Home

Home / IAPP / CIPM

Question list

List of questions

Question 1

(0)

SCENARIO Please use the following to answer the next QUESTION: It's just what you were afraid of. Without consulting you, the information technology director at your organization launched a new in

Question 2

(0)

SCENARIO Please use the following to answer the next QUESTION: It's just what you were afraid of. Without consulting you, the information technology director at your organization launched a new in

Question 3

(0)

SCENARIO Please use the following to answer the next QUESTION: It's just what you were afraid of. Without consulting you, the information technology director at your organization launched a new in

Question 4

(0)

SCENARIO Please use the following to answer the next QUESTION: It's just what you were afraid of. Without consulting you, the information technology director at your organization launched a new in

Question 5

(0)

Which is NOT an influence on the privacy environment external to an organization?

Question 6

(0)

SCENARIO Please use the following to answer the next QUESTION: Edufox has hosted an annual convention of users of its famous e-learning software platform, and over time, it has become a grand even

Question 7

(0)

SCENARIO Please use the following to answer the next QUESTION: Edufox has hosted an annual convention of users of its famous e-learning software platform, and over time, it has become a grand even

Question 8

(0)

SCENARIO Please use the following to answer the next QUESTION: Edufox has hosted an annual convention of users of its famous e-learning software platform, and over time, it has become a grand even

Question 9

(0)

SCENARIO Please use the following to answer the next QUESTION: Edufox has hosted an annual convention of users of its famous e-learning software platform, and over time, it has become a grand even

Question 10

(0)

What is one obligation that the General Data Protection Regulation (GDPR) imposes on data processors?

Open VPLUS File

Convert VPLUS to PDF

Related questions

Your marketing team wants to know why they need a check box for their SMS opt-in. You explain it is part of the consumer's right to?

In a sample metric template, what does ''target'' mean?

An online retailer detects an incident involving customer shopping history but no keys have been compromised. The Privacy Offce is most concerned when it also involves?

Under the General Data Protection Regulation (GDPR), what are the obligations of a processor that engages a sub-processor?

Under the GDPR. when the applicable lawful basis for the processing of personal data is a legal obligation with which the controller must comply. which right can the data subject exercise?

Under the General Data Protection Regulation (GDPR), what must be included in a written agreement between the controller and processor in relation to processing conducted on the controller's behalf?

When a data breach incident has occurred. the first priority is to determine?

Your company provides a SaaS tool for B2B services and does not interact with individual consumers. A client's current employee reaches out with a right to delete request. what is the most appropriate response?

A systems audit uncovered a shared drive folder containing sensitive employee data with no access controls and therefore was available for all employees to view. What is the first step to mitigate further risks?

You would like to better understand how your organization can demonstrate compliance with international privacy standards and identify gaps for remediation. What steps could you take to achieve this objective?

Question 165 - CIPM discussion

Report

What United States federal law requires financial institutions to declare their personal data collection practices?

A.

The Kennedy-Hatch Disclosure Act of 1997.

B.

The Gramm-Leach-Bliley Act of 1999.

C.

SUPCLA, or the federal Superprivacy Act of 2001.

D.

The Financial Portability and Accountability Act of 2006.

Suggested answer: B

Explanation:

The United States federal law that requires financial institutions to declare their personal data collection practices is the Gramm-Leach-Bliley Act (GLBA) of 1999.The GLBA is also known as the Financial Services Modernization Act or the Financial Modernization Act10The GLBA regulates how financial institutions collect, use, disclose, and protect the nonpublic personal information of their customers11The GLBA requires financial institutions to provide a privacy notice to their customers that explains what kinds of information they collect, how they use and share that information, and how they safeguard that information12The GLBA also gives customers the right to opt out of certain information sharing practices with third parties13

The other options are not US federal laws that require financial institutions to declare their personal data collection practices.The Kennedy-Hatch Disclosure Act of 1997 is a proposed but not enacted legislation that would have required health insurers to disclose their policies and practices regarding the use and disclosure of genetic information14SUPCLA, or the federal Superprivacy Act of 2001, is a fictional law that does not exist in reality.The Financial Portability and Accountability Act of 2006 is also a fictional law that does not exist in reality, although it may be confused with the Health Insurance Portability and Accountability Act (HIPAA) of 1996, which regulates the privacy and security of health information15Reference:10: Gramm-Leach-Bliley Act | Federal Trade Commission;11: Financial Privacy | Federal Trade Commission;12: Financial Privacy | Federal Trade Commission;13: Financial Privacy | Federal Trade Commission;14: S.422 (105th): Genetic Information Nondiscrimination in Health Insurance Act of 1997;15: Health Information Privacy | HHS.gov

Show Answer

asked 22/11/2024

Arpita Pattnayak

50 questions

User

Your answer: A B C D

0 comments

Sorted by

Leave a comment first