DCPLA exam

Privacy enhancing tools aim to allow users to take one or more of the following actions related to their personal data that is sent to, and used by online service providers, merchants or other users: I) Increase control over their personal data II) Choose whether to use services anonymously or...

The concept of data adequacy is based on the principle of _________.A . Adequate compliance B. Dissimilarity of legislations C. Essential equivalence D. Essential assessmentView AnswerAnswer: C

What is the maximum compensation that can be imposed on an organization for negligence in implementing reasonable security practices as defined in Section 43A of ITAA, 2008?A . Uncapped compensation B. 5 crores C. 15 crores or 4% of the global turnover D. 5 lakhsView AnswerAnswer: C

CORRECT TEXT FILL BLANK VPI As a starting point, the consultants undertook a visibility exercise to understand the type of personal information (PI) being dealt with within the organization and also by third parties and the scope was to cover all the client relationships (IT services and BPM both) and...

CORRECT TEXT FILL BLANK RCI and PCM Given its global operations, the company is exposed to multiple regulations (privacy related) across the globe and needs to comply mostly through contracts for client relationships and directly for business functions. The corporate legal team is responsible for managing the contracts and understanding,...

What is a Data Subject? (Choose all that apply.)A . An individual who provides his/her data/information for availing any service B. An individual who processes the data/information of individuals for providing necessary services C. An individual whose data/information is processed D. A company providing PI of its employees for processing...

XYZ bank has recently decided to start offering online banking services. For doing so, the bank has outsourced its IT operations and processes to various third parties. Acknowledging privacy concerns, bank has decided to implement a privacy program. Assuming you have been tasked to deploy this framework for the bank,...

A newly appointed Data Protection officer is reviewing the organization’s existing privacy policy. Which of the following would be the most critical factor for the review process?A . Awareness of the business units about the privacy policy B. Changes in the legal/regulatory regime C. Privacy policies of industry peers D....

CORRECT TEXT FILL BLANK PIS The company has a well-defined and effectively implemented security policy. As in case of access control, the security controls vary in different client relationships based on the client requirements but certain basic or hygiene security practices / controls are implemented organization wide. The consultants have...

Which of the following are classified as Sensitive Personal Data or Information under Section 43A of ITAA, 2008? (Choose all that apply.)A . Password B. Financial information C. Sexual orientation D. Caste and religious beliefs E. Biometric information F. Medical records and historyView AnswerAnswer: B,C,E,F