Fair Information Practices - 503 Advanced Cyber Security
Terms in this set (...)
Personal information should not be disclosed or otherwise used for other than a specified purpose without consent of the individual legal authority.
Individuals should have the following rights: to know about the collection of personal information, to access that information, to request correction, and to challenge the denial of those rights.
Personal information should be relevant to the purpose for which it is collected, and should be accurate, complete, and current as needed for that purpose.
The purposes for the collection of personal information should be disclosed before collection and upon any change to that purpose, and its use should be limited to those purposes and compatible purposes.
The public should be informed about privacy policies and practices, and individuals should have ready means of learning about the use of personal information.
Individuals controlling the collection or use of personal information should be accountable for taking steps to ensure the implementation of these principles.
The collection of personal information should be limited, should be obtained by lawful and fair means, and, where appropriate, with the knowledge or consent of the individual.
Personal information should be protected with reasonable security safeguards against risks, such as loss or unauthorized access, destruction, use, modification, or disclosure.