CIPM Certified Information Privacy

Manager All-in-One Exam Guide 1st

Edition Gregory
Visit to download the full and correct content document:
https://ebookmass.com/product/cipm-certified-information-privacy-manager-all-in-one-
exam-guide-1st-edition-gregory/
 ABOUT THE AUTHOR

Peter H. Gregory, CIPM, CDPSE, CISA, CISM, CRISC, CISSP, DRCE,

CCSK, is a 30-year career technologist and a security leader in a
telecommunications company. He has been developing and
managing information security management programs since 2002
and has been leading the development and testing of secure IT
environments since 1990. Peter has also spent many years as a
software engineer and architect, systems engineer, network
engineer, and security engineer. He has written many articles,
whitepapers, user manuals, processes, and procedures throughout
his career, and he has conducted numerous lectures, training
classes, seminars, and university courses.
Peter is the author of more than 40 books about information
security and technology, including Solaris Security, CISM Certified
Information Security Manager All-In-One Exam Guide, and CISA
Certified Information Systems Auditor All-In-One Exam Guide. He
has spoken at numerous industry conferences, including RSA,
Interop, (ISC)² Congress, ISACA CACS, SecureWorld Expo, West
Coast Security Forum, IP3, Source, Society for Information
Management, the Washington Technology Industry Association, and
InfraGard.
Peter serves on advisory boards for cybersecurity education
programs at the University of Washington and the University of
South Florida. He was the lead instructor for nine years in the
University of Washington certificate program in applied cybersecurity,
a former board member of the Washington State chapter of
InfraGard, and a founding member of the Pacific CISO Forum. Peter
is a 2008 graduate of the FBI Citizens Academy and a member of
the FBI Citizens Academy Alumni Association. He is also a member
of the IAPP, ISACA, and (ISC)².
Peter resides with his family in Washington state and can be
found online at www.peterhgregory.com.

About the Technical Editor

John Clark, CIPP/E, CIPT, FIP, CDPSE, CISSP, CISA, CISM, is an
information security executive advisor to CISOs, CIOs, boardrooms,
and business executives. John has contributed to many articles,
blogs, and presentations addressing privacy program management
and has spoken on the topic at industry conferences. With more
than 20 years of experience in information security and privacy, he
has developed a passion for working with clients to develop
sustainable, business-aligned information security and privacy
management programs that can be applied to emerging regulations
with minimal change. In addition to earning multiple industry
certifications, John has a bachelor’s degree in management
information systems and an MBA from the University of Houston.
Copyright © 2021 by McGraw Hill. All rights reserved. Except as
permitted under the United States Copyright Act of 1976, no part of
this publication may be reproduced or distributed in any form or by
any means, or stored in a database or retrieval system, without the
prior written permission of the publisher, with the exception that the
program listings may be entered, stored, and executed in a
computer system, but they may not be reproduced for publication.

ISBN: 978-1-26-047410-7
MHID: 1-26-047410-0

The material in this eBook also appears in the print version of this
title: ISBN: 978-1-26-047409-1, MHID: 1-26-047409-7.

eBook conversion by codeMantra

Version 1.0

All trademarks are trademarks of their respective owners. Rather

than put a trademark symbol after every occurrence of a
trademarked name, we use names in an editorial fashion only, and
to the benefit of the trademark owner, with no intention of
infringement of the trademark. Where such designations appear in
this book, they have been printed with initial caps.

McGraw-Hill Education eBooks are available at special quantity

discounts to use as premiums and sales promotions or for use in
corporate training programs. To contact a representative, please visit
the Contact Us page at www.mhprofessional.com.

Information has been obtained by McGraw Hill from sources believed

to be reliable. However, because of the possibility of human or
mechanical error by our sources, McGraw Hill, or others, McGraw Hill
does not guarantee the accuracy, adequacy, or completeness of any
information and is not responsible for any errors or omissions or the
results obtained from the use of such information.
TERMS OF USE

This is a copyrighted work and McGraw-Hill Education and its

licensors reserve all rights in and to the work. Use of this work is
subject to these terms. Except as permitted under the Copyright Act
of 1976 and the right to store and retrieve one copy of the work,
you may not decompile, disassemble, reverse engineer, reproduce,
modify, create derivative works based upon, transmit, distribute,
disseminate, sell, publish or sublicense the work or any part of it
without McGraw-Hill Education’s prior consent. You may use the
work for your own noncommercial and personal use; any other use
of the work is strictly prohibited. Your right to use the work may be
terminated if you fail to comply with these terms.

THE WORK IS PROVIDED “AS IS.” McGRAW-HILL EDUCATION AND

ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS TO
THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS
TO BE OBTAINED FROM USING THE WORK, INCLUDING ANY
INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA
HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY
WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR
A PARTICULAR PURPOSE. McGraw-Hill Education and its licensors do
not warrant or guarantee that the functions contained in the work
will meet your requirements or that its operation will be
uninterrupted or error free. Neither McGraw-Hill Education nor its
licensors shall be liable to you or anyone else for any inaccuracy,
error or omission, regardless of cause, in the work or for any
damages resulting therefrom. McGraw-Hill Education has no
responsibility for the content of any information accessed through
the work. Under no circumstances shall McGraw-Hill Education
and/or its licensors be liable for any indirect, incidental, special,
punitive, consequential or similar damages that result from the use
of or inability to use the work, even if any of them has been advised
of the possibility of such damages. This limitation of liability shall
apply to any claim or cause whatsoever whether such claim or cause
arises in contract, tort or otherwise.
 To my wife Rebekah, my mother, Nathan, Shannon, and my
extended family for their encouragement and support over the past
sixteen years.

To current and aspiring privacy professionals everywhere who own

the mission of protecting personal information about customers,
employees, and constituents.
 CONTENTS AT A GLANCE

Chapter 1 Developing a Privacy Program

Chapter 2 Privacy Program Framework
Chapter 3 Privacy Operational Lifecycle: Assess
Chapter 4 Privacy Operational Lifecycle: Protect
Chapter 5 Privacy Operational Lifecycle: Sustain
Chapter 6 Privacy Operational Lifecycle: Respond
Appendix A The Risk Management Life Cycle
Appendix B About the Online Content
Glossary
Index
 CONTENTS

Acknowledgments
Introduction

Chapter 1 Developing a Privacy Program

The Privacy Vision
Program Approaches
Privacy Objectives
Executive Sponsorship
Business Alignment
Establish a Data Governance Model
Data Governance
Privacy Governance
Establish a Privacy Program
Strategy Objectives
Risk Objectives
Strategy Resources
Privacy Program Strategy Development
Strategy Constraints
Structure the Privacy Team
Roles
Competency
Privacy Program Communications
Privacy Training and Awareness
Maintaining an Awareness Program
Chapter Review
Quick Review
 Questions
Answers

Chapter 2 Privacy Program Framework

Develop the Privacy Program Framework
Privacy Charter
Developing Privacy Policies
Privacy Standards
Privacy Laws
Establishing Legal Basis for Processing
Establishing Legitimate Interest
Controls
Control Frameworks
Data Inventory
Data Classification
Data Use Governance
Implement the Privacy Program Framework
Building a Privacy Operation
Developing and Running Data Protection Operations
Developing and Running Data Monitoring Operations
Working with Data Subjects
Collecting Consent
Working with Authorities
Privacy Program Metrics
Risk Management Metrics
Data Subject Engagement Metrics
Data Governance Metrics
Program and Process Maturity
Performance Measurement
Resilience Metrics
Convergence Metrics
Resource Management Metrics
Online Tracking and Behavioral Profiling
 Tracking Techniques and Technologies
Tracking in the Workplace
Tracking Prevention
Chapter Review
Quick Review
Questions
Answers

Chapter 3 Privacy Operational Lifecycle: Assess

Privacy Program Baseline
Process Maturity
Baselining Program Elements
Third-Party Risk Management
Cloud Service Providers
Privacy Regulation Requirements
TPRM Life Cycle
Physical Assessments
Assessing Processing Centers and Work Centers
Document Storage
Document and Media Destruction
Device Security
Mergers, Acquisitions, and Divestitures
Influencing the Transaction
Integrating Programs
Privacy Impact Assessments and Data Privacy Impact
Assessments
Privacy Threshold Analysis
PIA Procedure
Engaging Data Subjects in a PIA
The Necessity of a PIA
Integrating into Existing Processes
Recordkeeping and Reporting
Risks Specific to Privacy
 Privacy Threats
Privacy Countermeasures
Chapter Review
Quick Review
Questions
Answers

Chapter 4 Privacy Operational Lifecycle: Protect

Information Security Practices
Identity and Access Management
Technical Security Controls
Administrative Safeguards
Privacy and Security by Design
Integrating Privacy into Organization Operations
Information Security
IT Development and Operations
Business Continuity and Disaster Recovery Planning
Mergers, Acquisitions, Divestitures
Human Resources
Compliance and Ethics
Audit
Marketing
Business Development
Public Relations
Procurement and Sourcing
Legal and Contracts
Security and Emergency Services
Finance
Other Functions
Other Protection Measures
Data Retention and Archiving
Data Destruction
Data Sharing and Disclosure
 Costs of Technical Controls
Chapter Review
Quick Review
Questions
Answers

Chapter 5 Privacy Operational Lifecycle: Sustain

Monitoring a Privacy Program
Business Process Monitoring
Privacy and Security Event Monitoring
External Monitoring
Control Self-Assessment
Auditing Privacy Programs
Privacy Audit Scope
Privacy Audit Objectives
Types of Privacy Audits
Privacy Audit Planning
Privacy Audit Evidence
Auditing Specific Privacy Practices
Chapter Review
Quick Review
Questions
Answers

Chapter 6 Privacy Operational Lifecycle: Respond

Data Subject Requests and Privacy Rights
Data Subject Requests
Working with Authorities
Privacy Incident Response
Incident Response Regulations
Phases of Incident Response
Privacy Incident Response Plan Development
Privacy Continuous Improvement
 Chapter Review
Quick Review
Questions
Answers

Appendix A The Risk Management Life Cycle

The Risk Management Process
Risk Management Methodologies
NIST Standards
ISO/IEC 27005
Factor Analysis of Information Risk
Asset Identification
Hardware Assets
Subsystem and Software Assets
Cloud-Based Information Assets
Virtual Assets
Information Assets
Asset Classification
Data Classification
Asset Valuation
Qualitative Asset Valuation
Quantitative Asset Valuation
Threat Identification
Internal Threats
External Threats
Advanced Persistent Threats
Emerging Threats
Vulnerability Identification
Third-Party Vulnerability Identification
Risk Identification
Risk, Likelihood, and Impact
Likelihood
Impact
 Risk Analysis Techniques and Considerations
Information Gathering
Qualitative Risk Analysis
Semiquantitative Risk Analysis
Quantitative Risk Analysis
OCTAVE
Other Risk Analysis Methodologies
Risk Evaluation and Ranking
Risk Ownership
Risk Treatment
Controls
Costs and Benefits

Appendix B About the Online Content

System Requirements
Your Total Seminars Training Hub Account
Privacy Notice
Single User License Terms and Conditions
TotalTester Online
Technical Support

Glossary

Index
 ACKNOWLEDGMENTS

I am immensely grateful to Wendy Rinaldi for affirming the need to

have this book published on a tight timeline. My readers, including
current and future privacy managers, deserve nothing less.
Heartfelt thanks to Emily Walters for proficiently managing this
project, facilitating rapid turnaround, and equipping me with the
information and guidance I needed to produce the manuscript.
I want to thank my former consulting colleague, John Clark, who
took on tech reviewing the manuscript. A Fellow of Information
Privacy and a member of the International Association of Privacy
Professionals, John carefully and thoughtfully scrutinized the entire
draft manuscript and made scores of practical suggestions that have
improved the book’s quality and value for readers.
Next, I want to thank my former consulting colleague, Greg Tyler,
with whom I worked in a consulting role in data protection projects.
His insight has been invaluable to our clients and to me. Also, I want
to thank Kate Schenker, ITIL, CTPRP, for her records management
expertise and insight.
Many thanks to Janet Walden and Neelu Sahu for managing the
editorial and production ends of the project and to Lisa Theobald for
copy editing the book and further improving readability. I appreciate
KnowledgeWorks Global Ltd. for expertly rendering my sketches into
beautifully clear line art and laying out the pages. Like stage
performers, they make hard work look easy.
Many thanks to my literary agent, Carole Jelen, for her diligent
assistance during this and other projects. Sincere thanks to Rebecca
Steele, my business manager and publicist, for her long-term vision
and for keeping me on track.
 Virtually all of the work producing this book was completed during
the COVID-19 pandemic. In addition to life’s everyday pressures and
challenges, everyone involved in this project stayed on task and
completed their typical high-quality work on schedule. This effort
was likely quite difficult for some of you. I admire your drive and
your dedication to serve our readers with nothing but the best.
Privacy professionals around the world depend upon it.
Despite having written more than 40 books, I have difficulty
putting into words my gratitude for my wife, Rebekah, for tolerating
my frequent absences (in the home office) while I developed the
manuscript. This project could not have been completed without her
loyal and unfailing support and encouragement.
 INTRODUCTION

The information revolution has transformed businesses,

governments, and people in profound ways. Virtually all business
and government operations are now digital, resulting in everyone’s
personal details stored in information systems.
Two issues have arisen out of this transformation: the challenge
to safeguard personal information from criminal organizations, and
the challenge to ensure that personal information is used only for
clearly stated purposes. Difficulties in meeting these challenges have
helped create and emphasize the importance of the cybersecurity
and information privacy professions. Numerous security and privacy
laws, regulations, and standards have been enacted and created,
imposing a patchwork of new requirements on organizations and
governments to enact specific practices to protect and control the
use of our personal information.
These developments continue to drive demand for information
privacy, information security professionals, and leaders in both
privacy and security. These highly sought-after professionals play a
crucial role in developing better information privacy and security
programs that result in reduced risk and improved confidence.
The Certified Information Privacy Manager (CIPM) certification,
established by IAPP in 2013, will light the path for tens of thousands
of privacy and security professionals who need to demonstrate
competence in the privacy field. The International Association of
Privacy Professionals (IAPP), the creator of the Certified Information
Privacy Manager, the Certified Information Privacy Professional
(CIPP), the Certified Information Privacy Technologist (CIPT), and
other certifications, is one of the world’s leading privacy
management and professional development organizations.
Purpose of This Book
Let’s get the obvious out of the way: this is a comprehensive study
guide for the privacy professional who needs a reliable reference for
individual or group-led study for the CIPM certification. The content
in this book contains the information that CIPM candidates are
required to know. This book is one source of information to help you
prepare for the CIPM exam but should not be thought of as the
ultimate collection of all the knowledge and experience that IAPP
expects qualified CIPM candidates to possess. No one publication
covers all of this information.
This book also serves as a reference for aspiring and practicing
privacy professionals and leaders. The content required to pass the
CIPM exam is the same content that practicing privacy professionals
need to be familiar with in their day-to-day work. This book is an
ideal CIPM exam study guide as well as a desk reference for those
who have already earned their CIPM certification.
The pace of change in the privacy and information security
industries and professions is high. Rather than contain every detail
and nuance of every law, practice, standard, and technique in
privacy and security, this book shows the reader how to stay current
in the profession. Indeed, this pace of change is one of many
reasons that IAPP and other associations require continuous learning
to retain one’s certifications. It is just as important to understand
key facts and practices in privacy and stay current as they continue
to change.
This book is also invaluable for privacy professionals who are not
in a leadership position today. You will gain considerable insight into
today’s privacy challenges. This book is also useful for IT, security,
and business management professionals who work with privacy
professionals and need to improve their understanding of what they
are doing and why.
Finally, this book is an excellent guide for anyone exploring a
privacy career. The study chapters explain all the relevant
technologies, techniques, and processes used to manage a modern
privacy program. This is useful if you are wondering what the privacy
profession is all about.

How This Book Is Organized

The remainder of this book is logically divided into four major
sections:

• CIPM study material Chapters 1 through 6 contain

everything a studying CIPM candidate is responsible for. This
same material is a handy desk reference for aspiring and
practicing privacy professionals.
• Appendix A Here you’ll find a lengthy description of the risk
management life cycle, a vital business process in the
information security and information privacy professions. Risk
management helps business leaders make purposeful business
decisions concerning privacy and information security.
• Practice exams Appendix B explains how to access the
online CIPM practice exam accompanying this book.
• Glossary You’ll find definitions for more than 350 terms used
in the privacy profession.

Information privacy is a big topic, and it depends heavily upon

sound information security practices. Many security and audit topics
are summarized in this book, and there are numerous references to
two other books that offer considerable depth in information
security:

• CISM Certified Information Security Manager All-In-One Exam

Guide
• CISA Certified Information Systems Auditor All-In-One Exam
Guide
Earning and Maintaining the CIPM
Certification
In this section, I’m going to talk about

• What it means to be a CIPM professional

• IAPP and its code of professional conduct
• The certification process
• Preparing for and taking the exam
• How to maintain your certification
• How to get the most from your CIPM journey

Congratulations on choosing to become a Certified Information

Privacy Manager! Whether you have worked for several years in the
field of privacy or have just recently been introduced to the world of
privacy and information security, don’t underestimate the hard work
and dedication one needs to obtain and maintain CIPM certification.
Although ambition and motivation are required, the rewards can far
exceed the effort.
You may not have imagined you would find yourself working in
the privacy world or looking to obtain a privacy certification. Perhaps
the explosion of privacy laws led to your introduction to this field. Or
possibly you have noticed that privacy-related career options are
increasing exponentially, and you have decided to get ahead of the
curve.
By selecting the CIPM certification, you’re hitching your wagon to
the IAPP star. Founded in 2000, IAPP has more than 50,000
members, many of whom have earned one or more of its
certifications: CIPM (established in 2013), CIPP (Certified
Information Privacy Professional), CIPT (Certified Information Privacy
Technologist), and FIP (Fellow of Information Privacy).
IAPP’s certifications are accredited by the American National
Standards Institute (ANSI) under the ISO/IEC 17024:2012 standard.
This means that IAPP’s certification program is certified as having
the highest quality, integrity, and reliability available. Not all
professional certifications are so certified; before investing your time
and energy in a certification, see that it is ANSI certified.
I have put together this information to help you understand the
commitment you’ll need to prepare for the exam and to maintain
your certification. It is my wish to see you pass the exam with flying
colors. I’ve also included information and resources to help you
maintain your certification and to represent yourself proudly in the
professional world of privacy with your new credentials.
If you’re new to IAPP, I recommend you tour the web site and
become familiar with the available guides and resources. If you’re
near one of the local IAPP KnowledgeNet chapters in 50-plus
countries, consider taking part in the activities and even reaching
out to the chapter board for information on local meetings, training
days, conferences, and study sessions. You may meet other privacy
professionals who can give you additional insight into the CIPM
certification and the privacy profession.
CIPM certification primarily focuses on privacy program
operations. It certifies the individual’s knowledge of information
privacy strategy development, building and managing a privacy
program, preparing for and responding to privacy incidents, and
information security. Organizations seek out qualified personnel for
assistance with developing and maintaining strong and effective
privacy programs, and a CIPM-certified individual is a great
candidate for this.

Benefits of CIPM Certification

Obtaining the CIPM certification offers several significant benefits:

• Expands knowledge and skills; builds confidence

Developing knowledge and skills in privacy and data
protection, building and managing a privacy program, and
responding to privacy incidents can prepare you for
advancement or expand your scope of responsibilities. The
 personal and professional achievement can boost your
confidence and encourage you to move forward and seek new
career opportunities.
• Increases marketability and career options Because of
various legal and regulatory requirements, such as the Health
Insurance Portability and Accountability Act (HIPAA), Gramm–
Leach–Bliley Act (GLBA), the European General Data
Protection Regulation (GDPR), the California Consumer Privacy
Act (CCPA), the Virginia Consumer Data Protection Act
(CDPA), and the California Privacy Rights Act (CPRA), demand
is growing for individuals with experience in developing and
running privacy programs. Besides, obtaining your CIPM
certification demonstrates to current and potential employers
your willingness and commitment to improving your privacy
knowledge and skills. Having a CIPM certification can provide
a competitive advantage and open up many opportunities in
various industries and countries.
• Meets employment requirements Many government
agencies and organizations are requiring certifications for
positions involving privacy and information security. While the
privacy certifications are relatively new, it’s only a matter of
time before government agencies and the privacy industry
requires a leading privacy certification for its privacy
professionals.
• Builds customer confidence and international
credibility Prospective customers needing privacy work will
have faith that the quality of the strategies proposed and
executed by certified professionals are in line with
internationally recognized practices and standards.

Regardless of your current position, your ability to demonstrate

knowledge and experience in the areas of privacy can expand your
career options. The certification does not limit you to privacy or
privacy management; it can provide additional value and insight to
those currently holding or seeking the following positions:
 • Executives such as chief privacy officers (CPOs), data
protection officers (DPOs), chief operating officers (COOs),
chief financial officers (CFOs), chief compliance officers
(CCOs), and chief information officers (CIOs)
• Records management executives and practitioners
• Marketing management executives and practitioners
• IT management executives such as CIOs, chief technology
officers (CTOs), directors, managers, and staff
• Chief audit executives, audit partners, and audit directors
• Compliance executives and management
• Security and audit consultants

Finally, because privacy and cybersecurity are so closely related,

many cybersecurity leaders and professionals see their span of
responsibilities expanding to include privacy. Soon, cybersecurity
professionals lacking privacy certifications and experience may find
themselves disadvantaged in their organizations and in the
employment market.

Becoming a CIPM Professional

To become a CIPM professional, you are required to pay the exam
fee, pass the exam, and agree to uphold IAPP ethics and standards.
To keep your CIPM certification, you are required to take and
document at least 20 continuing education hours every two years
and pay maintenance fees. This life cycle is depicted in Figure 1.
Figure 1 The CIPM certification life cycle

IAPP has published several important publications that describe

the latest CIPM certification and the certification process. Since no
published book can keep up with minute changes, I recommend
obtaining copies of these publications to ensure that you have the
most up-to-date information available:

• IAPP Privacy Certification Candidate Handbook –

Procedures and Policies This book describes IAPP
certifications and the certification process in general. The
latest edition of this publication describes onsite as well as
remote certification exams. The entire content of the IAPP
Code of Professional Conduct, Application Statement, and
Confidentiality Agreement are included in the publication. This
is available at https://iapp.org/certify/candidate-handbook.
• Outline of the Body of Knowledge (BOK) for the
Certified Information Privacy Manager (CIPM) This
publication contains the complete outline of all of the
knowledge required of a CIPM candidate. This book closely
follows this publication’s outline. This document is available at
https://iapp.org/certify/get-certified/cipm/.
• Examination Blueprint for the Certified Information
Privacy Manager (CIPM) This publication provides a brief
 look at the CIPM body of knowledge and specifies the number
of exam questions that will appear for each section. This is
available at https://iapp.org/certify/get-certified/cipm/.
• Certified Information Privacy Manager (CIPM) Study
Guide This publication describes the requirements for earning
the CIPM certification, the Exam Blueprint, and the Body of
Knowledge outline—all in one document. This can be found at
https://iapp.org/certify/free-study-guides/; you will need to
register to obtain your free copy.

IAPP Membership
While paying the biennial US$250 maintenance fee is the least
expensive option for maintaining the CIPM certification,
certification holders can instead choose to join IAPP as a member
for US$275 per year. IAPP members have access to a trove of
members-only content that includes daily news and analysis,
discussion groups, resource and research materials, and free
training.

Certification Requirements
The following outlines the primary requirements for becoming
certified:

• Purchase the exam Candidates are required to pay a one-

time exam fee, currently US$550, and must take the exam
within one year of purchase.
• Pay initial certification maintenance fee You are
required to pay the initial certification maintenance fee,
currently US$250 for the first two-year term. Failure to do so
will result in your CIPM not being activated upon receiving a
passing score. Alternatively, you may become a member of
IAPP and pay an annual membership fee of US$275, which
includes your certification maintenance.
 • Pass the exam Candidates must receive a passing score on
the CIPM exam.
• Code of Professional Conduct All IAPP certified individuals
are required to support the IAPP Code of Professional
Conduct, which appears in the “IAPP Privacy Certification
Candidate Handbook.”
• Education Those who are certified must adhere to the CIPM
Continuing Professional Education Policy, which requires a
minimum of 20 continuing professional education (CPE) hours
each two-year period.

Privacy Work Experience

Readers familiar with professional certifications in the professions
of information technology and information security may notice the
lack of a requirement for work experience for the CIPM. Although
the CIPM is a knowledge certification, it would be more difficult
for someone with no privacy work experience to pass the exam.
This is because the exam requires far more than memorization of
facts and terms, but also relies on professional judgment gained
only from work experience. That said, if you have experience in IT
management or operations, IT security management or
operations, and data management experience, you will have some
of the foundational knowledge already. This book will help to close
your knowledge gaps regardless of your starting point.

IAPP Code of Professional Conduct

Becoming a CIPM professional means you agree to adhere to the
IAPP Code of Professional Conduct. The code of conduct is a formal
document outlining those things you will do to ensure the utmost
integrity and to best support and represent the organization and
certification.
The IAPP code of ethics requires IAPP certification holders to do
the following:
 • Conduct yourself professionally at all times.
• Represent your IAPP certifications honestly.
• Maintain professional knowledge.
• Follow all IAPP policies and requirements.

You can find the full text of the IAPP Code of Professional Conduct in
the “IAPP Privacy Certification Candidate Handbook.”

The Certification Exam

IAPP offers certification throughout the year at numerous testing
centers as well as remotely proctored exams you can take at home
or at work. I highly recommend you plan ahead and register early,
particularly if you plan to take the exam at a test center, as space
may be limited.

NOTE As is the case with professional certifications and

examinations, the terms, conditions, locations, and rules for
certification exams are likely to change from time to time. Readers
should thoroughly examine the logistics described in the “IAPP
Privacy Certification Candidate Handbook” for the most current
information.

Once you have registered for the exam, you will receive one or
more e-mail messages that describe the steps you must undergo to
take the CIPM exam. You may be directed to select a location to take
your exam, or you may be directed to meet the requirements to take
the exam remotely. As you decide about test locations, dates, and
other conditions, IAPP or a third-party exam service will send you
confirmations.
CAUTION It is essential that you thoroughly understand the rules
regarding the exam. Failure to abide by these rules may result in
your disqualification for the CIPM certification.

Whether you take the exam remotely or at a test center, you will
be supervised by a proctor. Examination candidates should expect to
be monitored by video surveillance to ensure that no one can cheat
on the exam.
Each registrant has 2-1/2 hours to take the 90-question
computerized exam. Each multiple-choice question has four answer
choices; test-takers can select only one best answer. You can skip
questions and return to them later, and you can also flag questions
that you want to review later if time permits. While you are taking
your exam, the time remaining will appear on the screen.
When you have completed the exam, you are directed to close
the exam. At that time, the exam may display your preliminary pass
or fail status, with a reminder that your score and passing status are
subject to review.
Exam questions are derived from analysis conducted by IAPP. The
areas selected represent those tasks performed in a CIPM’s day-to-
day activities and represent the background knowledge required to
develop and manage an information privacy program. You can find
more detailed descriptions of the task and knowledge statements in
the “CIPM Study Guide.”
The CIPM exam is quite broad in its scope. The exam covers six
job practice areas, as shown in Table 1.
Table 1 CIPM Exam Practice Areas

Independent committees have been developed to determine the

best questions, review exam results, and statistically analyze the
results for continuous improvement. Should you come across a
horrifically difficult or strange question, do not panic. IAPP may have
written this question for another purpose: a few questions may be
included for research and analysis purposes and will not count
against your score. The exam contains no indications in this regard,
so you should consider every question as one that contributes to the
final score.

Exam Preparation
The CIPM certification requires a great deal of knowledge and
experience from the CIPM candidate. You need to map out a long-
term study strategy to pass the exam. The following sections offer
some tips and are intended to help guide you through and beyond
exam day.

Before the Exam

Consider the following list of tips on tasks and resources for exam
preparation. They are listed in sequential order.

• Read the exam candidate’s guide. For information on the

certification exam and requirements for the current year, find
the Certified Information Privacy Manager (CIPM) Study
 Guide. Go to https://iapp.org/certify/free-study-guides/ and
click CIPM.
• Register for the exam. If you are able, register early for any
cost savings and to solidify your commitment to moving
forward with this professional achievement.
• Schedule your exam. Find a location (where applicable), date,
and time—and commit.
• Become familiar with the CIPM body of knowledge. The body
of knowledge serves as the basis for the exam and
requirements. Read this book, and take the online practice
exams described in Appendix B.
• Know your best learning methods. Everyone has a preferred
learning style, whether it’s self-study, a study group, an
instructor-led course, or a boot camp. Try to use a study
program that leverages your strengths.
• Self-assess by taking practice exams. Run through the online
practice exam questions (see Appendix B for information).
• Study iteratively. Depending on how much work experience in
privacy you have already, I suggest you plan your study
program to take at least two months but as long as six
months. During this time, periodically take the online practice
exams and note your areas of strength and weakness. Once
you have identified your weak areas, focus on those areas
weekly by rereading the related sections in this book and
retaking practice exams, and note your progress.
• Avoid cramming. We’ve all seen the books on the shelves with
titles that involve last-minute cramming. Just one look on the
Internet reveals various web sites that cater to teaching
individuals how to cram for exams most effectively. Research
sites claim that exam cramming can lead to colds and flu,
sleep disruptions, overeating, and digestive problems. One
thing is certain: many people find that good, steady study
habits result in less stress and greater clarity and focus during
the exam. Because of the complexity of this exam, I highly
 recommend the long-term, steady-study option. Study the job
practice areas thoroughly. There are many study options. If
time permits, investigate the many resources available to you.
• Find a study group. Contact your local IAPP KnowledgeNet
chapter to see whether these options are available to you; go
to https://www.iapp.org/connect/communities/chapters/ for
more information. Use your local network to find out whether
there are other local study groups and other helpful resources.
• Check your confirmation letter. Recheck your confirmation
letter. Do not write on it or lose it. Put it in a safe place, and
take note of the exam’s date, time, and place. Note this on
your calendar. If you are taking the exam at a testing center,
confirm that the location is the one you selected and located
near you. Understand all specific requirements and plan
ahead.
• Check logistics. If you are taking the exam at a test center,
check the candidate’s guide and your confirmation letter for
the exact time required to report to the test site. Check the
site a few days before the exam—become familiar with the
location and tricks to getting there. If you are taking public
transportation, be sure you are looking at the schedule for the
day of the exam. If your CIPM exam is scheduled on a
weekend, public transportation schedules may differ from
weekday schedules. If you are driving, know the route and
where to park your vehicle. If you are taking the exam online,
check the “IAPP Privacy Certification Candidate Handbook”
and your confirmation letter for your exam’s exact time and
ensure that you have the required equipment, software, and
materials available.
• Pack what you need. If you are taking the exam at a test
center, place your confirmation letter and a photo ID in a safe
place, ready to go. Your ID must be a current, government-
issued photo ID that matches the name on the confirmation
letter and must not be handwritten. Examples of acceptable
forms of ID are passports, driver’s licenses, state IDs, green
 cards, and national IDs. Make sure you leave food, drinks,
laptops, cell phones, and other electronic devices behind, as
they are not permitted at the test site.
• Get some sleep. Make sure you get a good night’s sleep
before the exam. Research suggests that you should avoid
caffeine at least four hours before bedtime, keep a notepad
and pen next to the bed to capture late-night thoughts that
might keep you awake, eliminate as much noise and light as
possible, and keep your room at a comfortable temperature
for sleeping. In the morning, rise early so as not to rush and
subject yourself to additional stress.

Day of the Exam

On the day of the exam, follow these tips:

• Dress comfortably. Certification exams are difficult and

require long periods of intense concentration. It is important,
therefore, to ensure you will be comfortable as possible
physically. Avoid tight-fitting clothes, and dress in layers to
stay comfortable throughout the exam.
• Arrive early. If you are taking the exam at a test center, check
the Bulletin of Information and your confirmation letter for the
exact time you are required to report to the test site. The
confirmation letter or the candidate’s guide explains that you
must be at the test site no later than approximately 30
minutes before testing time. The examiner will begin reading
the exam instructions at this time, and any latecomers will be
disqualified from taking the test and will not receive a refund
of fees.
• Observe test center rules. There may be rules about taking
breaks. The examiner will discuss this along with exam
instructions. If you need something at any time during the
exam and are unsure as to the rules, be sure to ask first.
 • Answer all exam questions. Read questions carefully, but do
not try to overanalyze. Remember to select the best answer.
There may be several reasonable answers, but one is better
than the others. If you aren’t sure about an answer, you can
mark the question and return to it later. After going through
all the questions, you can return to the marked questions (and
others) to read them and consider them more carefully. Above
all, try not to overanalyze questions, and do trust your
instincts. Do not rush through the exam; there is plenty of
time to take as much as a few minutes for each question. But
at the same time, watch the clock so that you don’t find
yourself going so slowly that you won’t be able to answer
every question thoughtfully.
• Note your exam result. When you have completed the exam,
you should see your preliminary pass/fail result. Your results
may not be in large, blinking text; you may need to read the
fine print to see your preliminary results. If you passed,
congratulations! If you did not pass, do observe any remarks
about your status; you will be able to retake the exam—there
is information about this on the IAPP web site.

If You Did Not Pass

If you did not pass your exam on the first attempt, don’t lose
heart. Instead, remember that failure is a stepping stone to
success. Thoughtfully take stock and determine your improvement
areas. Go back to this book’s practice exams and be honest with
yourself regarding those areas where you need to learn more.
Reread the chapters or sections where you require additional
study. If you participated in a study group or training, contact
your study group coach or class instructor for advice on studying
the topics you need to master. Take at least several weeks to
study those topics, refresh yourself on other topics, and then give
it another go. Success is granted to those who are persistent and
determined.
After the Exam
A few days to a few weeks from the exam date, you will receive your
exam results by e-mail or postal mail. Each job practice area score
may be noted in addition to the overall final score.
Those unsuccessful in passing will also be notified. These
individuals will want to closely examine the job practice area scores
to determine areas for further study. They may retake the exam as
many times as needed on future exam dates, as long as they have
registered and paid the applicable fees. Regardless of pass or fail,
exam results will not be disclosed via telephone, fax, or e-mail
(except for the consented e-mail notification).

Retaining Your CIPM Certification

There is more to becoming a CIPM professional than merely passing
an exam, submitting an application, and receiving a paper
certificate. Becoming a CIPM professional is not merely a
destination; instead, it should be considered a lifestyle. Those with
CIPM certification are required to agree to abide by the code of
ethics, meet ongoing education requirements, and pay annual
certification maintenance fees. Let’s take a closer look at the
education requirements and explain the fees involved in retaining
certification.

Continuing Education
The goal of continuing professional education requirements is to
ensure that individuals maintain CIPM-related knowledge to help
them better develop and manage privacy and security management
programs. To maintain CIPM certification, individuals must obtain 20
continuing education hours over each two-year period. Each CPE
hour is to account for one hour of active participation in educational
activities.
IAPP’s CPE Policy can be accessed at https://iapp.org/certify/cpe-
policy/.
What Counts as a Valid CPE Credit?
For training and activities to be utilized for CPEs, they must involve
technical or managerial training directly applicable to information
privacy, information security, and information privacy and security
management. The following list of activities has been approved by
the CIPM certification committee and can count toward your CPE
requirements:

• Academic class attendance

• Reading a book, eBook, or audiobook
• Coaching or mentoring a colleague or employee
• Attending industry events (full list at
https://iapp.org/about/industry-events/)
• Attending IAPP board presentation
• Attending IAPP certification training
• Attending IAPP conferences
• Attending IAPP KnowledgeNet events
• Attending non-IAPP conferences or events
• Proctoring an IAPP exam
• Publishing a book or article
• Performing research, studying, or training
• Speaking at an industry event
• Teaching a course

For more information on what is accepted as a valid CPE credit,

see the CPE Policy (https://iapp.org/certify/cpe-policy/).

IAPP CPE Central

IAPP looks out for its members; a great example is CPE Central
(https://iapp.org/certify/cpe-central/), a site where IAPP members
can search for many different kinds of educational content, including
books, whitepapers, news, tools, training, videos, and web
conferences. Much of the available content is free, so there’s no
argument for not being able to afford continuing education and
training.

Tracking and Submitting CPEs

Not only are you required to submit a CPE tracking form for the
annual renewal process, but you also should keep detailed records
for each activity. Records associated with each activity should include
the following:

• Name of attendee
• Name of sponsoring organization
• Activity title
• Activity description
• Activity date
• Number of CPE hours awarded

It is in your best interest to track all CPE information in a single

file or worksheet. IAPP has developed a tracking form for your use in
the CPE Policy. Consider keeping all related records such as receipts,
brochures, and certificates in the same place. You should retain
documentation throughout the two-year certification period and for
at least two additional years. This is especially important, as you
may someday be audited. If this happens, you would be required to
submit all paperwork as proof of your continuous learning. So why
not be prepared?
For new CIPMs, the annual and two-year certification period
begins on the first day of the month following the date the CIPM was
earned. You must earn and register your CPEs on IAPP’s web site
before your CIPM certification expires. Though IAPP will send you
reminders, I recommend you make annually recurring calendar
entries to remind you to earn and enter your CPEs. It’s possible that
those CPE and renewal reminders from IAPP will be caught in your
spam filter, or you might just not see them if you receive a lot of e-
mail.
 Notification of compliance from the certification department is
sent after all the information has been received and processed.
Should IAPP have any questions about the information you have
submitted, someone from the organization will contact you directly.

Sample CPE Submission

Table 2 contains an example of a CPE submission. I recommend you
also create a worksheet where you document your CPEs. Table 3
contains an example worksheet representing one’s CPE records.

Table 2 Sample CPE Submission Form

Table 3 Sample CPE Recordkeeping

Certification Maintenance Fees

To remain CIPM certified, you must pay maintenance fees every
other year or your IAPP membership fees every year.

TIP Because you may not receive an e-mail reminder, I

recommend you create calendar entries or other suitable ways to
remind you to record your CPEs and pay your certification
maintenance or IAPP membership fees.

Revocation of Certification
A CIPM-certified individual may have his or her certification revoked
for the following reasons:
 • Failure to complete the minimum number of CPEs during the
period
• Failure to document and provide evidence of CPEs in an audit
• Failure to submit payment for maintenance fees
• Failure to comply with the Code of Professional Conduct,
which can result in investigation and ultimately lead to
revocation of certification

If you have received a revocation notice, you will need to contact

the IAPP at appeal@iapp.org or https://iapp.org/about/contact/ for
more information.

Summary
Becoming and being a CIPM professional is a lifestyle change, not
just a one-time event. It takes motivation, skill, good judgment,
persistence, and proficiency to be a strong and effective contributor
in the world of privacy. The CIPM was designed to help you navigate
the privacy world with greater ease and confidence.
In the following chapters, each CIPM domain is discussed in
detail, and additional reference material is presented. Not only is this
information useful for studying before the exam, but it is also meant
to serve as a resource throughout your career as a privacy
professional.
 CHAPTER 1

Developing a Privacy Program

In this chapter, you will learn about
• Developing a privacy vision
• Ensuring business alignment
• Developing a privacy and security strategy
• Resources needed to develop and execute a privacy and
security strategy
• Obstacles to strategy development and execution
• Privacy program communications
This chapter covers Certified Information Privacy Manager job
practice I, “Developing a Privacy Program.” The domain represents
approximately 22 percent of the CIPM examination.

The genesis of a privacy program is a vision in the mind of a privacy

leader. The privacy leader imagines the existence of a privacy
program complete with policy, governance, and operations that
together ensure the proper collection, use, handling, protection, and
disposal of personal information.

The Privacy Vision

Organizations, including private companies, nonprofits,
nongovernment organizations (NGOs), and governments, collect and
store personal information about customers, citizens, employees,
volunteers, and others. Privacy in the context of personal
information includes two main components: the proper collection,
handling, management, and use of personal information, and the
protection of personal information.
The first component, proper collection, handling, management,
and use of personal information, is often implemented in the form of
data governance. This is a field in itself that includes policies and
processes to ensure that all important data, including personal
information, is used in accordance with policy and with management
oversight and approval. The next component, proper protection of
personal information, is generally implemented in the form of
cybersecurity. As a practice, cybersecurity has existed for decades
and continues to evolve as an art.

Program Approaches
There is more than one way to crack an egg. Similarly, there are
several ways to approach the vision and mission of privacy. There is
no single, correct approach; in fact, several approaches can be used
to attack the matter of privacy. Numerous factors influence the
approach, ranging from executive culture to regulatory obligations as
well as risk tolerance and risk appetite. Perhaps a good starting
point is to consider the typical stakeholders, which include

• Legal
• Human resources (HR)
• Information technology (IT)
• Cybersecurity
• Marketing and sales
• Business units or departments

Some organizations may include additional stakeholders.

Privacy Objectives
Organizations have various reasons for putting resources into a
privacy function. Not all organizations and their circumstances are
alike, although they share some common threads. Two primary
objectives are most often used:

• Avoidance of regulatory problems

• Enhancement of customer experience

You may note the stark contrast between these objectives. In the
first, the organization is moving away from something (regulatory
trouble), while in the second, the organization is moving toward
something (improved customer experience and market
competitiveness). It is said that all human action is driven by two
basic emotions: fear and love. The primary objective of a privacy
program appears to be so aligned.

Executive Sponsorship
Executive sponsorship is the formal or informal approval to commit
resources to a business problem or challenge. Privacy is no
exception: without executive sponsorship, privacy will be little more
than an unrealized idea.
In its simplest form, the business case for implementing a privacy
program comes down to one or two points: the consequences for
failing to implement a privacy program and the benefits enjoyed
from implementing a program. These can be expressed in financial
terms or in terms of image, brand, reputation, and/or market share.
The other dimension related to sponsorship is this: How much
privacy is enough? Cybersecurity executives and their corporate
counterparts have been arguing a similar point for decades: How
much security is enough? Both questions can be answered by
understanding the organization’s current state, its desired future
state, and the costs and consequences involved.

Business Alignment
As vision gives way to strategy, the organization’s privacy leader
must ensure that the information privacy program fits in with the
Another random document with
no related content on Scribd:
cerebellar tract—or, rather, a large part of the periphery of the lateral
column—may be sclerosed in this disease. In this way, since the
direct pyramid tract in the anterior, the greater part of the border of
the lateral, and the entire posterior column are degenerated, the
sclerosis resembles a marginal ring113 in shape.
113 Archiv für Psychiatrie, xiv. p. 384.

Anatomically, the sclerosis of the family form of tabes resembles that

form of combined sclerosis in which the lateral and posterior
columns are together affected. It is probably due to a defective
development of these tracts, rendering them liable to premature
decrepitude or increasing their vulnerability. The latter alternative is
exemplified in those cases where some acute disease of childhood,
such as scarlatina or measles, acted as an exciting cause.

DIAGNOSIS.—There are two affections some of whose leading

symptoms are so closely imitated by those of this disease that they
may be confounded with it on first sight. These are tabes dorsalis—
of which the family form is still regarded a variety, as the name
indicates—and disseminated sclerosis. In the gait the former, in the
nystagmus and scanning speech the latter, disorder is approximated.
The distinction from true tabes has already been dilated on. (See
Tabes.) The fact that relatives—usually the sisters and brothers—of
the patient are affected in the same way in their youth speaks in
favor of the family form. The deep reflexes are not abolished early,
as in tabes, nor are anæsthesias or paræsthesias early symptoms,
as in the latter. The speech-disturbance and nystagmus, which in
most cases develop later in the family form, serve to distinguish it
from true tabes in the advanced stage. It is at this period that the
disease may resemble a disseminated sclerosis. The hereditary or
family character does not aid us in making a discrimination here, as
there is also a family form of the latter disease. But the absence of
intention tremor, which we would assume to be present in a case of
disseminated sclerosis of the cerebral type, and of optic-nerve
atrophy serves to distinguish the two. Musso claims that the speech-
disturbance is also different in character. There certainly is more
lingual ataxia in the family form of tabes, and less of typical
scanning, but I am doubtful about our ability to differentiate these
characters in all cases. The following table includes the main points
of difference, clinically considered, between the acquired and the
family form of tabes:

Tabes Dorsalis. The Family Form.

Prodromata. Marked and constant. Absent or slight.
Static ataxia (Romberg Early and constant. Absent.
symptom).
Involvement of upper extremities. Usually late. Early.
Ataxia of tongue, eyes, and Absent or unnoticeable. Always developed.
trunk-muscles.
Paresis. Rare. Characteristic.
Anæsthesia. Present in some form. Absent or slight.
Paræsthesia. Constant. Rare.
Sexual desire. Becomes extinguished. Remains unaffected.
Deep reflexes. Abolition usually initial. Abolition in course of
disease.114
Sphincters. Involvement is characteristic Involvement late, if at all.
and early.

114 There are conflicting observations on this point.

Disseminated Sclerosis.

SYNONYMS.—Multiple cerebro-spinal sclerosis (also spinal and

cerebral form), Insular cerebro-spinal sclerosis, Focal sclerosis,
Multilocular sclerosis; Herd-sklerose (Ger.); Sclerose en plaques
disseminées, Sclerose en plaques generalisées (French).

The occurrence of disseminated patches of gray degeneration in the

nervous axis was observed by Cruveilhier and Türck, but they
regarded the affection rather from the anatomical than the clinical
standpoint, and it was left for Frerichs to recognize its important
position among the chronic affections of the brain and spinal cord.
The earlier German investigators who followed him were cautious in
generalization, and it was not until Vulpian, Charcot, and their
followers announced the discovery of infallible diagnostic criteria that
disseminated sclerosis received that attention at the hands of the
profession which it merits. But the more thorough researches made
during the last two decades have shown that this announcement was
premature. The best authorities recognize the existence of a large
number of cases in which the supposed pathognomonic signs of
disseminated sclerosis are absent, notwithstanding the existence of
characteristic lesions, and thus the more cautious earlier
investigators are justified in the reserve they had maintained.

It is in perfect harmony with the irregular location of the disease and

the lack of any constant rule governing the distribution of the
sclerotic foci that there is no constant clinical picture by which its
existence can be accurately determined in all cases. The diagnosis
of tabes dorsalis, of spastic paralysis, of amyotrophic lateral
sclerosis, and of transverse myelitis rests on exact and constant
signs, but that of disseminated sclerosis does not. The dictum of
Charcot, that there is always intention tremor and nystagmus in
disseminated sclerosis, has long been overthrown. Well-determined
cases are on record by De Fleury and Westphal, and a number have
been observed by myself, where there was no tremor or no
increased tremor with intended movement, and no nystagmus, nor
any other of the pathognomonic symptoms so considered by Charcot
and his followers.

The morbid process of disseminated sclerosis consists in the

development of patches of sclerosed tissue, scattered apparently
without any regularity or rule through the brain and spinal cord. They
are the results of insidious inflammatory changes. The symptoms
marking their presence may include nearly every known focal and
general symptom studied by neurologists, varying with the number,
size, and distribution of the foci. Usually there is some disturbance of
motility, both ataxic and paretic; in the majority there is tremor, which
in a large proportion of cases is of a distinctive character, and
disturbance of the functions of the cranial nerves, amblyopia, color-
blindness, mental enfeeblement; and, above all, apoplectiform
seizures are frequent.

Some writers discriminate between cases in which the lesions are

limited to, or most intense in, the spinal cord, and those in which the
brain is chiefly or exclusively involved, and hence they speak of a
spinal, a cerebral, and a cerebro-spinal form. This discrimination is
not sufficiently supported by clinical evidence to be of any practical
value. Each case is to be studied by itself during life and after death,
and to be regarded as one of a series in which the lesion may be
concentrated in any one segment of the cerebro-spinal axis. It
seems that when the sclerotic foci are limited to or chiefly located in
the spinal cord, the clinical signs are less pronounced than where
the brain is seriously involved; those cases in which the symptoms
are latent, or so vague that they cannot be distinguished from spinal
irritation or spinal exhaustion, have been found to be of the spinal
type. The cases of this character thus far observed are not
sufficiently numerous to justify the creation of special subdivisions.115
115 According as the formation of the sclerotic foci preponderates in a given segment
of the nervous axis, the early signs of the disease may consist in disturbances of the
cerebral or the spinal functions, and we may speak accordingly of a cerebral or spinal
invasion type. But the principle of classification adopted by several recent writers,
which would rank the spinal type among the spinal diseases, the cerebral type among
the cerebral diseases, and which is compelled to erect a third category for the
reception of the cerebro-spinal type under the name of cerebro-spinal diseases, is a
bad one. Modern pathology recognizes the existence of affections which involve
whole fibre-systems, which are intracerebral in one and intraspinal in other parts of
their course, such as tabes and amyotrophic sclerosis, which would therefore have to
rank among the cerebro-spinal, and not among the spinal affections, with which the
authors referred to classify them.

CLINICAL HISTORY.—Prodromal.—Disseminated sclerosis is usually

inaugurated by a long initial period in which the symptoms are not
characteristic, and in which, unless there be decisive pupillary or
optic-nerve symptoms present, the nature of the disease is not
recognized. The patients feel weak and tired; walking is difficult, and
an element of unsteadiness suggests the development of a tabic
disorder. In other cases ankle-clonus is found and tremor of the foot
on extension (dorsiflexion); it is discovered that the unsteadiness is
due to weakness or to rigidity of the muscles, and thus the
impression of a developing spastic paralysis may be created. But
symptoms on the part of the cranial nerves soon show that the case
is one of disseminated sclerosis. Sometimes a marked belt
sensation is developed, and other forms of paræsthesia are not
uncommon; nay, the symptoms of spastic paralysis and tabes
dorsalis may be mingled. Diplopia of the same transitory character
as in tabes usually accompanies the gradually-developing speech
trouble. The reflex and mechanical excitability of the muscles is
increased in all cases where the lateral column is extensively
involved and the gray substance of the cord is—as it usually is in the
main—intact. In some cases a slight tap on the knee when held in
the position required to demonstrate the knee-jerk produces
oscillatory movements of the limb; as the patient endeavors to
suppress these they become more violent, extend to the trunk and
head, and may eventually involve the opposite side. In those cases
which show the cerebral-invasion type headache, vertigo, and
speech disturbance, temporary darkening of the visual field, and loss
of memory are the earliest symptoms directing attention to the
existence of serious disease.

Whether the spinal or the cerebral symptoms preponderate, they

continue increasing slowly and with temporary variations, which are
particularly marked in the cerebral-invasion type. As a rule, the
sensory disturbances are not pronounced at this time, but later, after
the initial symptoms have existed for a few years, they become
intense, and often extremely distressing. Those most complained of
by the patient are neuralgic, lancinating, and other pains. The
lancinating pains are, as a rule, not as severe as those of tabes
dorsalis, but they are apt to be associated with a dull heavy pain
which is located in a whole extremity, referred to the deep structures,
and very persistent. This diffuse pain sometimes occupies all of the
lower half of the body. As in tabes, the pain may be regarded the
forerunner of anæsthesia, which rarely, however, reaches a high
degree or an extensive distribution. Its distribution, like that of the
other peripheral symptoms of disseminated sclerosis, is commonly
irregular. Like the motor disturbance, which at this period consists in
a combination of paretic and spastic—occasionally of ataxic—
symptoms, it is most marked in the lower extremities.

In the majority of cases there is a peculiar tremor, which usually

presents the character to which Charcot directed attention—namely,
that it increases when the patient attempts to carry out a voluntary
movement, and disappears, or at least diminishes, when the
muscles of the part in question are at rest. This is the important
symptom known as the tremor on intended movement or intention
tremor. One of the time-honored means of testing it is to order the
patient to take a glass of water and pass it to his mouth. While he
reaches out for it some oscillatory unsteadiness is observed, but on
grasping, this is increased, and on raising the glass the oscillations
increase till he spills the water; if he succeeds in carrying it to his
mouth, there is a clattering against the teeth, and but for the
steadying aid of his mouth he would throw it aside by the violence of
the disturbing movements. In incipient cases this intention tremor is
best shown with delicate movements, and the more distinctly the
more slowly they are performed. It has been suggested that the
peculiar character of the lesion of disseminated sclerosis has some
relation to the intention tremor. It is a remarkable feature of the
morbid process that it leaves the axis-cylinder comparatively intact,
beyond any other form of myelitis or encephalitis. The myelin,
however, is destroyed, and the consequence is that the naked axis-
cylinders lie in a newly-formed connective tissue, which has not the
same faculty the myelin has of isolating the nervous impulses
conducted through the axis-cylinders. The result is, that when a
nervous impulse, such as a voluntary movement, travels through a
sclerotic focus, it may become deflected to neighboring fibres going
to another muscle or muscular bundle than the one intended to be
innervated. An unintended motion results; the patient makes a
stronger effort, intended for the right channel, but again it slips off, to
use a coarse simile, and thus a number of erroneous messages are
transmitted, and an equal number of disturbing motions respond to
these messages.

Whether this histological explanation be correct or not, the tremor is

probably due to the lesion of the peduncular tracts of the brain. At
least, this is rendered plausible for the tremor on intended
movement, which indicates an interference with the transmission of
voluntary impulses. Whether, as Pasternatzky116 claims, the extreme
muscular oscillation seen in advanced cases is due to irritation of the
cortical motor fields, it is impossible to decide. No strong evidence
can be adduced in favor of his view. A few cases have been
described (Schüle, Jolly, and Greiff); and, in my opinion, such are far
more numerous than is usually supposed, where the tremor did not
have the so-called characteristic feature of ceasing in conditions of
rest, claimed by Charcot, but continued as in paralysis agitans.117 A
collection of cases by Erb, Ordenstein, and Greiff shows clearly that
with a typical dissemination of sclerotic foci in the cord the tremor on
intended movement may be entirely absent, while no case is known
where the crus and pons were involved to a similar extent in which it
was absent. So it seems that a cerebral lesion is necessary to
produce this symptom in its characteristic form.
116 Jahrbücher für Psychiatrie, iii. 3, 1882.

117 For several years I had been puzzled by the fact that Charcot's formula failed to
correspond to the clinical picture in the majority of cases, and I registered such cases
as incipient multiple sclerosis or as a connecting group between paralysis agitans and
that disease.

In advanced cases of disseminated sclerosis the intention tremor

becomes generalized; previously noticed, perhaps, only in one arm,
it now affects all the limbs and the muscles which maintain the trunk
and head in static equilibrium. The result is, that even when the
patient is at rest sitting in a chair, his body, and particularly his head,
are agitated by a violent and coarse tremor, which is increased on
rising and walking, as well as on attempting to use the hands.
Delicate mechanical occupations become impossible, and the
handwriting shows a characteristic change, the forward strokes of
the letters and the curvilinear back strokes, as well as the dots and
crosses, registering the tremor of the hand in their peculiar
irregularity.

The speech is usually rough and broken, and sometimes enunciation

is impeded in a peculiar way, the patient appearing to scan his
words. Krause118 has found relaxation of the vocal cords in a
remarkable degree to underlie the change in phonation. The
scanning of speech appears to be due to impeded innervation of the
lips and tongue. When the patient is told to protrude his tongue, he
does so either in spasmodic instalments of movement or with a
sudden jerk after delay. The same delay and apparent halting are
noticed in the mimic expressions that are observed in speech. The
features sometimes express an emotion opposite to the one
experienced by the patient.119
118 Neurologisches Centralblatt, 1885.

119 This symptom is found where there are other reasons for suspecting the existence
of large foci in the pons. I have observed it in one case of tumor of this region, and
one of a focal disease of undetermined anatomical nature in the same location, in a
remarkable form. In the former case the patient not only exhibited the facial
contortions of hearty laughter when she felt as if about to break out in tears, and
broke out in tears when she felt amused, with perverse regularity, but both emotional
manifestations occurred simultaneously. The other case is still under observation.
There was complete anarthria in the first, and nearly complete anarthria in the second
case—a fact not unrelated to the inferred site of the lesion, and which may be
associated with the fact that where the perverse mimic expression occurs in
disseminated sclerosis the speech-disturbance often has an anarthric character.

Whether diplopia occur as an early symptom or not, nystagmic

oscillation of the eyeballs is commonly found in the developed
affection. This nystagmus is usually universal, noted in associated
movements in every direction, and aggravated by excitement, by
constrained positions, and by any act of innervation of the eye-
muscles. It may be looked upon as an intention tremor of the latter,
and attributed to sclerotic foci in the cerebral axis, particularly in the
tegmental part of the pons varolii.

The deep reflexes are in some cases but slightly affected. Where
spastic phenomena preponderate, they are exaggerated, and where
the posterior root-zones are involved in the lesion, they may be, as in
tabes dorsalis, diminished or absent. The nutrition of the muscles is
not impaired in the early stages, and indeed most functions which
depend for their proper performance on the intact condition of the
gray substance, such as the power of retaining the urine, micturition,
and the functions of the rectum, are properly performed at this
period. The cutaneous reflexes are not markedly abnormal in the
majority of cases. They sometimes become diminished in the last
stages.

In cases regarded as disseminated scleroses and similar disorders

approximating the combined form of sclerosis, Westphal120 noticed a
paradoxical muscular phenomenon which is the reverse in action of
the tendon reflexes. It is best observed in the tibialis anticus: if the
foot be extended (dorsiflected)—in other words, if the origin and
insertion of this muscle be approximated—the muscle contracts
firmly, keeping the foot in the enforced position, as if frozen into that
attitude. The same occasionally occurs if the patient voluntarily
extends his foot. Westphal observed the same phenomenon in the
disease described by him in which the symptoms of disseminated
sclerosis are present, but the corresponding lesion is not visible.121
120 Archiv für Psychiatrie, x. p. 243.

121 Ibid., xiv. p. 132. It is a noteworthy fact that this sign has been observed by its
discoverer also in paralysis agitans.

In a number of cases the mind becomes involved. Simple dementia

is the commoner condition, and some indication of passive mental
enfeeblement is found sooner or later in the history of the disease in
the majority of cases. In addition, there may be a morbid emotional
condition, usually in the direction of depression. I have been struck
by the frequent association of a melancholic state with large foci in
the oblongata. When it is borne in mind that the patient exhibits
tremor and speech-disturbance in addition to his mental trouble, it
will be understood that with some modifications of the typical signs
the case may simulate one of paretic dementia; and there are cases
in which it is exceedingly difficult to decide whether they belong to an
aberrant type of disseminated sclerosis or to the sclerotic type of
paretic dementia. There are some which constitute veritable
connecting-links between the two affections.122
122 Zacher, Archiv für Psychiatrie, xiii. p. 168; the writer, Journal of Nervous and
Mental Diseases, April, 1877, and Insanity, its Classification, Diagnosis, and
Treatment, p. 240.

Like tabes dorsalis, the progress of disseminated sclerosis is often

marked by episodes. Some of these differ in no way from the
visceral crises of posterior-column sclerosis; every form of these
symptoms found with that affection may occur in the present one,
while episodes involving the cerebral functions are much more
common. The latter manifest themselves as apoplectiform or
epileptiform seizures. They are preceded by headache and vertigo,
or, if these be continuously present, by an aggravation of them; then
unconsciousness develops, either accompanied by convulsions or
not, and the face is flushed, the pulse full and frequent, and the
temperature raised. Consciousness returns in a few hours or a day,
the attack rarely lasting more than two days, and it is found that the
patient is hemiplegic. But, unlike the hemiplegia found after vascular
rupture, embolism, or structural cortical disease, it is rapidly
recovered from.

In a case of Gnauck's an attack of scotoma scintillans, associated

with a noise of thunder in the right ear and pricking pains on the right
side of the face, preceded anæsthesia and the formation of a small
defect of the visual field.

There is a close resemblance between these apoplectiform and

epileptiform seizures and those of paretic dementia, not alone in
clinical character, but also in the surprisingly complete and rapid
recovery from the more serious symptoms. But just as in paretic
dementia, especially in its advanced stage, each seizure leaves the
patient somewhat more impaired in mind and body than he was
before, so it is in disseminated sclerosis; each attack marks a step
forward in the invasion of the morbid state.

Eye-trouble is much less frequently a premonitory sign of

disseminated sclerosis than of tabes. A few such cases are on
record. Magnan observed the development of the characteristic
symptoms of disseminated sclerosis fourteen years after an
amaurosis which followed typhoid; and Gnauck reports another in
which first a right ptosis, and then a right amblyopia, preceded the
ordinary symptoms. In exceptional cases this premonitory eye-
trouble may, like that of tabes, rapidly lead to extreme amblyopia or
even amaurosis. The visual disturbances are remarkable for their
rapid changes. They appear within a short period, attain their
maximum rapidly, and may occasionally retrograde as quickly. They
develop under two forms—the central and the peripheral scotoma,
or, rather, limitation of the visual or color field. The former, like the
amblyopia of alcoholic and nicotine intoxication, consists in an
inability to differentiate between red and green in the centre of the
visual field. It never, in my experience, proceeds as far as the toxic
amblyopias; that is, to the complete extinction of vision.123 The
peripheral limitation of vision may be for both quantitative and
qualitative light-perception, but it is not, as a rule,124 concentric as in
tabes, but sector-like.
123 Gnauck says that the central color-blindness may become total, and the red-green
blindness extend to the periphery.

124 Concentric limitation of ten to thirty degrees has been noted for color-perception.

The atrophy of the optic nerve in disseminated sclerosis is typically

partial, in the majority of cases manifesting itself as a sharply-
marked discoloration of the temporal half of the papilla. In others the
nasal half of the papilla also becomes discolored, but so much less
intensely that the difference between the earlier involved and later
involved portions is quite easy. It is doubtful whether the subjective
visual disturbance is always an indication of the extent to which the
optic nerve is involved. There are good reasons for believing those
amblyopias and limitations of the field of vision which show marked
remissions and exacerbations to be due to some dynamic central
condition involving the visual centres and tracts. Thus it has been
observed that almost total amaurosis occurred after an apoplectiform
attack, to disappear later on. Occasionally the amblyopia is bilateral
and the optic-nerve lesion unilateral. The frequency of this affection
is stated by Gnauck125 as follows: In one half the cases there is
diminished vision, and in half this half optic-nerve atrophy with
limitation of the visual field. It is only in exceptional cases that an
optic neuritis can be determined to have preceded the atrophy.
125 Of 50 cases, 22 had no visual trouble, 8 showed simple diminution of perception,
5 added limitation, and 15 changes of the optic disc, a case of total atrophy and
amaurosis being included in the latter.

The pupils are perfectly normal in some cases; in others myosis of

the spinal type is observed; and this I found to be nearly constant in
all advanced cases. Irregularity in outline and inequality exist in a
small proportion, and reflex iridoplegia is found in about 10 per cent.
of the cases.

Thus far, the symptoms which occur either in a majority or in a large

percentage of cases have been enumerated. The typical course of
disseminated sclerosis may be stated as consisting in their gradual
development and intensification, covering a period of from four to
twenty or more years. There are a number of cases in which so
many of the symptoms regarded as typical are either absent or
where some given symptom-group preponderates over the others to
such an extent that they require special mention.

It is not difficult to understand that disseminated sclerosis may ape

other forms of spinal disease. Its symptoms depend on the location
of the sclerotic foci. If these are situated chiefly in the crossed-
pyramid tract, spastic phenomena will predominate, and the case
may resemble a spastic paralysis.126 If they be distributed in both the
posterior and lateral columns, the symptoms will resemble those of a
combined form of sclerosis in which the tabic and spastic signs are
associated, as far as they do not, in the nature of the case,
neutralize each other. This was well shown in a case of De Fleury's.
Not infrequently an unusually large focus involves the entire
transverse section of the cord, and the case becomes complicated
by the symptoms of a transverse myelitis. In such a case, described
by Rovigli,127 a large transverse focus in the cord had led to
ascending secondary degeneration in the column of Goll and
descending degeneration of the crossed pyramid tract. In a large
series, instances of which are related by Kilian,128 Siemens,129
Schultze,130 Zacher,131 and Greiff,132 the disseminated foci were
complicated by a diffuse lesion distributed like that of a diffuse or
fascicular myelitis; and there seems to exist every connecting-link
between ordinary chronic myelitis, strictly so called, and
disseminated sclerosis.
126 Gnauck, Neurologisches Centralblatt, 1884, p. 315.

127 Rivista sperimentale di Freniatria e di Medicina leqale, x. p. 227.

128 Archiv für Psychiatrie, vii. p. 28. He designates this form sclerosis continua
multiplex.

129 Ibid., x. p. 135.

130 Ibid., xi. p. 216.

131 Ibid., xiii. p. 168.

132 Ibid., xiv. p. 287.

Not only does disseminated sclerosis occasionally imitate or

approximate the regular (fascicular) affections of the cord, as well as
diffuse cerebro-spinal affections, but it may appear under the mask
of a nuclear oblongata paralysis.133 And cases are on record where,
in addition to the disseminated sclerosis, there occurred sclerotic
atrophy of an entire hemisphere or of its capsular tracts, thus leading
to a hemiplegic resemblance of the motor paralysis. In my
experience the cases presenting the type of a nuclear oblongata
paralysis run a more rapidly fatal course than others. The shortest
history in my series, one of four years, was of such a case. A
number of instances are on record by careful observers—and are
probably much more numerous than is commonly suspected—where
no decisive evidence of spinal or cerebral disease could be detected
during life, and yet disseminated foci of sclerosis existed in the
nerve-centres. In such cases the symptoms may be in the direction
of simple nervous prostration, more commonly of spinal irritation. I
have now under observation a case which for years had been
regarded as one of spinal irritation, and which made that impression
on me until I discovered the existence of optic-nerve atrophy, which
was the only indication that the symptoms depended on gross
structural disease.134
133 It is customary to speak of symptoms referable to the oblongata as bulbar. The
designation bulbus rachidicus is now obsolete, and just as we speak of a capsular
hemiplegia, a pons paralysis, or a spinal hemiplegia, so we should say an oblongata
paralysis, discriminating between the nuclear, the neural, and the tract affections by
means of a prefix.

134 At present the symptoms of disseminated sclerosis are unmistakable. Cases are
mentioned by Strümpell and others in which they remained indecisive throughout.

Among the anomalous forms of disseminated sclerosis there is one

which is characterized by the preponderance of paraplegia and
contractures in a combination which is usually found in spinal
diseases of a different type. The coexistence of dementia, however,
usually enables the observer to determine that the lesion is both
cerebral and spinal, although those signs which might enable him to
decide the disseminated focal character may be absent.

MORBID ANATOMY.—In advanced cases of disseminated sclerosis the

lesion is visible to the naked eye on the surface of the brain and
spinal cord. Grayish maculas, sometimes elevated, more rarely a
little sunken, and occasionally showing a buff or reddish tinge, are
seen on the surface of the spinal cord, the oblongata, pons, and
crura. On making sections across the region of the spots, it is found
that the color-change is not superficial, but extends inward, involving
large parts of the transverse area of the cord or the cerebral axis;
and patches lying more deeply in their substance are revealed
whose existence could not have been suspected from a mere
surface inspection. Exceptionally, patches are found involving the
entire transverse section of the spinal cord in a length of a half to two
inches. And, similarly, in the brain nearly the entire area of the pons
or one of the crura or an entire division of the internal capsule may
be occupied by a sclerotic focus. Otherwise, they may vary from
almost microscopic dimensions to the size of a chestnut or even
larger. Bourneville135 has described cases in which the nerve-centres
appeared normal to the naked eye, while the microscope revealed
the existence of sclerotic foci. It is, however, unlikely that the fresh
brain- and cord-tissue, when the site of disseminated sclerosis, will
appear perfectly healthy to the naked eye under fairly good
illumination. Much less intense lesions than those of disseminated
sclerosis reveal their presence by changes in color and consistency.
135 Mouvement medicale, 1869, No. 27.

On examining the diseased spots more narrowly, they are found to

be slightly diaphanous. Usually, they are rounded or elliptical, but
they are often drawn out, as it were, in the most irregular shapes,
and not infrequently appear to be the result of a confluence of
originally remote and separate foci. In the cord they are sometimes
wedge-shaped, extending inward from the periphery. To the touch
they appear firm—sometimes not much more so than the normal
tissue, contrasting with it as hard-boiled white of egg would contrast
with soft-boiled; in advanced cases they become of almost leathery
consistency, and there are instances recorded where they actually
creaked under the knife. A clear fluid usually runs from their cut
surface, and the latter does not jut up on section like normal nerve-
tissue.

The distribution of the diseased areas follows no known law. They

may be numerous and of large size in one segment of the nervous
axis, and small, few in numbers, or even absent, in others. In some
altitudes of the cord the lateral, in others the posterior, in still others
the anterior, columns are chiefly involved. The cerebrum usually
contains a larger number of foci irregularly scattered in the centrum
ovale of Vieussens, the internal capsule and its surrounding ganglia,
as well as in the corpus callosum. Throughout the nervous axis it
seems that the lesion chiefly affects the white substances, and even
the roots of the peripheral nerves, both cranial and spinal, are
occasionally found to contain small foci, gray, firm in consistency,
and as distinctly outlined as those of the central organs.

The morbid process consists in an atrophy and gradual

disappearance of the myelin, which is preceded, if not caused, by an
increase of the enveloping interstitial substance. This change is of
the same character as that found in chronic myelitis. The septa and
trabeculæ of connective tissue become thicker, formless connective
substance and fibrillar tissue, which seems to arise in, if not in part
from, it, constituting the new formation. The neuroglia-nuclei are
increased, enlarged, and develop into spider-shaped cells, whose
long processes contribute (according to some authors exclusively) to
the newly-formed fibrillar network.

While the myelin undergoes wasting, the axis-cylinders remain intact

for a long period, and even in intensely sclerosed regions they may
be found in nearly their normal number, but naked and in direct
contact with the pathological fibrillæ. Some of them become
hypertrophied, increasing to twice, thrice, and, according to Leyden,
even more, of their normal diameter. This change seems to
inaugurate the last phase of the process: the axis-cylinders,
becoming sclerosed and brittle, ultimately disappear, and no trace, or
at best but doubtful traces, of the normal nerve-tissue are left behind.
The blood-vessels, following the rule of the sclerotic process, take
part in it. Their walls become thickened, richly nucleated, and the
lumen becomes narrowed in consequence. In the smaller vessels
complete obliteration of the lumen is sometimes observed.

The gray substance is not involved as frequently as the white, but it

opposes no barrier to the extension of the morbid process when
once established in its neighborhood. The nerve-cells show the
same resistance which the axis-cylinder does; that is, they retain
their outline and fibre-connections a long time in the midst of the
diseased area. But eventually they become discolored, undergo
hyaline or granular disintegration, their processes shrink, and finally
they disappear.

Ribbert and Zacher consider the sclerosis of tabes and the

disseminated affection to be much more similar than Leyden and
Charcot supposed. They locate the starting-point of the morbid
process in the vascular and connective tissues; and Greiff, in
harmony with this view, finds that the foci occur most frequently in
those parts of the cord where the connective-tissue trabeculæ are
most numerous, as in the posterior columns and at the junction of
the anterior and lateral columns.

Although the morbid foci appear to the naked eye to be uniform, and
to be sharply demarcated in the normal tissue, closer examination
shows that the areas of maximum lesion are surrounded by a narrow
transition zone by which the lesion seems to mark its eccentric
progress, and occasionally a focus of intense disease lies in a
diffused area of slight changes, resembling those of diffuse myelitis.
Sometimes the cord appears to be almost continuously involved by a
lesion of moderate intensity, and a few disseminated foci in the brain
alone prove that the case belongs to this form of sclerosis.

A few years ago Greiff described what he considered a new lesion in

multiple sclerosis, under the name of disseminated vitreous
degeneration of the cerebral cortex.136 I have been familiar with this
lesion since 1876: it can be produced at will in perfectly healthy
brains, and consists in a precipitation of leucine crystals extracted
from the brain-substance by the action of alcohol. His accompanying
figure137 represents this artificial lesion very accurately; and Greiff, if
he fails to recognize that his vitreous degeneration is a spurious
lesion, at least identifies it with the miliary sclerosis of Bucknill and
Tuke and the spheres of Schüle, which are now generally
recognized to be the results of post-mortem manipulations and not
actual lesions.138
 136 Archiv für Psychiatrie, xiv. p. 286.

137 Ibid., xiv., Plate ii. Fig. 5.

138 Attention was first called to the artificial nature of these bodies by the writer in the
Journal of Nervous and Mental Diseases, October, 1877, and a more accurate
description was given in the Chicago Medical Review of 1880, and in a demonstration
before the New York Neurological Society in 1883. In commenting on the latter a
German critic stated that the facts related had been long known in Germany
(Neurologisches Centralblatt, 1883, p. 283). On inquiring of the critic what publication
contained any reference to this discovery, he frankly stated that he knew of none, but
had had in mind what he considered a tradition of the laboratory. It was in the same
year that Greiff worked at the Heidelberg laboratory under the eminent supervision of
Fürstner, and it was a few years previous that Schüle, one of the collaborators of
Ziemssen's Cyclopædia, had made the same mistake. So it seems that the tradition is
in some danger of expiring, and that it would do no harm to accept the caution, even
though it travel across the Atlantic in the reverse of the usual direction. It has been
amply confirmed by Savage and Plaxton (Journal of Mental Science, October, 1882,
and April, 1883).

In judging as to the nature and intensity of the inflammatory process

which leads to the development of the sclerotic foci, it must be
remembered that we are acquainted thus far only with the terminal
period of the disease, when, as is to be presumed, the active
inflammatory changes have gone by or are in the background. It is
very probable that the newly-formed tissue is more nucleated in early
periods than is found in the cases which constitute the material of
pathological laboratories. In a case of protracted nervous exhaustion
accompanied by spinal irritation in an alcoholic subject who was
murdered, and whose brain and cord I had an opportunity of
examining, I found, both in the cord and brain, districts in which the
white substance showed a slight grayish discoloration and increased
consistency. Minute examination failed to show any qualitative
change in the conducting elements, but the interstitial tissue was
hypertrophied, richly nucleated, and showed Frommann's cells in
abundance.
ETIOLOGY.—Heredity has been observed in a number of cases by
Duchenne, Erb, and Frerichs. The latter two had each an opportunity
of recording this inheritance in several members—sisters or brothers
—of the same family. In these cases the transmitted affection
developed in adult life. Dreschfeld, however, cites a case where two
brothers developed its symptoms in a marked degree in infancy. As
an associated feature it is found with some cases of congenital
defect. Thus Pollak139 discovered disseminated sclerosis in an infant
which had a defective corpus callosum and exhibited the
characteristic signs of the focal affection side by side with the
imbecility due to imperfect cerebral development. As a rule, the
disease is developed after the twentieth year. But cases have been
related (De Fleury) where the patient developed the disease and
died with an apoplectiform onset in earlier life. One of the youngest
on record is described by Hödemacker.140 The subject developed the
disease at the seventh year, and died with it at the fourteenth, having
shown the characteristic symptoms, besides more muscular atrophy
than is common. The sclerosis in this case belonged to the type
which has been referred to as a connecting-link between diffuse and
disseminated sclerosis. Pelizæus141 reports five cases developing in
the same family in early life, corresponding somewhat in their
relation to multiple sclerosis of advanced life, as the family forms of
tabes and spastic paralysis correspond to the typical adult forms of
those diseases. All the cases were of males, and the ancestral taint
had been present in male members of the family, passing through
the females to their progeny without breaking out in the mothers.
Each branch of this family appeared to develop its own peculiar type
of the disorder.
139 Deutsches Archiv für klinische Medizin, Bd. xxiv. p. 404.

140 Ibid., vol. xxiii. p. 442.

141 Archiv für Psychiatrie, xvi. p. 698.

CAUSES.—Disseminated sclerosis may develop as a sequel of an

acute myelitis. An excellent observation of Singer,142 in which a
unilateral optic-nerve atrophy of central origin occurred after
recovery from an acute inflammation of the cord, proves that
sclerotic foci may develop secondarily to an acute process. Westphal
believes that obstruction to the circulation, both of blood and lymph,
in the cord may act as a predisposing factor in the production of
multiple sclerosis. He rests this opinion on a case where the cord
had been compressed by a tumor, and sclerotic foci of probably later
date were found in the neighboring segments of the cord.
142 Prager medizinisch Wochenschrift, 1885, No. 8.

The myelitic affection discovered by the same observer143 to be an

occasional sequel of typhus, smallpox, diphtheria, measles, and
erysipelas is a true disseminated sclerosis. The foci are usually very
small and very numerous. A focal sclerosis of the posterior columns
of the disseminated type has been found by Brigidi-Bandi in a case
of pellagra which presented ataxic symptoms.144
143 Archiv für Psychiatrie, iii. p. 376, iv.; Oertel, Deutsches Archiv für klinische
Medizin, viii.; Damaschino, Gazette médicale de Paris, 1871, p. 505. In one case now
under observation a typical disseminated sclerosis developed in a robust young man
of thirty after typhoid fever.

144 Lo sperimentale, December, 1879.

Among the exciting causes, prolonged exposure to wet and cold are
acknowledged to occupy an important position. The frequent
combination of these factors with over-exertion and depressing
emotions among the poorer classes probably account for its great
frequency among them. In some cases excessive grief has been the
only discoverable etiological factor: in three of my own cases this
was so prominent and connected a feature that I could not doubt its
influence, if not as a primary at least as an exciting cause.145 Fright
has been distinctly connected with the outbreak of the disease in a
number of cases.146 There is considerable unanimity among
observers regarding the effects of shock and injury in producing
disseminated sclerosis, usually of that anomalous type which
approximates the diffuse or fascicular form. Railway spine is
undoubtedly the mask of a disseminated inflammatory trouble in a