Privacy & Data Security Exam

Explanation
All of the above laws protect non-public information. The Gramm-Leach-Bliley Act (GLB) regulates how financial institutions handle the personal information of their customers. The Health Insurance Portability and Accountability Act (HIPAA) protects the privacy and security of individuals' health information. The Fair Debt Collections Practices Act (FDCPA) governs how debt collectors can collect personal information in order to prevent harassment and abuse. Therefore, all three laws provide protection for non-public information.

Explanation
The given statement suggests that if an employee is seen using a USB device or CD on any workstation, it is important to inform the management immediately. This is because the use of external storage devices can pose security risks, such as the introduction of malware or unauthorized data transfer. By contacting management, they can assess the situation, investigate any potential security breaches, and take appropriate actions to mitigate any threats.

Explanation
The given statement states that all Weber Olcese computers will have their USB ports disabled. This means that it is true that the USB ports on these computers will be disabled.

Explanation
The statement suggests that all Weber Olcese computers should have their CD-ROM/DVD drives disabled. This means that it is a requirement or policy for these computers to have their CD-ROM/DVD drives turned off or not functioning. Therefore, the correct answer is True, indicating that this statement is accurate.

Explanation
The firm owners, Jeff and Michael, have the authority to allow the use of various types of media devices for business purposes. This includes laptop computers, USB devices, and removable discs (CD/DVD). Therefore, all of the above options can be permitted for business use by the owners.

Explanation
The statement is false because Weber Olcese does not allow client/customer data to be stored on portable media devices that can easily be lost or stolen. This indicates that the company has implemented measures to protect the security and confidentiality of their clients' data.

Explanation
Disclosing customer's non-public information to friends and family is a violation of privacy and confidentiality. As a professional, it is essential to maintain the trust and confidentiality of the customers and their information. Sharing such information with unauthorized individuals can lead to legal consequences and damage the reputation of the organization. Therefore, it is not allowed to discuss or disclose customer's non-public information with friends and family.

Explanation
The statement states that all printed reports that contain customers' non-public information should be placed in the gray shred bins at the end of the work day. This implies that it is a requirement or policy to ensure the security and confidentiality of customers' non-public information. Therefore, the correct answer is True, indicating that this statement is accurate.

Explanation
When leaving for a break, it is important to lock workstations to prevent unauthorized access to customers' non-public information. This measure ensures that third-parties cannot view or manipulate sensitive data, maintaining the privacy and security of customer information. By locking workstations, employees can minimize the risk of data breaches and protect the confidentiality of customer data.

Explanation
Leaving out printed reports containing customers' non-public information on top of a workstation when leaving for a break is not permissible. This practice poses a significant security risk as it can lead to unauthorized access and potential data breaches. It is essential to safeguard sensitive information by securely storing or disposing of it when not in use.