IAPP CIPP-C Practice Test - Questions Answers, Page 2
Question list
List of questions
Related questions
Under the Personal Information Protection and Electronic Documents Act (PIPEDA), an organization must maintain a record of every breach of security safeguards involving personal information for a minimum of?
3 months.
12 months.
24 months.
36 months
In Ontario, a patient attends an appointment with a physician and reveals information about some new symptoms that she has been experiencing. Based on this information, the physician diagnoses the patient with a condition and prepares the report detailing the applicable history and diagnosis. The report is added to the patient's record. The patient later regrets revealing certain facts and doesn't want anyone else to know about these symptoms or the diagnosis. She acknowledges that the information she provided was correct and does not question the diagnosis.
Which of the following requests would the patient be most successful at pursuing?
That a correction be made to change the diagnosis based on the patient's wishes.
That the information be restricted from disclosure to other health care providers.
That a copy of the record be kept by the patient for disclosure to physicians.
That details of the diagnosis be deleted from the patient's health record.
The Government of Canada's Directive on Privacy Impact Assessments applies to all of the following EXCEPT?
The Ministry of Health
The Bank of Canada.
Crown Corporations.
The Cabinet.
Which falls under the jurisdiction of the Personal Information Protection and Electronic Documents Act (PIPEDA)?
Personal information collected by private businesses for journalistic or artistic purposes.
Personal health information (PHI) handled by private enterprises in provinces that have adopted substantially similar legislation.
Personal information disclosed across provincial or national borders by organizations such as credit reporting agencies or list marketers.
Personal information such as names, titles and contact information used by businesses to communicate with employees regarding their profession.
Under the Personal Information Protection and Electronic Documents Act (PIPEDA), when engaging in a third-party transfer of personal information for processing, an organization is expected to have the technology to protect the information during transit and to?
Establish a contract outlining the individual outsourcing arrangement.
Obtain additional consent for the use of the information by the third party.
Confirm the jurisdictional protections of the receiving organization are the same as PIPEDA.
Review the cross-border data flow competed and approved by the Treasury Board of Canada Secretariat.
According to the Privacy Act, which of the following disclosures of personal information by a government institution would require the data subject's consent?
When disclosing to a law enforcement body.
When disclosing to comply with a search warrant.
When disclosing to a registered charitable organization.
When disclosing to a member of parliament to assist in resolving a problem.
Under PIPEDA, each of the following are considered to be personal information EXCEPT?
A public official's salary published on a government web site.
A person's telephone number published in a public directory.
A photograph taken in public and published in a newspaper.
Information about a defendant contained in court records.
How would an individual determine whether their personal information was used by the federal government for data matching?
By submitting written requests to the third party conducting data matching for the government
By noting the description of the Personal Information Banks available through Info Source.
By proposing a Privacy Impact Assessment (PIA) within the specific government body.
By reviewing the Privacy Commissioner's annual report.
Which health information custodians may NOT rely on an implied consent model under Ontario's Personal Health Information Protection Act (PHIPA)?
Private insurance companies.
Long-term care homes.
Ambulance services.
Pharmacies
In what situation is the federal Privacy Commissioner authorized to proceed to federal court?
For a determination on a ruling regarding privacy matters relating to the Charter of Rights and Freedom.
For a determination of whether or not personal information was properly withheld from release.
For a determination on a ruling by an administrative tribunal regarding privacy.
For a determination on a ruling by a provincial Privacy Commissioner.
Question