IAPP CIPP-C Practice Test - Questions Answers, Page 6

The commissioner cannot receive information unless it is gathered under oath.

The commissioner cannot ask an organization to prove that a document is privileged.

The commissioner can compel the production of all documents that are relevant to the investigation.

The commissioner can officially request proof that desired information is subject to solicitor-client privilege.

Is required by an organization to establish an employment relationship.

Includes internal investigation files and complaints filed about an employee.

Includes intellectual property developed within the scope of an employee's job function.

Is prepared or collected as part of that individual's responsibilities or activities in connection to their job.

It scrambles information but can be unscrambled for later use.

It automatically puts a lifespan on any identification that is stored.

It randomizes all permanent identification within an organized database.

It still provides customer identification, but in a form that would not reveal the real number.

The staff of an airline offering flights across Canada.

Underwriters for a New Brunswick insurance company.

Clerks at a Montreal credit union based out of Montreal.

The information technology department of the Saskatchewan Office of Residential Tenancies of Saskatchewan.

Obligations regarding accountability for health information are transferred when control is outsourced to a third party. B Emphasis is given lo personal information protection over the maintenance of the publicly funded healthcare system

There is a significant amount of variation among provinces regarding the definition of consent and how the consent requirement is addressed.

In provinces where there are no health information privacy statutes, a combination of the public health regulations and the private sector privacy legislation apply.

PIPEDA applies to personal information about individuals employed by government institutions; PIPA applies to personal information about individuals employed by public-sector organizations within the provinces.

The enforcement powers of the federal Privacy Commissioner of Canada under PIPEDA are greater than those of the provincial privacy commissioners under PIPA.

PIPEDA applies to federal undertakings and to inter-provincial organizations engaged in commercial activities; PIPA applies to private organizations.

The person in charge of oversight of PIPEDA is a privacy commissioner; the person in charge of oversight of PIPA is an ombudsman.

Information about an individual's home business.

Information about an individual's creditworthiness.

Information about an individual's employment history.

Information about an individual's character references.

The Privacy Commissioner of Canada must have completed an investigation and issued a report.

The Privacy Commissioner of Canada must have completed an investigation and found in favor of the requester.

The requester must have made a formal Privacy Act request to a government institution for access to personal information.

The requester must have lodged a complaint with the Office of the Privacy Commissioner (OPC) within 60 days of having received a response to a formal Privacy Act request.

Collection directly relates to, and is necessary for, operating a program of that organization.

Collection is for the purposes of a law enforcement action.

Collection is expressly authorized under an act.

Collection is authorized by consent.