Home
News
E-mail Newsletters
Blogs
Tech Dispenser
Shark Bait
Knowledge Centers
Opinion
- Columnists
- SharkTank
Webcasts
Video
Podcasts
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
- Face to Face
  - Leadership
  - Awards
  - Storage
  - Mobile
  - Data Center
  - BI
  - SaaS
  - Green IT
  - Honors
  - Sponsorship
- Virtual
Print Subscriptions

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.

	Finance
	Security
	Computerworld Daily News (First Look and Wrap-Up)
	Computerworld Blogs Newsletter
	The Weekly Top 10

More E-Mail Newsletters

Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.

BONUS LINKS

Laptops

Toshiba Laptops with Intel® Centrino® Duo. Free Shipping

Test Your Privacy Knowledge

A Privacy Rights Clearinghouse/Computerworld quiz

Today’s Top Stories

or Other Security Stories

Why SaaS is Vital to Email and Web Security
Bringing Order and Security to your Mobile Workforce: Corporate Mobility Policy and Device Management
Achiving Compliance Through Good Governance

Magic Quadrant for Application Delivery Controllers
Should You Install Messaging Security Software on Your Exchange Server?
Ninja: Total Email Security

Learn-Fast Guide: Software as a Service is Growing Up
SaaS Solutions for Remote Systems Management
Learn-Fast Guide: Software as a Service is Growing Up

March 15, 2004 (Computerworld) --

Many privacy abuses are the result of errors and carelessness by those who handle personal information. Some are caused by inadequate security. Responsible information-handling practices begin with the development of privacy policies in the workplace and the implementation of regular training programs.

Take this quiz to test your knowledge of legal requirements and best practices in responsible information handling. To learn more about these and other issues, visit the Privacy Rights Clearinghouse.

1.	HIPAA regulations require that privacy notices be written at a ninth-grade reading level. TrueFalse
2.	Does the Gramm-Leach-Bliley Act restrict financial firms, such as banks, brokerage houses and insurance companies, from sharing information among affiliated companies? YesNo
3.	Under HIPAA, the federal medical privacy rule, a patient whose privacy has been violated has the right to sue the health care provider. TrueFalse
4.	What types of personal medical information does HIPAA not cover? Mental health and medical laboratories' records Workers' compensation, life insurance company records and records from agencies that deliver Social Security and welfare benefits A pharmacy's records about patient prescriptions and dentist and health insurance companies' records
5.	Which states require that companies dispose of documents securely in order to prevent disclosure to "Dumpster divers" and others who don't have a legitimate right of access by shredding paper, "wiping" electronic files and destroying computer diskettes, CD-ROMs and hard drives? New York, Massachusetts and Minnesota California, Georgia and Wisconsin
6.	Which state requires companies to notify customers and/or employees in case of computer security breaches involving sensitive personal information? New York California Massachusetts Wisconsin Georgia Minnesota
7.	What's being done when a record is "severed"? A. The entire record is closed out and destroyed B. Nonessential and personally identifiable information is removed from the record before it is disclosed to a third party C. The record is coded within the database so that only those employees with a legitimate need to know have access to it.
8.	According to recent surveys, approximately how many victims of identity theft are there in the U.S. each year? 500,000 5 million 1 million 10 million
9.	When contracting with a document-destruction company to retrieve and dispose of any paper and other trash containing personal information, what important qualification should you look for? A. The company is bonded. B. The company certifies with a signed, dated document that the material has been properly destroyed. C. The company conducts criminal background checks of its employees. D. The company's employees sign a confidentiality agreement. E. The document destruction company allows unannounced visits so its clients can audit its practices. F. All of the above.
10.	Recycling of paper refuse is a legitimate alternative to having it shredded. TrueFalse

Compliance Headaches

Stories in this report:

Compliance Headaches
Privacy Potholes
Outsourcing: Losing Control
Chief Privacy Officers: Hot or Not?
Privacy Glossary
The Almanac: Privacy
The RFID Privacy Scare is Overblown
Test Your Privacy Knowledge
Five Key Privacy Principles
Privacy Payoff: Better Customer Data
California Privacy Law a Yawner So Far
Learn (Almost) Anything About Anybody
Five Steps Your Company Can Take To Keep Information Private

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

Test Your Privacy Knowledge

"Yes, NASA has confirmed that some laptops taken to the International Space Station were infected with an online-gaming password stealing..." Read more...

"Linux is more secure than most operating systems, but Not if you don't practice basic security measures..." Read more...

Read more Security posts or See all Blogs

	Cellular operators say they're ready for Gustav
	Psystar calls Apple a 'monopoly' in antitrust charges
	Doubt cast on Seinfeld as Windows TV ads near
	More top stories...

	IT workers hit hardest by offshore outsourcing, survey finds
	Microsoft: No more Windows Live Mail crashes with IE8 Beta 2
	Microsoft warns of IE8 lock-in with XP SP3

Telecommuting: 6 questions to ask before you say yes

Telework can change office dynamics in ways you hadn't anticipated. Proceed cautiously.

Wi-Fi tweaks for speed freaks

Got a painfully slow connection or random dead spots? Our tips will help you get the most out of your wireless network.

5 ways to drive your best workers out the door

Listen up, managers: Employees don't quit the job; they quit you.

Ultraportable laptops: Their rise and possible fall

Netbooks, ultraportables, mini-notebooks — whatever you call them, they've been grabbing headlines. Are they here for the long term or just a flash in the pan?

Windows Vista A to Z

Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS.

IT Careers 2010

Four years from now, the IT field will be a vastly different place. Will you be ready?

All Zones
Application Performance Zone
Business Continuity Zone
The File Data Management Zone
Security Management Zone
ITIL Best Practices Zone
The SAS Zone
Business Intelligence and Analytics Zone
Windows Protection Zone
Identity & Security Management Zone

See your link here

From Laggard to Leader: Transforming the Data Center

From Laggard to Leader: Transforming the Data Center
Register for this complimentary live webcast today!

Go to the webcast

Computerworld Executive Bulletin: Building a Robust Antivirus Defense

Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs.
(Source: MessageLabs) Antivirus software alone isn't enough to prevent today's speedy, sophisticated virus attacks. Security managers should consider multitiered approaches that include behavior scanning, appliances that check e-mail for worms, and restricting user access to dangerous Web sites. Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs, to learn more.

Download this executive briefing

Online Security Issues in Regulated Industries

Download this research paper, free for a limited time, compliments of Webroot!
(Source: Webroot Software) In June 2008, Computerworld invited IT and business leaders to participate in a survey on online security initiatives at their organizations. The goal of the survey was to better understand Web and e-mail security issues faced today within the regulated education, financial services, government and health care industries. The following report represents top-line results of that survey.

Download this white paper

White Papers

Read up on the latest ideas and technologies from companies that sell hardware, software and services.

	Archiving Compliance with Sunbelt Exchange Archiver
	The Impact of Messaging and Web Threats
	Advanced Load Balancing: 8 Things You Need to Handle Today's Network Traffic

View more whitepapers

Test Your Privacy Knowledge

Cellular operators say they're ready for Gustav
IT workers hit hardest by offshore outsourcing, survey finds
Psystar calls Apple a 'monopoly' in antitrust charges
More top stories

Security Management Zone
Security management is the process of developing a comprehensive data protection plan. It takes into account all potential threats, the existing network environment, the future needs of the organization, and lays out a multi-tiered blueprint to integrate the security technology needed to combat these threats. CDW can help keep your network and data secure.
Visit the CDW Security Management Zone now

See All Zones

Fired up about IT? Join Sharkbait and share your true tales of IT. SharkBait is the place for you to sound off about everything IT – the good, the bad, and the rest of the weird stuff you deal with every day.

New baits

Identity & Security Management
Solve your compliance problems and mitigate risk. Automate, validate and enforce business governance with Novell Identity Management and Security solutions.
Learn more in the Identity & Security Management Zone

See All Zones

In Security
Stripping away the trappings of applications, systems and networks, information is the core asset of most organizations. Our columnist describes how asserting the importance of information governance is crucial to making that asset tangible, addressable and protected.

Click here to read the latest column by Jon Espenschied

BONUS LINKS

Test Your Privacy Knowledge

Sponsored Links