IAPP CIPP-C Practice Test - Questions Answers, Page 7
Question list
List of questions
Related questions
An Alberta resident has signed up for a health wellness 'app' developed by a British Columbia based software provider that stores the data in British Columbia. The application has various non-healthcare related uses. The individual inputs their name and email address in the application to subscribe to health and wellness tips.
The collection and use of the individual's name and email address by the British Columbia based scheduling app would fall under what legislation?
Alberta's Health Information Act (HIA).
Alberta's Personal Information Protection Act (PIPA).
Alberta's Freedom of Information and Protection of Privacy Act (FOIP).
The Personal Information Protection and Electronic Documents Act (PIPEDA).
According to the federal court ruling in the Eastman Case, video cameras in the workplace are considered to be collecting personal information?
At the moment a recording occurs.
When a camera is on, even if it is not yet recording.
As soon as the data is saved to a workplace server.
When someone within the nrnani7atinn views the recording
Which of the following incidents will require reporting to OPC?
A sales report with aggregated information that was sent to the wrong person internally.
A file with client ID, sales amount and sales date that was sent to the wrong processors who cannot identify the clients.
An organization's point-of-sale system that was subject to an attempted hack that was blocked by the organization's firewall.
As part of a freedom of information request, a nursing home that released an e-mail with everybody's e-mail address in the 'to' section unredacted.
All items below could be considered sensitive personal information, EXCEPT?
Credit score.
Date of birth.
Medical history.
Educational transcripts.
Which of the following existing frameworks is least effective in addressing emerging AI issues while specific AI legislation is being decided?
The Canada Consumer Product Safety Act.
The Motor Vehicle Safety Act.
The Copyright Act.
The Criminal Code.
What is the Generally Accepted Privacy Principles (GAPP) framework?
An information management model that is widely recognized across many Canadian industries.
A comprehensive guide for industry best practices as delineated by the Canadian federal Privacy Commissioner.
A template for Privacy Impact Assessments (PIAs) that are conducted within private sector organizations in Canada.
A principles-based privacy approach advocated by Canada's leading accounting industry group and its U.S.-based counterpart.
Which action will help a business prove compliance under Canada's Anti-Spam Legislation (CASL)?
Demonstrating the dissolution of a personal relationship before communication was sent.
Keeping records of express and implied consent of commercial electronic messages.
Posting a list of CASL guidelines on a company's website for customers to read.
Providing an opt-out mechanism.
Which province requires its government bodies to store and access personal information exclusively in Canada unless additional consent is obtained, or if outside storage is judged necessary?
Nova Scotia
Qubec.
Ontario.
Alberta.
What is required through the 'circle of care' concept under Canadian health information privacy law?
Health information custodians or trustees be specified only by applicable law or regulation
An individual's consent may be implied unless the individual has refused consent or if the purpose of the disclosure is not to provide health care.
Notification to the individual be made in the event of a data breach of personal health information (PHI) by an organization that is based in Canada
Consent must be expressed or implied when a custodian discloses personal health information (PHI) to another custodian for the purpose of providing health care.
Safeguarding and securing information that is considered sensitive under privacy legislation generally falls into three categories: Administrative, Technical and?
Legal.
Physical.
Personal.
Logistical.
Question