Free IAPP CIPP-C Exam Questions

Become IAPP Certified with updated CIPP-C exam questions and correct answers

Page: 1 / 31

Total 152 Questions | Updated On: Apr 22, 2022

Add To Cart

Question 1

According to the FTC Report of 2012, what is the main goal of Privacy by Design?

A : taining consumer consent when collecting sensitive data for certain purposes

B : tablishing a system of self-regulatory codes for mobile-related services

C : corporating privacy protections throughout the development process

D : Implementing a system of standardization for privacy notices

Answer: C

Question 2

If an organization certified under Privacy Shield wants to transfer personal data to a third party acting as an

agent, the organization must ensure the third party does all of the following EXCEPT?

A : es the transferred data for limited purposes

B : ovides the same level of privacy protection as the organization

C : tifies the organization if it can no longer meet its requirements for proper data handling

D : ters a contract with the organization that states the third party will process data according to the consent agreement

Answer: D

Question 3

Acme Student Loan Company has developed an artificial intelligence algorithm that determines whether an

individual is likely to pay their bill or default. A person who is determined by the algorithm to be more likely

to default will receive frequent payment reminder calls, while those who are less likely to default will not

receive payment reminders.

Which of the following most accurately reflects the privacy concerns with Acme Student Loan Company using

artificial intelligence in this manner?

A : If the algorithm uses risk factors that impact the automatic decision engine. Acme must ensure that thealgorithm does not have a disparate impact on protected classes in the output.

B : If the algorithm makes automated decisions based on risk factors and public information, Acme need notdetermine if the algorithm has a disparate impact on protected classes.

C : If the algorithm’s methodology is disclosed to consumers, then it is acceptable for Acme to have adisparate impact on protected classes.

D : If the algorithm uses information about protected classes to make automated decisions, Acme mustensure that the algorithm does not have a disparate impact on protected classes in the output.

Answer: B

Question 4

Which entities must comply with the Telemarketing Sales Rule?

A : r-profit organizations and for-profit telefunders regarding charitable solicitations

B : nprofit organizations calling on their own behalf

C : r-profit organizations calling businesses when a binding contract exists between them

D : r-profit and not-for-profit organizations when selling additional services to establish customers

Answer: D

Question 5

A covered entity suffers a ransomware attack that affects the personal health information (PHI) of more than 500 individuals. According to Federal law under HIPAA, which of the following would the covered entity NOT have to report the breach to?

A : partment of Health and Human Services

B : affected individuals

C : local media

D : dical providers

Answer: D

Page: 1 / 31

Total 152 Questions | Updated On: Apr 22, 2022

Add To Cart