Which of the following is NOT an obligation of MessageSafe as the email continuity service provider for A&M LLP?
SCENARIO Please use the following to answer the next QUESTION: John is the new privacy officer at the prestigious international law firm C A&M LLP. A&M LLP is very proud of its reputation in the practice areas of Trusts & Estates and Merger & Acquisition in both U.S. and Europe....
In regards to the collection of personal data conducted by an organization, what must the data subject be allowed to do?
In regards to the collection of personal data conducted by an organization, what must the data subject be allowed to do?A . Evaluate the qualifications of a third-party processor before any data is transferred to that processor.B . Obtain a guarantee of prompt notification in instances involving unauthorized access of...
What is the name for the privacy strategy model that describes delegated decision making?
What is the name for the privacy strategy model that describes delegated decision making?A . De-centralized.B . De-functionalized.C . Hybrid.D . Matrix.View AnswerAnswer: D Explanation: A matrix is a type of organizational structure that involves delegated decision making. In a matrix structure, employees report to more than one manager or...
In privacy protection, what is a "covered entity"?
In privacy protection, what is a "covered entity"? A. Personal data collected by a privacy organization. B. An organization subject to the privacy provisions of HIPAA. C. A privacy office or team fully responsible for protecting personal information. D. Hidden gaps in privacy protection that may go unnoticed without expert...
Richard needs to closely monitor the vendor in charge of creating the firm's database mainly because of what?
SCENARIO Please use the following to answer the next QUESTION: Richard McAdams recently graduated law school and decided to return to the small town of Lexington, Virginia to help run his aging grandfather's law practice. The elder McAdams desired a limited, lighter role in the practice, with the hope that...
Which type of audit would help you achieve this objective?
You would like your organization to be independently audited to demonstrate compliance with international privacy standards and to identify gaps for remediation. Which type of audit would help you achieve this objective?A . First-party audit.B . Second-party audit.C . Third-party audit.D . Fourth-party audit.View AnswerAnswer: C Explanation: A third-party audit...
Rationalizing requirements in order to comply with the various privacy requirements required by applicable law and regulation does NOT include which of the following?
Rationalizing requirements in order to comply with the various privacy requirements required by applicable law and regulation does NOT include which of the following?A . Harmonizing shared obligations and privacy rights across varying legislation and/or regulators.B . Implementing a solution that significantly addresses shared obligations and privacy rights.C . Applying...
Which is NOT an influence on the privacy environment external to an organization?
Which is NOT an influence on the privacy environment external to an organization?A . Management team priorities.B . Regulations.C . Consumer demand.D . Technological advances.View AnswerAnswer: A Explanation: The privacy environment external to an organization refers to the factors that are outside the control of the organization, such as regulations,...
What Data Lifecycle Management (DLM) principle should the company follow if they end up allowing departments to interpret the privacy policy differently?
SCENARIO Please use the following to answer the next QUESTION: Amira is thrilled about the sudden expansion of NatGen. As the joint Chief Executive Officer (CEO) with her long-time business partner Sadie, Amira has watched the company grow into a major competitor in the green energy market. The current line...
What must be done to maintain the program and develop it beyond just a data breach prevention program? How can you build on your success?
SCENARIO Please use the following to answer the next QUESTION: As the Director of data protection for Consolidated Records Corporation, you are justifiably pleased with your accomplishments so far. Your hiring was precipitated by warnings from regulatory agencies following a series of relatively minor data breaches that could easily have...