Which of the following does NOT have to be included in the records most processors must maintain in relation to their data processing activities?

Which of the following does NOT have to be included in the records most processors must maintain in relation to their data processing activities?A . Name and contact details of each controller on behalf of which the processor is acting.B . Categories of processing carried out on behalf of each...

October 3, 2023 No Comments READ MORE +

What transfer mechanism did ProStorage most likely rely on to transfer Ruth's medical information to the hospital?

SCENARIO Please use the following to answer the next question: ProStorage is a multinational cloud storage provider headquartered in the Netherlands. Its CEO. Ruth Brown, has developed a two-pronged strategy for growth: 1) expand ProStorage s global customer base and 2) increase ProStorage's sales force by efficiently onboarding effective teams....

October 3, 2023 No Comments READ MORE +

Which of the following would MOST likely trigger the extraterritorial effect of the GDPR, as specified by Article 3?

Which of the following would MOST likely trigger the extraterritorial effect of the GDPR, as specified by Article 3?A . The behavior of suspected terrorists being monitored by EU law enforcement bodies.B . Personal data of EU citizens being processed by a controller or processor based outside the EU.C ....

October 3, 2023 No Comments READ MORE +

In addition to notifying employees about the purpose of the monitoring, the potential uses of their data and their privacy rights, what information should Building Block have provided them before implementing the security measures?

SCENARIO Please use the following to answer the next question: Building Block Inc. is a multinational company, headquartered in Chicago with offices throughout the United States, Asia, and Europe (including Germany, Italy, France and Portugal). Last year the company was the victim of a phishing attack that resulted in a...

October 3, 2023 No Comments READ MORE +

In the Planet 49 case, what was the man judgement of the Coon of Justice of the European Union (CJEU) regarding the issue of cookies?

In the Planet 49 case, what was the man judgement of the Coon of Justice of the European Union (CJEU) regarding the issue of cookies?A . If the cookies do not track personal data, then pre-checked boxes are acceptable.B . If the ePrivacy Directive requires consent for cookies, then the...

October 3, 2023 No Comments READ MORE +

Under Article 82 of the GDPR ("Right to compensation and liability-), which party is liable for the damage caused by the data breach?

SCENARIO Please use the following to answer the next question: Jack worked as a Pharmacovigiliance Operations Specialist in the Irish office of a multinational pharmaceutical company on a clinical trial related to COVID-19. As part of his onboarding process Jack received privacy training He was explicitly informed that while he...

October 3, 2023 No Comments READ MORE +

An organization should perform these steps to do which of the following?

Read the following steps: ✑ Discover which employees are accessing cloud services and from which devices and apps Lock down the data in those apps and devices ✑ Monitor and analyze the apps and devices for compliance ✑ Manage application life cycles ✑ Monitor data sharing An organization should perform...

October 3, 2023 No Comments READ MORE +

How is the retention of communications traffic data for law enforcement purposes addressed by European data protection law?

How is the retention of communications traffic data for law enforcement purposes addressed by European data protection law?A . The ePrivacy Directive allows individual EU member states to engage in such data retention.B . The ePrivacy Directive harmonizes EU member states’ rules concerning such data retention.C . The Data Retention...

October 3, 2023 No Comments READ MORE +

Which GDPR principle is she following?

Tanya is the Data Protection Officer for Curtains Inc., a GDPR data controller. She has recommended that the company encrypt all personal data at rest. Which GDPR principle is she following?A . AccuracyB . Storage LimitationC . Integrity and confidentialityD . Lawfulness, fairness and transparencyView AnswerAnswer: C Explanation: Reference: https://www.icaew.com/technical/technology/data/data-protection/data-protection-articles/do-i-...

October 3, 2023 No Comments READ MORE +

When hiring a data processor, which action would a data controller NOT be able to depend upon to avoid liability in the event of a security breach?

When hiring a data processor, which action would a data controller NOT be able to depend upon to avoid liability in the event of a security breach?A . Documenting due diligence steps taken in the pre-contractual stage.B . Conducting a risk assessment to analyze possible outsourcing threats.C . Requiring that...

October 2, 2023 No Comments READ MORE +