From the course: ISC2 Certified Information Systems Security Professional (CISSP) (2024) Cert Prep

Unlock this course with a free trial

Join today to access over 24,200 courses taught by industry experts.

Data privacy

Data privacy

- [Instructor] All of the stakeholders in a data governance program bear responsibility for protecting the privacy of personal information under their care throughout the information lifecycle. Now this private information may come in many forms. Two of the most common elements of private information are personally identifiable information or PII and protected health information or PHI. PII includes all information that can be tied back to a specific individual, while PHI includes healthcare records that are regulated under the Health Insurance Portability and Accountability Act, HIPAA. The generally accepted privacy principles or GAPP are 10 components of data privacy that can be used to help organizations design their own privacy programs. The GAPP principles were developed through a collaboration between four major industry organizations, the American Institute of Certified Public Accountants, the Canadian Institute of Chartered Accountants, the Information Systems Audit and…

Contents