Which of the following categories of information are generally protected under privacy laws?
Which of the following categories of information are generally protected under privacy laws?A . Personally Identifiable Information (PII)B . Sensitive Personal Information (SPI)C . Trademark, copyright and patent informationD . Organizations’ confidential business informationView AnswerAnswer: A
Which privacy principle provisions notified under Sec 43A were exempted for the service providers?
After the rules were notified under section 43A of the IT (Amendment) Act, 2008, a clarification was issued by the government which exempted the service providers, which get access to/processes Sensitive Personal Data or information (SPDI) under contractual agreement with a legal entity located within or outside India. Which privacy...
With respect to ‘Data Minimization’ privacy principle, please select the correct statements from the following:
With respect to ‘Data Minimization’ privacy principle, please select the correct statements from the following:A . Right to object by the data subject for minimizing the collection of personal informationB . Data controllers should limit the amount of data collected to what is directly relevant and necessary to accomplish a...
Which of the following are not mandatory pre-requisite before transferring sensitive personal data to its Asian branches?
A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some...
Which of the following laws does not have a mandatory personal data breach notification requirement?
Which of the following laws does not have a mandatory personal data breach notification requirement?A . General Data Protection Regulation, 2016B . Information Technology (Amendment) Act, 2008C . Japanese Act on the Protection of Personal InformationD . UK Data Protection Act, 2018View AnswerAnswer: B Explanation: Reference: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=1680152
Does the said hospital need to notify its privacy policy to the women attending the camp and seek their consent regarding the collection and processing of such information?
XYZ & Co., an Indian hospital specialized in dealing with cancer treatment has organized a free health checkup camp for women in a specific district, after seeking due permission from competent authorities. During the camp the hospital staffs will be feeding the medical records of these women into the computer...
From the below listed options, identify the new privacy principle that is being advocated in proposed EU General Data Protection Regulation?
From the below listed options, identify the new privacy principle that is being advocated in proposed EU General Data Protection Regulation?A . Right to be informed prior to sharing of dataB . Right to modify dataC . Right to be forgottenD . Right to object data collection and processingView AnswerAnswer:...
With reference to APEC privacy framework, when personal information is to be transferred to another person or organization, whether domestically or internationally, “the ______________ should obtain the consent of the individual and exercise due diligence and take reasonable steps to ensure that the recipient person or organization will protect the information consistently with APEC information privacy principles”.
With reference to APEC privacy framework, when personal information is to be transferred to another person or organization, whether domestically or internationally, “the ______________ should obtain the consent of the individual and exercise due diligence and take reasonable steps to ensure that the recipient person or organization will protect the...
As per GDPR, the adequacy decision is taken the European Commission based on its findings and assessment of privacy laws of the third country, territory, sector, etc. The ____________ is required to provide the Commission with an opinion for the assessment of the adequacy of the level of protection in a third country or international organization, including for the assessment whether a third country, a territory or one or more specified sectors within that third country, or an international organization.
As per GDPR, the adequacy decision is taken the European Commission based on its findings and assessment of privacy laws of the third country, territory, sector, etc. The ____________ is required to provide the Commission with an opinion for the assessment of the adequacy of the level of protection in...
Which among the following is the Canadian privacy law?
Which among the following is the Canadian privacy law?A . COPPAB . PIPEDAC . HIPAAD . IT Act of CanadaView AnswerAnswer: B