With respect to ‘Data Minimization’ privacy principle, please select the correct statements from the following:

With respect to ‘Data Minimization’ privacy principle, please select the correct statements from the following:A . Right to object by the data subject for minimizing the collection of personal informationB . Data controllers should limit the amount of data collected to what is directly relevant and necessary to accomplish a...

September 14, 2019 No Comments READ MORE +

Which of the following privacy principle deals with informed consent of the data subject before sharing the personal information (of the data subject) to third parties for processing?

Which of the following privacy principle deals with informed consent of the data subject before sharing the personal information (of the data subject) to third parties for processing?A . Collection limitationB . Purpose limitationC . Disclosure of informationD . AccountabilityView AnswerAnswer: C

September 10, 2019 No Comments READ MORE +

Ensuring effective enforcement of which of the below listed privacy principles is client’s accountability, even after outsourcing its loan approval process to XYZ?

XYZ is a successful startup that acquired a respectable size & scale of operations in last 3 years, handling business process services for small & medium scale enterprises, largely in US & Europe. They are at the stage of closing a deal with a new banking client and working out...

September 10, 2019 No Comments READ MORE +

’Challenging Compliance’ as a privacy principle is covered in which of the following data protection/ privacy act?

’Challenging Compliance’ as a privacy principle is covered in which of the following data protection/ privacy act?A . Federal Data Protection Act, GermanyB . UK Data Protection ActC . PIPEDAD . Singapore Data Protection ActView AnswerAnswer: C

September 7, 2019 No Comments READ MORE +

Which of the following legislations/ guidelines do not cover the concept of trans-border data flow?

Which of the following legislations/ guidelines do not cover the concept of trans-border data flow?A . OECDB . IT (Amendment) Act, 2008C . PIPEDAD . None of the aboveView AnswerAnswer: B

September 6, 2019 No Comments READ MORE +

Which of the following privacy regulation advocates de-identification of personal information?

Which of the following privacy regulation advocates de-identification of personal information?A . EU Data Protection DirectiveB . Canada’s PIPEDAC . Australia’s ANPPD . IT Act of IndiaView AnswerAnswer: A

September 4, 2019 No Comments READ MORE +

Does the said hospital need to notify its privacy policy to the women attending the camp and seek their consent regarding the collection and processing of such information?

XYZ & Co., an Indian hospital specialized in dealing with cancer treatment has organized a free health checkup camp for women in a specific district, after seeking due permission from competent authorities. During the camp the hospital staffs will be feeding the medical records of these women into the computer...

August 31, 2019 No Comments READ MORE +

Which of the following are not mandatory pre-requisite before transferring sensitive personal data to its Asian branches?

A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some...

August 29, 2019 No Comments READ MORE +

Effective 2013, HIPAA Omnibus rule applies to which of the following?

Effective 2013, HIPAA Omnibus rule applies to which of the following?A . Covered Entities onlyB . Business Associates onlyC . Covered Entities & Business AssociatesD . Federal Health Bodies onlyView AnswerAnswer: C Explanation: The final Omnibus Rule becomes effective on March 26, 2013. Covered entities and Business Associates Reference: http://www.hipaasurvivalguide.com/hipaa-omnibus-rule.php

August 26, 2019 No Comments READ MORE +

With reference to APEC privacy framework, when personal information is to be transferred to another person or organization, whether domestically or internationally, “the ______________ should obtain the consent of the individual and exercise due diligence and take reasonable steps to ensure that the recipient person or organization will protect the information consistently with APEC information privacy principles”.

With reference to APEC privacy framework, when personal information is to be transferred to another person or organization, whether domestically or internationally, “the ______________ should obtain the consent of the individual and exercise due diligence and take reasonable steps to ensure that the recipient person or organization will protect the...

August 26, 2019 No Comments READ MORE +