Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

CIPP/US 2024 Exam Questions with 100% Correct Answers | Verified | Updated, Exams of Advanced Education

CIPP/US 2024 Exam Questions with 100% Correct Answers | Verified | Updated Fair Information Practices (FIP) - What three elements should organizations address with regards of rights of individuals? - Correct Answer-Notice Choice & Consent Data Subject Access Notice (context: FIP) - Correct Answer-provide notice of privacy policies/procedures and identify purpose for which PI is collected, used, retained & disclosed Choice & Consent (context: FIP) - Correct Answer-describe choices available and get implicit or explicit consent w/respect to collection, use, retention & disclosure of PI, particularly for disclosure to other data controllers Data Subject Access (context: FIP) - Correct Answer-provide individuals w/access to their PI for review & update Information Life Cycle - what three elements should organizations address? - Correct Answer-Collection Use and Retention Disclosures Management Administration - Correct Answer-orgs should define,

Typology: Exams

2023/2024

Available from 07/17/2024

professoraxel
professoraxel 🇺🇸

3.7

(26)

9.4K documents

1 / 6

Toggle sidebar

Related documents


Partial preview of the text

Download CIPP/US 2024 Exam Questions with 100% Correct Answers | Verified | Updated and more Exams Advanced Education in PDF only on Docsity! CIPP/US 2024 Exam Questions with 100% Correct Answers | Verified | Updated Fair Information Practices (FIP) - What three elements should organizations address with regards of rights of individuals? - Correct Answer-Notice Choice & Consent Data Subject Access Notice (context: FIP) - Correct Answer-provide notice of privacy policies/procedures and identify purpose for which PI is collected, used, retained & disclosed Choice & Consent (context: FIP) - Correct Answer-describe choices available and get implicit or explicit consent w/respect to collection, use, retention & disclosure of PI, particularly for disclosure to other data controllers Data Subject Access (context: FIP) - Correct Answer-provide individuals w/access to their PI for review & update pg. 1 professoraxe l Information Life Cycle - what three elements should organizations address? - Correct Answer-Collection Use and Retention Disclosures Management Administration - Correct Answer-orgs should define, document, communicate, and assign accountability for the privacy policies and procedures US Health & Welfare FIPs (1973) - Correct Answer-i) no secret PI recordkeeping system ii) DS must be able to find out what PI is in record/how it's used iii) DS can prevent purpose scope creep w/out consent iv) DS can correct/amend v) org must assure integrity and security OECD (1980) - define - Correct Answer-Organisation for Economic Co-operation and Development Guidelines OECD (1980) - scope - Correct Answer-a) collection limitation b) data quality (relevant to purpose) pg. 2 professoraxe l Data Controller - Correct Answer-organization w/authority to decide how/why PI is to be processed Data Processor - Correct Answer-An individual or organization, often a third-party outsourcing service, that processes data on behalf of the data controller. Comprehensive Model - Correct Answer-A method of data protection to govern the collection, use and dissemination of personal information in the public and private sectors, generally with an official or agency responsible for overseeing enforcement. Reasons to adopt: * remedy past injustices * ensure consistency w/European privacy laws * promote electronic commerce Sectoral Model - Correct Answer-This framework protects personal information by enacting laws that address a particular industry sector. pg. 5 professoraxe l Co-regulatory model - Correct Answer-Used in Australia and New Zealand, this model emphasizes industry development of enforceable codes or standards for privacy and data protection, against the backdrop of legal requirements by the government. Example: COPPA self-regulatory model - Correct Answer-emphasizes creation of codes of practices by company, industry, or independent body Example: Payment Card Data Security Standard (PCI DSS) pg. 6 professoraxe l