Free Online IAPP CIPP-C Practice Test

Prepare Your IAPP CIPP-C Exam Questions with Free online CIPP-C Practice Test. Get Brilliant Certified Information Privacy Professional/ Canada (CIPP/C) Exam Results with Valid CIPP C Exam Dumps.

Page: 1 / 31

Total 152 Questions | Updated On: May 16, 2024

Add To Cart

Question 1

Which of the following types of information would an organization generally NOT be required to disclose to

law enforcement?

A : Information about medication errors under the Food, Drug and Cosmetic Act

B : Money laundering information under the Bank Secrecy Act of 1970

C : Information about workspace injuries under OSHA requirements

D : Personal health information under the HIPAA Privacy Rule

Answer: D

Question 2

Which of the following best describes an employer’s privacy-related responsibilities to an employee who has

left the workplace?

A : An employer has a responsibility to maintain a former employee’s access to computer systems andcompany data needed to support claims against the company such as discrimination.

B : An employer has a responsibility to permanently delete or expunge all sensitive employment records tominimize privacy risks to both the employer and former employee.

C : An employer may consider any privacy-related responsibilities terminated, as the relationship betweenemployer and employee is considered primarily contractual.

D : An employer has a responsibility to maintain the security and privacy of any sensitive employmentrecords retained for a legitimate business purpose.

Answer: B

Question 3

Under the Fair and Accurate Credit Transactions Act (FACTA), what is the most appropriate action for a car dealer holding a paper folder of customer credit reports?

A : To follow the Disposal Rule by having the reports shredded

B : To follow the Red Flags Rule by mailing the reports to customers

C : To follow the Privacy Rule by notifying customers that the reports are being stored

D : To follow the Safeguards Rule by transferring the reports to a secure electronic file

Answer: C

Question 4

A covered entity suffers a ransomware attack that affects the personal health information (PHI) of more than 500 individuals. According to Federal law under HIPAA, which of the following would the covered entity NOT have to report the breach to?

A : Department of Health and Human Services

B : The affected individuals

C : The local media

D : Medical providers

Answer: D

Question 5

Acme Student Loan Company has developed an artificial intelligence algorithm that determines whether an

individual is likely to pay their bill or default. A person who is determined by the algorithm to be more likely

to default will receive frequent payment reminder calls, while those who are less likely to default will not

receive payment reminders.

Which of the following most accurately reflects the privacy concerns with Acme Student Loan Company using

artificial intelligence in this manner?

A : If the algorithm uses risk factors that impact the automatic decision engine. Acme must ensure that thealgorithm does not have a disparate impact on protected classes in the output.

B : If the algorithm makes automated decisions based on risk factors and public information, Acme need notdetermine if the algorithm has a disparate impact on protected classes.

C : If the algorithm’s methodology is disclosed to consumers, then it is acceptable for Acme to have adisparate impact on protected classes.

D : If the algorithm uses information about protected classes to make automated decisions, Acme mustensure that the algorithm does not have a disparate impact on protected classes in the output.

Answer: B

Page: 1 / 31

Total 152 Questions | Updated On: May 16, 2024

Add To Cart