expand for answer
Consent
Explicit permission, given to a Web site by a visitor, to handle her personal information in specified ways. Web sites that ask users to provide personally identifiable information should be required to obtain “informed consent,” which implies that the company fully discloses its information practices prior to obtaining personal data or permission to use it.
Similar items:
A means of restricting access to objects based on the identity of subjects and groups to which they belong. The controls are discretionary in the sense that a subject with certain access permission is capable of passing that permission on to another subject. Means of restricting access to objects based on the (DAC) identity and needtoknow of users and/or groups to which the object belongs. Controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (directly or indirectly) to any other subject. (. See mandatory access control. )
[view]
[view]
Information that may be collected by a Web site but is not “personally identifiable” to you. Aggregate information includes demographic data, domain names, Internet provider addresses, and Web site traffic. As long as none of these fields is linked to a user’s personal information, the data is considered aggregate.
[view]
[view]
Most Web servers produce “log files,” timestamped lists of every request that the server receives. For each request, the log file contains anonymous information such as date and time, the IP address of the browser making the request, the document or action that is being requested, the location of the document from which the request was made, and the type of browser that was being used. Log files are usually used to ensure quality of service. They also can be used in a limited way to analyze visitor activity.
[view]
[view]
A privacy principle that requires reasonable disclosure to a consumer of an entity’s personally identifiable information (PII) collection and use practices. This disclosure information is typically conveyed in a privacy notice or privacy policy. Microsoft: http://www. microsoft. com/security/glossary/.
[view]
[view]
Title II, Subtitle F of HIPAA, which gives HHS the authority to mandate the use of standards for the electronic exchange of healthcare data; to specify what medical and administrative code sets should be used within those standards; to require the use of national identification systems for healthcare patients, providers, payers (or plans), and employers (or sponsors); and to specify the types of measures required to protect the security and privacy of personally identifiable healthcare information. This is also the name of Title II, Subtitle F, Part C of HIPAA.
[view]
[view]
There are no comments yet.