1. Home
  2. DSCI
  3. DCPP
  4. DCPP-01
  5. DSCI certified Privacy Professional (DCPP) Questions and Answers

Pass the DSCI DCPP DCPP-01 Questions and answers with CertsForce

 DSCI Exams      Go to Exam Detail      Get Premium Access
Viewing page 2 out of 4 pages
Viewing questions 11-20 out of questions
Questions # 11:

Privacy enhancing tools aim to allow users to take one or more of the following actions related to their personal data that is sent to, and used by online service providers, merchants or other users:

i. Increase control over their personal data

ii. Choose whether to use services anonymously or not

iii. Obtain informed consent about sharing their personal data

iv. Opt-out of behavioral advertising or any other use of data

Please select correct option from below:

Options:
A.

Only i

B.

Only i and ii

C.

All

D.

All except iii

Expert Solution
Questions # 12:

What is not a compulsory pre-requisite before a company with headquarters in the EU transfers sensitive personal data to its Asian subsidiaries?

Options:
A.

Self-certifying to Safe Harbor practices and reporting to Federal Trade Commission

B.

Performing a risk assessment for the processing involved

C.

Data subjects are notified

D.

Assessing the country's adequacy

Expert Solution
Questions # 13:

According to IT (Amendment) Act,2008, who should designate a grievance officer to redress grievance(s) of provider of information?

Options:
A.

Data processor

B.

Third party agency collecting personal information

C.

Body corporate, which determines the means and purpose of data processing

D.

Natural person sharing his/her information

Expert Solution
Questions # 14:

Which of the following categories of information are generally protected under privacy laws?

Options:
A.

Personally Identifiable Information (PII)

B.

Sensitive Personal Information (SPI)

C.

Trademark, copyright and patent information

D.

Organizations’ confidential business information

Expert Solution
Questions # 15:

XYZ & Co., an Indian hospital specialized in dealing with cancer treatment has organized a free health checkup camp for women in a specific district, after seeking due permission from competent authorities. During the camp the hospital staffs will be feeding the medical records of these women into the computer connected to hospital network system. Does the said hospital need to notify its privacy policy to the women attending the camp and seek their consent regarding the collection and processing of such information?

Options:
A.

No, since it is a free checkup camp for their welfare

B.

Yes, in the any language as per the wishes of said hospital

C.

No, since the law does not require the same in this case

D.

Yes, in the language such women would understand

Expert Solution
Questions # 16:

Which of the following statements are true about the privacy statement of an organization?

Options:
A.

Content of the online privacy statement of an organization will depend upon the applicable laws, and may need to address requirements across geographical boundaries and legal jurisdictions

B.

As per privacy laws generally it is mandatory to mention the phone contact details of the owner of organization in the online privacy statement where customers can reach out in case of a grievance or incident

C.

Online privacy statement is an instrument to demonstrate to stakeholders how the organization gathers, uses, discloses, and manages personal data

D.

India’s Information Technology (Amendment) Act, 2008 does not require that privacy policy be published on the website

Expert Solution
Questions # 17:

Which of the following privacy regulation advocates de-identification of personal information?

Options:
A.

EU Data Protection Directive

B.

Canada’s PIPEDA

C.

Australia’s ANPP

D.

IT Act of India

Expert Solution
Questions # 18:

A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries.

Which of the following are not mandatory pre-requisite before transferring sensitive personal data to its Asian branches?

Options:
A.

Notifying the data subject

B.

Conducting risk assessment for the processing involved

C.

Determining adequacy status of the country

D.

Self-certifying to Safe Harbor practices and reporting to Federal Trade Commission

Expert Solution
Questions # 19:

Which among the following is the Canadian privacy law?

Options:
A.

COPPA

B.

PIPEDA

C.

HIPAA

D.

IT Act of Canada

Expert Solution
Questions # 20:

With respect to ‘Data Minimization’ privacy principle, please select the correct statements from the following:

Options:
A.

Right to object by the data subject for minimizing the collection of personal information

B.

Data controllers should limit the amount of data collected to what is directly relevant and necessary to accomplish a specified purpose

C.

Data controllers should retain the data only for as long as is necessary to fulfil the purpose for which it was collected

D.

Process of analyzing and minimizing the collected data into useful information

Expert Solution
Viewing page 2 out of 4 pages
Viewing questions 11-20 out of questions