Home / IAPP / CIPP-C

IAPP CIPP-C Practice Test - Questions Answers, Page 8

Question list

List of questions

Question 71

(0)

The process of de-identification where new data elements are substituted for identifying information is?

Question 72

(0)

Which organization was the primary influence in the development of Canadian privacy with their publication of a set of eight privacy principles?

Question 73

(0)

When a third country or specified entity is said to ensure an adequate level of protection essentially equivalent to that ensured within the European Union, it is awarded a(n)?

Question 74

(0)

A commercial business in Canada is allowed to collect personal information without the knowledge or consent of the individual in all of the following circumstances EXCEPT when?

Question 75

(0)

Oversight authorities allow the following types of consent EXCEPT?

Question 76

(0)

A small commercial business in Canada was preparing a mailing to its customers when the letters and the envelopes were mismatched, causing 500 of 1000 letters to be sent to the wrong recipients. The

Related questions

A private sector daycare's portal for parents stores their children's photos, allergy information and date of birth. A parent has asked about the portal's security requirements and in three months still not has received an answer. What is missing from the daycare's procedures?

Oversight authorities allow the following types of consent EXCEPT?

As response to TJX Winners - Homesense, why is 'hashing' preferable to storing a personal identifier such as a driver's license number?

According to the Canadian Standards Association (CSA) Model Code, how long should personal information be retained?

Which act also includes references to the Privacy Act?

The movement toward comprehensive privacy and data protection laws can be attributed to a combination of three major factors: the need to remedy past injustices, the need to promote a digital economy and the need to ensure consistency with?

A boutique hotel in Montreal seeks to attract travelers from Europe but wants to avoid becoming subject to the GDPR's requirements. Which of the following activities is most likely to result in a finding that the hotel is subject to the GDPR?

Which of the following specifically differentiates between regular personal information and employee-related or work-product information?

A federally regulated company based in Ontario has customers in Ontario, Quebec, New Brunswick, Alberta and British Columbia. Unfortunately, a third-party vendor that provides marketing support to the company experiences a privacy breach which impacts the personal information of all its customers across the provinces where it operates. The Privacy Officer determines that the breach causes a real risk of significant harm to their customers and is tasked with reporting the breach to the relevant regulators. With which provincial privacy regulators does the company have to file a report?

Of the key principles in the Personal Information Protection and Electronic Documents Act (PIPEDA), which principle in particular contributes to the increase in privacy policies in recent years?

Question 71

The process of de-identification where new data elements are substituted for identifying information is?

Shuffling.

Encryption.

Anonymization.

Pseudonymization.

Show Answer Comment (0)

Question 72

Which organization was the primary influence in the development of Canadian privacy with their publication of a set of eight privacy principles?

The Organization for Economic Co-operation and Development (OECD).

The Canadian Institute of Chartered Accountants

The Center for Democracy and Technology (CRT)

The Canadian Standards Association (CSA).

Show Answer Comment (0)

Question 73

When a third country or specified entity is said to ensure an adequate level of protection essentially equivalent to that ensured within the European Union, it is awarded a(n)?

Equivalency designation.

Attestation designation.

Adequacy designation.

Protection designation.

Show Answer Comment (0)

Question 74

A commercial business in Canada is allowed to collect personal information without the knowledge or consent of the individual in all of the following circumstances EXCEPT when?

The collection is for journalistic or literary purposes.

The collection is in the interests of the individual and the consent cannot be obtained in a timely way.

The collection would lead to the creation of products that would benefit the public and consent would be difficult to obtain.

The collection, with the knowledge of the individual, would compromise the availability and accuracy of the information and the collection is reasonable for the purposes related to investigating

Show Answer Comment (0)

Question 75

Oversight authorities allow the following types of consent EXCEPT?

Implied consent at the time of collection.

Verbal consent given to the person collecting the information.

Written consent included with the information that is collected.

General consent covering all activities associated with the personal information.

Show Answer Comment (0)

A small commercial business in Canada was preparing a mailing to its customers when the letters and the envelopes were mismatched, causing 500 of 1000 letters to be sent to the wrong recipients. The letters contained the name and mailing address of the clients as well as account numbers and account balances.

The business has discovered this error as clients called to report receiving the wrong letter and expressing concern that their information has been breached. Which of the following is the most appropriate next step to take?

All 1000 clients must be sent new letters.

The 500 clients who were impacted must be immediately notified.

The Office of the Privacy Commissioner (OPC) must be immediately notified.

A risk assessment must be completed to determine the real risk of significant harm (RROSH) to the clients.

Show Answer Comment (0)

Total 76 questions

3 4 5 6 7 8

Go to page: of 8