nbsp; 388 <br>&nbsp;&nbsp;&nbsp; Security Event Logging&nbsp;&nbsp;&nbsp;&nbsp; 389 <br>&nbsp;&nbsp;&nbsp; Security Event Management&nbsp;&nbsp;&nbsp;&nbsp; 391 <br>&nbsp;&nbsp;&nbsp; Event Logging Related to PII&nbsp;&nbsp;&nbsp;&nbsp; 392 <br>13.2 Information Security Auditing&nbsp;&nbsp;&nbsp;&nbsp; 393 <br>&nbsp;&nbsp;&nbsp; Data to Collect for Auditing&nbsp;&nbsp;&nbsp;&nbsp; 394 <br>&nbsp;&nbsp;&nbsp; Internal and External Audits&nbsp;&nbsp;&nbsp;&nbsp; 395 <br>&nbsp;&nbsp;&nbsp; Security Audit Controls&nbsp;&nbsp;&nbsp;&nbsp; 396 <br>13.3 Information Privacy Auditing&nbsp;&nbsp;&nbsp;&nbsp; 398 <br>&nbsp;&nbsp;&nbsp; Privacy Audit Checklist&nbsp;&nbsp;&nbsp;&nbsp; 398 <br>&nbsp;&nbsp;&nbsp; Privacy Controls&nbsp;&nbsp;&nbsp;&nbsp; 400 <br>13.4 Privacy Incident Management and Response&nbsp;&nbsp;&nbsp;&nbsp; 401 <br>&nbsp;&nbsp;&nbsp; Objectives of Privacy Incident Management&nbsp;&nbsp;&nbsp;&nbsp; 401 <br>&nbsp;&nbsp;&nbsp; Privacy Incident Response Team&nbsp;&nbsp;&nbsp;&nbsp; 402 <br>&nbsp;&nbsp;&nbsp; Preparing for Privacy Incident Response&nbsp;&nbsp;&nbsp;&nbsp; 403 <br>&nbsp;&nbsp;&nbsp; Detection and Analysis&nbsp;&nbsp;&nbsp;&nbsp; 405 <br>&nbsp;&nbsp;&nbsp; Containment, Eradication, and Recovery&nbsp;&nbsp;&nbsp;&nbsp; 406 <br>&nbsp;&nbsp;&nbsp; Notification to Affected Individuals&nbsp;&nbsp;&nbsp;&nbsp; 407 <br>&nbsp;&nbsp;&nbsp; Post-Incident Activity&nbsp;&nbsp;&nbsp;&nbsp; 408 <br>13.5 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 409 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 409 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 410 <br>13.6 References&nbsp;&nbsp;&nbsp;&nbsp; 410 <br> Part VI:&nbsp; Legal and Regulatory Requirements&nbsp;&nbsp;&nbsp;&nbsp; 411<br>Chapter 14:&nbsp; The EU General Data Protection Regulation&nbsp;&nbsp;&nbsp;&nbsp; 412 <br>14.1 Key Roles and Terms in the GDPR&nbsp;&nbsp;&nbsp;&nbsp; 413 <br>14.2 Structure of the GDPR&nbsp;&nbsp;&nbsp;&nbsp; 415 <br>14.3 GDPR Objectives and Scope&nbsp;&nbsp;&nbsp;&nbsp; 417 <br>&nbsp;&nbsp;&nbsp; Objectives&nbsp;&nbsp;&nbsp;&nbsp; 417 <br>&nbsp;&nbsp;&nbsp; Scope of the GDPR&nbsp;&nbsp;&nbsp;&nbsp; 418 <br>14.4 GDPR Principles&nbsp;&nbsp;&nbsp;&nbsp; 420 <br>&nbsp;&nbsp;&nbsp; Fairness421 <br>&nbsp;&nbsp;&nbsp; Lawful&nbsp;&nbsp;&nbsp;&nbsp; 422 <br>&nbsp;&nbsp;&nbsp; Transparency&nbsp;&nbsp;&nbsp;&nbsp; 423 <br>14.5 Restrictions on Certain Types of Personal Data&nbsp;&nbsp;&nbsp;&nbsp; 423 <br>&nbsp;&nbsp;&nbsp; Children’s Personal Data&nbsp;&nbsp;&nbsp;&nbsp; 423 <br>&nbsp;&nbsp;&nbsp; Special Categories of Personal Data&nbsp;&nbsp;&nbsp;&nbsp; 424 <br>14.6 Rights of the Data Subject&nbsp;&nbsp;&nbsp;&nbsp; 426 <br>14.7 Controller, Processor, and Data Protection Officer&nbsp;&nbsp;&nbsp;&nbsp; 428 <br>&nbsp;&nbsp;&nbsp; Data Protection by Design and Default&nbsp;&nbsp;&nbsp;&nbsp; 428 <br>&nbsp;&nbsp;&nbsp; Records of Processing Activities&nbsp;&nbsp;&nbsp;&nbsp; 429 <br>&nbsp;&nbsp;&nbsp; Security of Processing&nbsp;&nbsp;&nbsp;&nbsp; 431 <br>&nbsp;&nbsp;&nbsp; Data Protection Officer&nbsp;&nbsp;&nbsp;&nbsp; 431 <br>14.8 Data Protection Impact Assessment&nbsp;&nbsp;&nbsp;&nbsp; 433 <br>&nbsp;&nbsp;&nbsp; Risk and High Risk&nbsp;&nbsp;&nbsp;&nbsp; 433 <br>&nbsp;&nbsp;&nbsp; Determining Whether a DPIA Is Needed&nbsp;&nbsp;&nbsp;&nbsp; 434 <br>&nbsp;&nbsp;&nbsp; DPIA Process&nbsp;&nbsp;&nbsp;&nbsp; 436 <br>&nbsp;&nbsp;&nbsp; GDPR Requirements&nbsp;&nbsp;&nbsp;&nbsp; 438 <br>&nbsp;&nbsp;&nbsp; Criteria for an Acceptable DPIA&nbsp;&nbsp;&nbsp;&nbsp; 439 <br>14.9 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 441 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 441 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 441 <br>14.10 References&nbsp;&nbsp;&nbsp;&nbsp; 442 <br> Chapter 15:&nbsp; U.S. Privacy Laws&nbsp;&nbsp;&nbsp;&nbsp; 444 <br>15.1 A Survey of Federal U.S. Privacy Laws&nbsp;&nbsp;&nbsp;&nbsp; 445 <br>15.2 Health Insurance Portability and Accountability Act&nbsp;&nbsp;&nbsp;&nbsp; 449 <br>&nbsp;&nbsp;&nbsp; HIPAA Overview&nbsp;&nbsp;&nbsp;&nbsp; 449 <br>&nbsp;&nbsp;&nbsp; HIPAA Privacy Rule&nbsp;&nbsp;&nbsp;&nbsp; 450 <br>15.3 Health Information Technology for Economic and Clinical Health Act&nbsp;&nbsp;&nbsp;&nbsp; 456 <br>&nbsp;&nbsp;&nbsp; Breach Notification&nbsp;&nbsp;&nbsp;&nbsp; 456 <br>&nbsp;&nbsp;&nbsp; Encryption of PHI&nbsp;&nbsp;&nbsp;&nbsp; 457 <br>&nbsp;&nbsp;&nbsp; Data Destruction&nbsp;&nbsp;&nbsp;&nbsp; 459 <br>15.4 Children’s Online Privacy Protection Act&nbsp;&nbsp;&nbsp;&nbsp; 460 <br>&nbsp;&nbsp;&nbsp; General Provisions&nbsp;&nbsp;&nbsp;&nbsp; 460 <br>&nbsp;&nbsp;&nbsp; The COPPA Final Rule&nbsp;&nbsp;&nbsp;&nbsp; 461 <br>15.5 California Consumer Privacy Act&nbsp;&nbsp;&nbsp;&nbsp; 462 <br>&nbsp;&nbsp;&nbsp; Basic Concepts&nbsp;&nbsp;&nbsp;&nbsp; 462 <br>&nbsp;&nbsp;&nbsp; Rights of Consumers&nbsp;&nbsp;&nbsp;&nbsp; 466 <br>&nbsp;&nbsp;&nbsp; Comparison with the GDPR&nbsp;&nbsp;&nbsp;&nbsp; 468 <br>15.6 Key Terms and Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 470 <br>&nbsp;&nbsp;&nbsp; Key Terms&nbsp;&nbsp;&nbsp;&nbsp; 470 <br>&nbsp;&nbsp;&nbsp; Review Questions&nbsp;&nbsp;&nbsp;&nbsp; 470 <br>15.7 References&nbsp;&nbsp;&nbsp;&nbsp; 471 <br> Index&nbsp;&nbsp;&nbsp;&nbsp; 472<br>Appendix (Online Only): Answers to Review Questions <br>

Rubrieken

Uw cookie-instellingen
Deze website maakt gebruik van verschillende soorten cookies. Sommige cookies worden geplaatst door diensten van derden die op onze pagina's worden weergegeven. Om deze externe content te kunnen tonen is nodig dat u toestemming geeft voor het zetten van persoonlijke en marketingcookies. U kunt uw toestemming op elk moment wijzigen of intrekken. In onze cookieverklaring vindt u meer informatie.

Populaire producten

    Personen

      Trefwoorden

        Information Privacy Engineering and Privacy by Design

        Recensiebeleid
        Noordhoff terugkoopgarantie

        Noordhoff koopt jouw boek terug, zonder zorgen!

        Heb je jouw boeken niet meer nodig?

        Als je jouw studieboeken gekocht hebt bij hanzestudybook.nl, kun je geselecteerde titels moeiteloos terugverkopen aan Noordhoff. Geen vragen, geen gedoe en lekker duurzaam.

        Volledige informatie op Noordhoff.nl

        AI-book

        Wat is een AI-book?

        Een AI-book is niet een boek dat geschreven is door AI maar een boek dat verrijkt is met AI. Het maakt de inhoud van een boek interactief via WhatsApp, zodat je ermee kunt chatten. Zie het als een razend slimme assistent die het boek perfect begrijpt en er alles uit onthouden heeft. Jij kunt deze assistent alles vragen. Vraag bijvoorbeeld hoe je iets kunt toepassen op jouw persoonlijke situatie, om een korte samenvatting, of wat de belangrijkste inzichten zijn. AI-books zijn alleen te gebruiken via WhatsApp, je hoeft er geen aparte app voor te installeren.
        Meer informatie over AI-books

        ?

        Geef uw beoordeling

        Information Privacy Engineering and Privacy by Design

        Verwijder uw beoordeling