Free IAPP CIPP-C Exam Questions

Become IAPP Certified with updated CIPP-C exam questions and correct answers

Page: 1 / 31

Total 152 Questions | Updated On: Dec 18, 2025

Add To Cart

Question 1

Which of the following is an important implication of the Dodd-Frank Wall Street Reform and Consumer

Protection Act?

A : nancial institutions must avoid collecting a customer’s sensitive personal information

B : Financial institutions must help ensure a customer’s understanding of products and services

C : nancial institutions must use a prescribed level of encryption for most types of customer records

D : nancial institutions must cease sending e-mails and other forms of advertising to customers who opt out of direct marketing

Answer: B

Question 2

Global Manufacturing Co’s Human Resources department recently purchased a new software tool. This tool

helps evaluate future candidates for executive roles by scanning emails to see what those candidates say and

what is said about them. This provides the HR department with an automated “360 review” that lets them

know how the candidate thinks and operates, what their peers and direct reports say about them, and how well

they interact with each other.

What is the most important step for the Human Resources Department to take when implementing this new

software?

A : king sure that the software does not unintentionally discriminate against protected groups.

B : Ensuring that the software contains a privacy notice explaining that employees have no right to privacyas long as they are running this software on organization systems to scan email systems.

C : Confirming that employees have read and signed the employee handbook where they have been advisedthat they have no right to privacy as long as they are using the organization’s systems, regardless of theprotected group or laws enforced by EEOC.

D : Providing notice to employees that their emails will be scanned by the software and creating automatedprofiles.

Answer: A

Question 3

According to the FTC Report of 2012, what is the main goal of Privacy by Design?

A : taining consumer consent when collecting sensitive data for certain purposes

B : tablishing a system of self-regulatory codes for mobile-related services

C : corporating privacy protections throughout the development process

D : Implementing a system of standardization for privacy notices

Answer: C

Question 4

Which of the following best describes an employer’s privacy-related responsibilities to an employee who has

left the workplace?

A : An employer has a responsibility to maintain a former employee’s access to computer systems andcompany data needed to support claims against the company such as discrimination.

B : An employer has a responsibility to permanently delete or expunge all sensitive employment records tominimize privacy risks to both the employer and former employee.

C : An employer may consider any privacy-related responsibilities terminated, as the relationship betweenemployer and employee is considered primarily contractual.

D : An employer has a responsibility to maintain the security and privacy of any sensitive employmentrecords retained for a legitimate business purpose.

Answer: B

Question 5

Which entities must comply with the Telemarketing Sales Rule?

A : r-profit organizations and for-profit telefunders regarding charitable solicitations

B : nprofit organizations calling on their own behalf

C : r-profit organizations calling businesses when a binding contract exists between them

D : r-profit and not-for-profit organizations when selling additional services to establish customers

Answer: D

Page: 1 / 31

Total 152 Questions | Updated On: Dec 18, 2025

Add To Cart