cipm-3-3 – AllNet Law

This multiple choice assessment focuses on the new General Data Protection Regulation (GDPR).

The purpose of the assessment is to enable you to assess the extent and depth of your knowledge of the Data Protection Law in preparation for the CIPM.

Format: Multiple Choice

Time: 90 minutes

The result will be provided immediately, with details on all questions.

Full Name

Email

What role would data loss prevention software have in a privacy program?

Prevention of all data breaches caused through human error by employees.

Protection from an external hacker trying to infiltrate an organization’s networks.n.

Training for staff on data governance and proper data classification procedures.

Monitoring of certain types of personal data disclosures to outside entities.

Healthcare organization began integrating the concept of privacy into all facets of their organization, to include targeted and specialized training for handling of sensitive information, along with the adoption within the conceptual and design phases of new business processes, IT systems, contractual agreements, devices and policies. What is this concept of applying privacy solutions into early phases of development known as?

Pseudonymization.

Data minimization.

Privacy by design.

Security by design.

Which of the following is NOT a good reason to perform a privacy audit on a supplier?

The vendor management team is validating the supplier as part of a regular onboarding process.

The finance team has concerns that their supplier is inflating their pass-through expense costs.

The legal team received notification of a personal data breach caused by the supplier.

The IT team received a notice that the supplier is changing their cloud-storage subprocessors.

Under the FCRA, if inaccurate information is discovered in a consumer’s file, what is the usual time period in which the credit reporting agency must examine the disputed information?

In a timely manner.

Within 30 days of notification.

Within 45 days of notification.

Within 60 days of notification.

The investigation of a company’s latest data breach reveals that errors and negligence of several company employees were the breach’s main cause. What is the BEST course of action for the company to reduce the probability of similar incidents in the future?

Develop a comprehensive incident response plan.

Terminate the employees responsible for the breach.

Set up a company-wide awareness and training program.

Purchase an insurance policy to cover the cost of remediation.