Study guides, Class notes & Summaries

CIPP/US EXAM QUESTIONS WITH CORRECT ANSWERS- LATEST UPDATE 2024 What are 5 elements that must be in a security program under GLBA - Answer-1. Designate an employee to coordinate the safeguards 2. Identify and assess the risks to customer information in each relevant area of the company's operation and evaluate the effectiveness of the current safeguards for controlling those risks 3. Design and implement a safeguard program and regularly monitor and test it 4. Select appropriate service p...

CIPP/US EXAM REVIEW QUESTIONS AND ANSWERS What is the focus of early privacy and security enforcement actions? -Answer-Deceptive practices What did the FTC add to its enforcement scope in 2004? -Answer-Unfair practices, as well as the previously-enforced deceptive practices. Where is the scope of the term "unfairness" clarified? -Answer-In a 1980 policy statement and in 1994 amendments to the FTC Act. What three things are required for an injury to be considered "unfair"? -Answer...

CIPP/US EXAM WITH 100% VERIFIED CORRECT ANSWERS Red Flags Rule - Answer-The first rule established by FACTA in 2003, this rule requires creditors and financial institutions to address the risk of identity theft by developing and implementing written identity theft prevention programs to help identify, detect and respond to patterns, practices or specific activities known as red flags that could indicate identity theft. Disposal Rule - Answer-The second rule established by FACT, went into e...

CIPP/US PRACTICE EXAM QUESTIONS AND ANSWERS Why would the company have incentives to negotiate? - Answer-The company avoids a prolonged trial, as well as negative, ongoing publicity; it also avoids the details of its business practices being exposed to the public. Why would the FTC have incentives to negotiate? - Answer-It (1) achieves a consent decree that incorporates good privacy and security practices, (2) avoids the expense and delay of a trial, and (3) gains an enforcement advantage,...

CIPP/US SAMPLE EXAM QUESTIONS WITH CORRECT ANSWERS Based on Aerospaciale. S.D. of Iowa, which is NOT a factor American courts will use to reconcile a conflict between U.S. and foreign law regarding electronic discovery requests? A. How specific the request is. B. Whether the information originated in the U.S. C. If counsel for both parties are based in the U.S. D. If there is another way to acquire the information. - Answer-C. If counsel for both parties are based in the U.S. A ...

CIPP/US STUDY GUIDE Exam QUESTIONS WITH CORRECT ANSWERS Vendor Contract Issues = - Answer-1. Confidentiality provision 2. No further use of shared info 3. If subcontractors, must follow same priv/sec terms. 4. Requirement to notify and disclose breach 5. Info Security Provisions: specific security controls; encryption & when; network security; access controls; segregation; E'ee bkgrnd checks; audit rights; etc. How to do Due Diligence on Vendors: - Answer-1. Reputation 2. Financial...

CIPP/US VOCABULARY EXAM QUESTIONS AND ANSWERS Negligence - Answer-When a person's actions are unreasonably unsafe. A defendant may be liable for damages under this type of tort if it breaches a legal duty to protect personal information and an individual is harmed by that breach. Non-public personal information - Answer-Defined by GLBA as personally identifiable financial information provided by a consumer to a financial institution, resulting from a transaction or service performed for t...

What did the principles of the Human Rights Declaration provide the basis for? The principles enshrined in the Human Rights Declaration have provided the basis for all subsequent European data protection laws and standards. (Ch. 1) What right is contained in Article 12 of the Human Rights Declaration? The right to a private life and associated freedoms is contained in Article 12 of the Human Rights Declaration. (Ch. 1) What right is contained in Article 19 of the Human Rights Dec...

Public and state agencies Use surveillance for national security or law enforcement purposes, conducted in a manner to respect individual rights enshrined the Charter of Fundamental Rights, specifically the rights to a private and family life (Article 7) and protection of personal data (Article 8) Private entities use surveillance for their purposes subject to EU and member state legislation governing confidentiality, privacy data protection and other civil rights, such as those provide...

CIPP US exam study guide questions with complete solutions