Glossary

    F

    A B C D E F G H I L M N O P R S U V W

    False Positive

    • Description: An incorrect identification or classification of data, where non-sensitive data is mistakenly flagged as sensitive.
    • Origin/Enacted and Enforced: A common term in data security and data loss prevention (DLP) technologies, not a legal term but important in compliance accuracy.
    • Impacts Data Types: Any data subject to classification or scanning, especially in automated systems.
    • Examples: A system flagging a regular customer ID as a Social Security number due to format similarity.
    • Potential Fines: Excessive false positives can lead to operational inefficiencies but are not directly fined; however, failure to accurately identify sensitive data can result in compliance violations.

    File Clustering

    • Description: A data organization technique that groups files based on content similarity to improve data management and discovery.
    • Origin/Enacted and Enforced: Used in data analytics and information governance; not a regulatory requirement but aids compliance.
    • Impacts Data Types: Unstructured data such as documents, emails, and multimedia files.
    • Examples: Grouping all files related to a project or client to simplify access controls and audits.
    • Potential Fines: No direct fines, but poor data organization can lead to compliance risks and potential penalties.

    FINRA (Financial Industry Regulatory Authority)

    • Description: A self-regulatory organization that oversees brokerage firms and exchange markets in the United States to protect investors.
    • Origin/Enacted and Enforced: Established in 2007, succeeding the National Association of Securities Dealers (NASD); operates under SEC oversight.
    • Impacts Data Types: Financial transaction data, customer account information, communications related to securities trading.
    • Examples: Monitoring compliance with securities laws; enforcing rules on data retention and reporting.
    • Potential Fines: Firms can face significant fines and sanctions for non-compliance with FINRA rules, including data handling violations.

    Florida HB 481

    • Description: Florida’s Information Protection Act, which sets requirements for data breach notifications and information security practices.
    • Origin/Enacted and Enforced: Enacted in 2014; enforced by the Florida Attorney General’s Office.
    • Impacts Data Types: Personal information including Social Security numbers, driver’s license numbers, financial account information.
    • Examples: Mandatory notification to affected individuals and the state in the event of a data breach involving personal information.
    • Potential Fines: Violations can result in civil penalties up to $500,000 per breach incident.

    Fuzzy Matching

    • Description: A technique used in data processing to find matches that are approximately equal, allowing for minor differences or errors in data entries.
    • Origin/Enacted and Enforced: Common in data cleansing, deduplication, and security scanning; not mandated by law but improves data quality and compliance.
    • Impacts Data Types: Names, addresses, identification numbers, and any data prone to typographical errors.
    • Examples: Matching “Jon Smith” with “John Smith” in customer databases to identify duplicates or related records.
    • Potential Fines: Not directly fined, but failure to correctly identify data due to lack of fuzzy matching can lead to compliance risks.
    A B C D E F G H I L M N O P R S U V W