CIPT exam

Which activity should the privacy technologist undertake to reduce potential privacy risk when evaluating options to process data in a country other than where it would be collected? ^A . Review the Data Life Cycle. B. Review data retention policies. C. Create enterprise data flow diagrams. D. Recommend controls for...

SCENARIO Please use the following to answer the next question: Jordan just joined a fitness-tracker start-up based in California, USA, as its first Information Privacy and Security Officer. The company is quickly growing its business but does not sell any of the fitness trackers itself. Instead, it relies on a...

Which of the following became a foundation for privacy principles and practices of countries and organizations across the globe?A . The Personal Data Ordinance. B. The EU Data Protection Directive. C. The Code of Fair Information Practices. D. The Organization for Economic Co-operation and Development (OECD) Privacy Principles.View AnswerAnswer: D...

SCENARIO Please use the following to answer the next question: Light Blue Health (LBH) is a healthcare technology company developing a new web and mobile application that collects personal health information from electronic patient health records. The application will use machine learning to recommend potential medical treatments and medications based...

Value sensitive design focuses on which of the following?A . Quality and benefit. B. Ethics and morality. C. Confidentiality and integrity. D. Consent and human rights.View AnswerAnswer: B Explanation: Value sensitive design (VSD) is a theoretically grounded approach to the design of technology that accounts for human values in a...

Which of the following are the mandatory pieces of information to be included in the documentation of records of processing activities for an organization that processes personal data on behalf of another organization?A . Copies of the consent forms from each data subject. B. Time limits for erasure of different...

An organization is launching a smart watch which, in addition to alerts, will notify the the wearer of incoming calls allowing them to answer on the device. This convenience also comes with privacy concerns and is an example of?A . Value-Sensitive Design. B. Ubiquitous computing. C. Anthropomorphism. D. CouplingView AnswerAnswer:...

What is the goal of privacy enhancing technologies (PETS) like multiparty computation and differential privacy?A . To facilitate audits of third party vendors. B. To protect sensitive data while maintaining its utility. C. To standardize privacy activities across organizational groups. D. To protect the security perimeter and the data items...

SCENARIO Looking back at your first two years as the Director of Personal Information Protection and Compliance for the Berry Country Regional Medical Center in Thorn Bay, Ontario, Canada, you see a parade of accomplishments, from developing state-of-the-art simulation based training for employees on privacy protection to establishing an interactive...

Which of the following functionalities can meet some of the General Data Protection Regulation’s (GDPR’s) Data Portability requirements for a social networking app designed for users in the EU?A . Allow users to modify the data they provided the app. B. Allow users to delete the content they provided the...