IAPP CIPP-A Certified Information Privacy Professional/Asia (CIPP/A) Online Training
IAPP CIPP-A Online Training
The questions for CIPP-A were last updated at Nov 19,2024.
- Exam Code: CIPP-A
- Exam Name: Certified Information Privacy Professional/Asia (CIPP/A)
- Certification Provider: IAPP
- Latest update: Nov 19,2024
When implementing Privacy by Design (PbD), what would NOT be a key consideration?
- A . Collection limitation.
- B . Data minimization.
- C . Limitations on liability.
- D . Purpose specification.
When implementing Privacy by Design (PbD), what would NOT be a key consideration?
- A . Collection limitation.
- B . Data minimization.
- C . Limitations on liability.
- D . Purpose specification.
Employee benefits administration, including health insurance.
Dracarys will have employees on the ground in India managing the systems for the functions listed above. They have been presented with a variety of vendor options for these systems, and are currently assessing the suitability of these vendors for their needs.
The CEO of Dracarys is concerned about the behavior of her employees, especially online. After having
proprietary company information being shared with competitors by former employees, she is eager to put certain measures in place to ensure that the activities of her employees, while on Dracarys’ premises or when using any of Dracarys’ computers and networks are not detrimental to the business.
Dracarys’ external consultants are also advising the company on how to increase earnings. Dracary’s management refuses to reduce production costs and compromise the quality of their garments, so the consultants suggested utilizing customer data to create targeted advertising and thus increase sales.
Which of the following guidelines does Dracarys NOT need to take into account when implementing monitoring and surveillance tools?
- A . The Indian Information Technology Act of 2000.
- B . The Hong Kong guide to monitoring personal data privacy at work.
- C . The Hong Kong Code of Practice on Human Resource Management.
- D . The Singapore advisory guidelines on the personal data protection act for selected topics (employment and CCTV).
Section 43A was amended by India’s IT Rules 2011 to include?
- A . A definition of what constitutes reasonable security practices.
- B . A requirement for the creation of a data protection authority.
- C . A list of cases in which privacy policies are not necessary.
- D . A clarification regarding the role of non-automated data.
On what group does Singapore’s PDPA impose disclosure restrictions that Hong Kong and India do not?
- A . Government officials.
- B . Children under 13.
- C . The deceased.
- D . The clergy.
Which method ensures the greatest security when erasing data that is no longer needed, according to the Hong Kong Office of the Privacy Commissioner?
- A . Strip-shredding paper copies of data.
- B . Crosscut shredding paper copies of data.
- C . Deleting electronic files containing data.
- D . Reformatting USB memory devices containing data.
Which provision of Hong Kong’s Personal Data (Privacy) Ordinance (PDPO) strengthens the purpose limitation principle (DPP3)?
- A . Notice; because the data subject must be provided with the purpose of the collection.
- B . Public domain; because the data subjects must agree to the purpose before their information is made publicly available.
- C . Prescribed consent; because the data subject must give express consent to their personal information being used for additional purposes.
- D . Finality; because the purpose for collection of personal information from the subject must be directly related to a function of the collector.
What clarification did India make in a 2011 Press Note regarding their Sensitive Personal Data Rules?
- A . That the rules apply to data subjects located outside of India.
- B . That the rules apply to persons or companies collecting sensitive data within India.
- C . That the data processor must provide notice to the data subject before data is processed.
- D . That sensitive personal data or information includes passwords, financial information,
medical records, and
biometric information.
How are the scope of Singapore’s Personal Data Protection Act and the scope of India’s IT Rules similar?
- A . They only apply to the private sector.
- B . They allow exemptions for military personnel.
- C . They apply to controllers and processors alike.
- D . They impose obligations on individuals acting in a domestic capacity.
In Singapore, a potential employer can collect all of the following data on an individual in the pre-employment phase EXCEPT?
- A . Postings from social media websites.
- B . Information from a background check.
- C . Information about the individual’s children.
- D . The individual’s university attendance records.
Latest CIPP-A Dumps Valid Version with 90 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
