1) There are no penalties for non-compliance with federal privacy laws. True False (correct)

2) Employees who willfully violate the Privacy Act could face: Jail time A $1,000,000 fine Community service A $5,000 fine and misdemeanor (correct)

3) If you have doubts about sharing PII, who should you consult? [Remediation Accessed :N] Legislative Affairs Your co-worker J1 Your Supervisor, Senior Component Official for Privacy (SCOP) or the Joint Staff Privacy Coordinator (Correct)

4) Authorized disposal methods for media containing PII may include: Burn bags (Correct) Disposing of PII at a personal residence Dumpster Drop into regular trashcan

5) All of the following are the effects of how PII can be used to commit fraud, except: [Remediation Accessed :N] Run up debt Establish credit Gain employment Increase an individual`s credit score (correct)

6) PII should only be transmitted electronically: To an official dot.mil or dot.gov email address (i.e. NEVER to a personal email account) When the email has been encrypted When the recipient is confirmed for having a need-to-know and authorized to access the PII All of these choices (Correct)

7) The Privacy Act contains remedies and penalties pertaining to: Employee use of PII Misuse of Privacy Act systems of records (correct) Metadata Federal IT systems

8) An employee lost a CD that he or she carries around that contains the names, birthdates, and social security numbers of a J-DIR's employee. He or she should: Report the incident to your Supervisor, Senior Component Official for Privacy (SCOP) or the Joint Staff Privacy Coordinator immediately regardless of whether the loss of the CD is suspected or confirmed (correct) Wait 24 hours before reporting to see if it turns up anywhere Don't report the incident until the CD is found Use USB drives or hard drives in the future, as they have more robust security controls and mechanisms built in

9) Which of the following data elements constitute PII? SSN/truncated SSN Biometrics All of these choices (correct) Home phone 10) The Privacy Act of 1974 applies to: All PII Groups of records containing (PII) such as names, SSN, DOB, email and DOD ID that can be retrieved from any IT system, email, files or conventional mail (correct) IT systems Groups of records