IAPP CIPP-A Certified Information Privacy Professional/Asia (CIPP/A) Online Training
IAPP CIPP-A Online Training
The questions for CIPP-A were last updated at Nov 20,2024.
- Exam Code: CIPP-A
- Exam Name: Certified Information Privacy Professional/Asia (CIPP/A)
- Certification Provider: IAPP
- Latest update: Nov 20,2024
Section 43A of India’s IT Rules 2011 requires which of the following for a privacy policy?
- A . It should be available and produced on request.
- B . It should be published on the website of the body corporate.
- C . It should be emailed or faxed to data providers by the body corporate.
- D . It should be shown to the data provider at the time of data collection.
What personal information is considered sensitive in almost all countries with privacy laws?
- A . Marital status.
- B . Health information.
- C . Employment history.
- D . Criminal convictions.
Which of the following would NOT be exempt from Singapore’s PDPA?
- A . A government automobile registration website.
- B . A private party room at a popular restaurant.
- C . A documentary filmed at a rock concert.
- D . A video from a store’s dosed-circuit TV.
Protection of which kind of personal information is NOT explicitly mentioned in the privacy laws of Hong Kong, Singapore, and India?
- A . Sensitive data.
- B . Children’s data.
- C . Outsourced data.
- D . Extraterritorial data.
SCENARIO C Please use the following to answer the next QUESTION:
Fitness For Everyone ("FFE") is a gym on Hong Kong Island that is affiliated with a network of gyms throughout Southeast Asia. When prospective members of the gym stop in, call in or submit an inquiry online, they are invited for a free trial session. At first, the gym asks prospective clients only for basic information: a full name, contact number, age and their Hong Kong ID number, so that FFE’s senior trainer Kelvin can reach them to arrange their first appointment.
One day, a potential customer named Stephen took a tour of the gym with Kelvin and then decided to join FFE for six months. Kelvin pulled out a registration form and explained FFE’s policies, placing a circle next to the part that read "FEE and affiliated third parties" may market new products and services using the contact information provided on the form to Stephen "for the duration of his membership." Stephen asked if he could opt-out of the marketing communications. Kelvin shrugged and said that it was a standard part of the contract and that most gyms have it, but that even so Kelvin’s manager wanted the item circled on all forms. Stephen agreed, signed the registration form at the bottom of the page, and provided his credit card details for a monthly gym fee. He also exchanged instant messenger/cell details with Kelvin so that they could communicate about personal training sessions scheduled to start the following week.
After attending the gym consistently for six months, Stephen’s employer transferred him to another part of the Island, so he did not renew his FFE membership.
One year later, Stephen started to receive numerous text messages each day from unknown numbers, most marketing gym or weight loss products.
Suspecting that FFE shared his information widely, he contacted his old FFE branch and asked reception if they still had his information on file. They did, but offered to delete it if he wished. He was told FFE’s process to purge his information from all the affiliated systems might take 8 to 12 weeks. FFE also informed him that Kelvin was no longer employed by FFE and had recently started working for a competitor. FFE believed that Kelvin may have shared the mobile contact details of his clients with the new gym, and apologized for this inconvenience.
Which of the following types of text messages are permissible, regardless of Stephen’s withdrawal of consent?
- A . From the FFE retention department, offering a special discount for reactivating membership.
- B . From health care services provided by Hong Kong’s Hospital Authority or Department of Health.
- C . From an FFE affiliate that provides a mechanism to opt out of further communications by reply-texting "OO."
- D . From an FFE affiliate in the region Stephen was transferred to, offering services similar to those he purchased previously.
How can the privacy principles issued in 1980 by the Organisation for Economic Cooperation and Development (OECD) be defined?
- A . Guidelines governing the protection of privacy and trans-border data flows issued in collaboration with the Federal Trade Commission.
- B . Guidelines governing the protection of privacy and trans-border data flows of personal data in states that are members.
- C . Mandatory rules governing the protection of privacy and trans-border data flows within the European Union.
- D . Mandatory rules governing the protection of privacy and trans-border data flows among binding member states.
In India, the obligation to appoint a Grievance Officer applies ONLY to companies that?
- A . Deal with sensitive personal data.
- B . Conduct cross-border data transfers.
- C . Are considered part of the public sector.
- D . Lack alternate enforcement mechanisms.
Which concept is NOT an element of Cross Border Privacy Rules (CBPR)?
- A . Enforcement by Accountability Agents.
- B . Self-assessment against CBPR QUESTION NO:naire.
- C . Consultation with Privacy Enforcement (PE) Authority.
- D . Dispute resolution via the Accountability Agent’s compliance program.
Which concept is NOT an element of Cross Border Privacy Rules (CBPR)?
- A . Enforcement by Accountability Agents.
- B . Self-assessment against CBPR QUESTION NO:naire.
- C . Consultation with Privacy Enforcement (PE) Authority.
- D . Dispute resolution via the Accountability Agent’s compliance program.
Which concept is NOT an element of Cross Border Privacy Rules (CBPR)?
- A . Enforcement by Accountability Agents.
- B . Self-assessment against CBPR QUESTION NO:naire.
- C . Consultation with Privacy Enforcement (PE) Authority.
- D . Dispute resolution via the Accountability Agent’s compliance program.
Latest CIPP-A Dumps Valid Version with 90 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
