CIPP-US Dumps Updated Feb 09, 2022 Practice Test and 152 unique questions [Q48-Q64]

Share

CIPP-US Dumps Updated Feb 09, 2022 Practice Test and 152 unique questions

2022 Latest 100% Exam Passing Ratio - CIPP-US Dumps PDF


IAPP CIPP-US: Certified Information Privacy Professional/United States (CIPP/US) Certified Professional salary

The average salary of a IAPP CIPP-US: Certified Information Privacy Professional/United States (CIPP/US) Certified Expert in:

  • United State - 70,247 USD
  • India - 12,42,327 INR
  • Europe - 55,347 EURO
  • England - 50,632 POUND

 

NEW QUESTION 48
SCENARIO
Please use the following to answer the next QUESTION
Otto is preparing a report to his Board of Directors at Filtration Station, where he is responsible for the privacy program. Filtration Station is a U.S. company that sells filters and tubing products to pharmaceutical companies for research use. The company is based in Seattle, Washington, with offices throughout the U.S. and Asi a. It sells to business customers across both the U.S. and the Asia-Pacific region. Filtration Station participates in the Cross-Border Privacy Rules system of the APEC Privacy Framework.
Unfortunately, Filtration Station suffered a data breach in the previous quarter. An unknown third party was able to gain access to Filtration Station's network and was able to steal data relating to employees in the company's Human Resources database, which is hosted by a third-party cloud provider based in the U.S. The HR data is encrypted. Filtration Station also uses the third-party cloud provider to host its business marketing contact database. The marketing database was not affected by the data breach. It appears that the data breach was caused when a system administrator at the cloud provider stored the encryption keys with the data itself.
The Board has asked Otto to provide information about the data breach and how updates on new developments in privacy laws and regulations apply to Filtration Station. They are particularly concerned about staying up to date on the various U.S. state laws and regulations that have been in the news, especially the California Consumer Privacy Act (CCPA) and breach notification requirements.
The Board has asked Otto whether the company will need to comply with the new California Consumer Privacy Law (CCPA). What should Otto tell the Board?

  • A. That the company is governed by CCPA, but does not need to take any additional steps because it follows CPBR.
  • B. That business contact information could be considered personal information governed by CCPA.
  • C. That CCPA will apply to the company only after the California Attorney General determines that it will enforce the statute.
  • D. That CCPA only applies to companies based in California, which exempts the company from compliance.

Answer: C

 

NEW QUESTION 49
In which situation would a policy of "no consumer choice" or "no option" be expected?

  • A. When a patient's health record is made available to a pharmaceutical company
  • B. When a job applicant's credit report is provided to an employer
  • C. When a customer's street address is shared with a shipping company
  • D. When a customer's financial information is requested by the government

Answer: C

 

NEW QUESTION 50
What practice does the USA FREEDOM Act NOT authorize?

  • A. The bulk collection of telephone data and internet metadata
  • B. An increase in the maximum penalty for material support to terrorism
  • C. An extension of the expiration for roving wiretaps
  • D. Emergency exceptions that allows the government to target roamers

Answer: D

Explanation:
Explanation/Reference: https://www.rand.org/blog/2015/05/the-usa-freedom-act-the-definition-of-a-compromise.html

 

NEW QUESTION 51
Which of the following is most likely to provide privacy protection to private-sector employees in the United States?

  • A. The Federal Trade Commission Act (FTC Act)
  • B. Amendments one, four, and five of the U.S. Constitution
  • C. State law, contract law, and tort law
  • D. The U.S. Department of Health and Human Services (HHS)

Answer: C

Explanation:
Explanation/Reference: https://corporate.findlaw.com/law-library/right-to-privacy-in-the-workplace-in-the-information- age.html

 

NEW QUESTION 52
SCENARIO
Please use the following to answer the next QUESTION:
Larry has become increasingly dissatisfied with his telemarketing position at SunriseLynx, and particularly with his supervisor, Evan. Just last week, he overheard Evan mocking the state's Do Not Call list, as well as the people on it. "If they were really serious about not being bothered," Evan said, "They'd be on the national DNC list. That's the only one we're required to follow. At SunriseLynx, we call until they ask us not to." Bizarrely, Evan requires telemarketers to keep records of recipients who ask them to call "another time." This, to Larry, is a clear indication that they don't want to be called at all. Evan doesn't see it that way.
Larry believes that Evan's arrogance also affects the way he treats employees. The U.S. Constitution protects American workers, and Larry believes that the rights of those at SunriseLynx are violated regularly. At first Evan seemed friendly, even connecting with employees on social medi a. However, following Evan's political posts, it became clear to Larry that employees with similar affiliations were the only ones offered promotions.
Further, Larry occasionally has packages containing personal-use items mailed to work. Several times, these have come to him already opened, even though this name was clearly marked. Larry thinks the opening of personal mail is common at SunriseLynx, and that Fourth Amendment rights are being trampled under Evan's leadership.
Larry has also been dismayed to overhear discussions about his coworker, Sadie. Telemarketing calls are regularly recorded for quality assurance, and although Sadie is always professional during business, her personal conversations sometimes contain sexual comments. This too is something Larry has heard Evan laughing about. When he mentioned this to a coworker, his concern was met with a shrug. It was the coworker's belief that employees agreed to be monitored when they signed on. Although personal devices are left alone, phone calls, emails and browsing histories are all subject to surveillance. In fact, Larry knows of one case in which an employee was fired after an undercover investigation by an outside firm turned up evidence of misconduct. Although the employee may have stolen from the company, Evan could have simply contacted the authorities when he first suspected something amiss.
Larry wants to take action, but is uncertain how to proceed.
In what area does Larry have a misconception about private-sector employee rights?

  • A. The enforceability of local law
  • B. The strict nature of state law
  • C. The applicability of federal law
  • D. The definition of tort law

Answer: C

 

NEW QUESTION 53
The rules for "e-discovery" mainly prevent which of the following?

  • A. A breach of an organization's data retention program
  • B. A conflict between business practice and technological safeguards
  • C. The loss of information due to poor data retention practices
  • D. The practice of employees using personal devices for work

Answer: C

 

NEW QUESTION 54
Which of the following best describes how federal anti-discrimination laws protect the privacy of private-sector employees in the United States?

  • A. They limit the types of information that employers can collect about employees.
  • B. They limit the amount of time a potential employee can be interviewed.
  • C. They promote a workforce of employees with diverse skills and interests.
  • D. They prescribe working environments that are safe and comfortable.

Answer: D

 

NEW QUESTION 55
Which of the following is NOT a principle found in the APEC Privacy Framework?

  • A. Preventing Harm.
  • B. Integrity of Personal Information.
  • C. Access and Correction.
  • D. Privacy by Design.

Answer: D

Explanation:
Explanation/Reference: https://www.google.com/url?
sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwiqtJX4tPHvAhUQG-
wKHUoGBgkQFjAHegQIBRAD&url=https%3A%2F%2Fwww.apec.org%2F-%2Fmedia%2FAPEC%
2FPublications%2F2016%2F11%2F2016-CTI-Report-to-Ministers%2FTOC%2FAppendix-17-Updates-to-the- APEC-Privacy-Framework.pdf&usg=AOvVaw1Yysi4Ym_1VaCw1VZiB70a

 

NEW QUESTION 56
SCENARIO
Please use the following to answer the next QUESTION:
Declan has just started a job as a nursing assistant in a radiology department at Woodland Hospital. He has also started a program to become a registered nurse.
Before taking this career path, Declan was vaguely familiar with the Health Insurance Portability and Accountability Act (HIPAA). He now knows that he must help ensure the security of his patients' Protected Health Information (PHI). Therefore, he is thinking carefully about privacy issues.
On the morning of his first day, Declan noticed that the newly hired receptionist handed each patient a HIPAA privacy notice. He wondered if it was necessary to give these privacy notices to returning patients, and if the radiology department could reduce paper waste through a system of one-time distribution.
He was also curious about the hospital's use of a billing company. He Questioned whether the hospital was doing all it could to protect the privacy of its patients if the billing company had details about patients' care.
On his first day Declan became familiar with all areas of the hospital's large radiology department. As he was organizing equipment left in the halfway, he overheard a conversation between two hospital administrators. He was surprised to hear that a portable hard drive containing non-encrypted patient information was missing. The administrators expressed relief that the hospital would be able to avoid liability. Declan was surprised, and wondered whether the hospital had plans to properly report what had happened.
Despite Declan's concern about this issue, he was amazed by the hospital's effort to integrate Electronic Health Records (EHRs) into the everyday care of patients. He thought about the potential for streamlining care even more if they were accessible to all medical facilities nationwide.
Declan had many positive interactions with patients. At the end of his first day, he spoke to one patient, John, whose father had just been diagnosed with a degenerative muscular disease. John was about to get blood work done, and he feared that the blood work could reveal a genetic predisposition to the disease that could affect his ability to obtain insurance coverage. Declan told John that he did not think that was possible, but the patient was wheeled away before he could explain why. John plans to ask a colleague about this.
In one month, Declan has a paper due for one his classes on a health topic of his choice. By then, he will have had many interactions with patients he can use as examples. He will be pleased to give credit to John by name for inspiring him to think more carefully about genetic testing.
Although Declan's day ended with many Questions, he was pleased about his new position.
How can the radiology department address Declan's concern about paper waste and still comply with the Health Insurance Portability and Accountability Act (HIPAA)?

  • A. Confirm that patients are given the privacy notice on their first visit Section: (none) Explanation
  • B. Post the privacy notice in a prominent location instead
  • C. Direct patients to the correct area of the hospital website
  • D. State the privacy policy to the patient verbally

Answer: C

 

NEW QUESTION 57
In March 2012, the FTC released a privacy report that outlined three core principles for companies handling consumer dat a. Which was NOT one of these principles?

  • A. Providing greater transparency.
  • B. Enhancing security measures.
  • C. Practicing Privacy by Design.
  • D. Simplifying consumer choice.

Answer: B

 

NEW QUESTION 58
Which federal law or regulation preempts state law?

  • A. Health Insurance Portability and Accountability Act
  • B. Controlling the Assault of Non-Solicited Pornography and Marketing Act
  • C. Electronic Communications Privacy Act of 1986
  • D. Telemarketing Sales Rule

Answer: A

 

NEW QUESTION 59
What role does the U.S. Constitution play in the area of workplace privacy?

  • A. It provides contractual protections to members of labor unions, but not to employees at will
  • B. It provides enforcement resources to large employers, but not to small businesses
  • C. It provides legal precedent for physical information security, but not for electronic security
  • D. It provides significant protections to federal and state governments, but not to private-sector employment

Answer: C

 

NEW QUESTION 60
Under the Fair and Accurate Credit Transactions Act (FACTA), what is the most appropriate action for a car dealer holding a paper folder of customer credit reports?

  • A. To follow the Red Flags Rule by mailing the reports to customers
  • B. To follow the Safeguards Rule by transferring the reports to a secure electronic file
  • C. To follow the Disposal Rule by having the reports shredded
  • D. To follow the Privacy Rule by notifying customers that the reports are being stored

Answer: D

 

NEW QUESTION 61
California's SB 1386 was the first law of its type in the United States to do what?

  • A. Require encryption of sensitive information stored on servers that are Internet connected
  • B. Require commercial entities to disclose a security data breach concerning personal information about the state's residents
  • C. Require state attorney general enforcement of federal regulations against unfair and deceptive trade practices
  • D. Require notification of non-California residents of a breach that occurred in California

Answer: B

 

NEW QUESTION 62
Global Manufacturing Co's Human Resources department recently purchased a new software tool. This tool helps evaluate future candidates for executive roles by scanning emails to see what those candidates say and what is said about them. This provides the HR department with an automated "360 review" that lets them know how the candidate thinks and operates, what their peers and direct reports say about them, and how well they interact with each other.
What is the most important step for the Human Resources Department to take when implementing this new software?

  • A. Ensuring that the software contains a privacy notice explaining that employees have no right to privacy as long as they are running this software on organization systems to scan email systems.
  • B. Confirming that employees have read and signed the employee handbook where they have been advised that they have no right to privacy as long as they are using the organization's systems, regardless of the protected group or laws enforced by EEOC.
  • C. Making sure that the software does not unintentionally discriminate against protected groups.
  • D. Providing notice to employees that their emails will be scanned by the software and creating automated profiles.

Answer: C

Explanation:
Explanation/Reference: https://www.beckage.com/tag/artificial-intelligence/

 

NEW QUESTION 63
John, a California resident, receives notification that a major corporation with $500 million in annual revenue has experienced a data breach. John's personal information in their possession has been stolen, including his full name and social security numb. John also learns that the corporation did not have reasonable cybersecurity measures in place to safeguard his personal information.
Which of the following answers most accurately reflects John's ability to pursue a legal claim against the corporation under the California Consumer Privacy Act (CCPA)?

  • A. John can sue the corporation for the data breach but only to recover monetary damages he actually suffered as a result of the data breach.
  • B. John has no right to sue the corporation because the CCPA does not address any data breach rights.
  • C. John cannot sue the corporation for the data breach because only the state's Attoney General has authority to file suit under the CCPA.
  • D. John can sue the corporation for the data breach to recover monetary damages suffered as a result of the data breach, and in some circumstances seek statutory damages irrespective of whether he suffered any financial harm.

Answer: A

 

NEW QUESTION 64
......

Verified CIPP-US dumps Q&As - 100% Pass from Prep4pass: https://www.prep4pass.com/CIPP-US_exam-braindumps.html

Pass Exam With Full Sureness - CIPP-US Dumps with 152 Questions: https://drive.google.com/open?id=1ZtDo-kHLvE3ywYggkgiPhAzRG_tuP7wP