1. Home
  2. IAPP
  3. Certified Information Privacy Professional
  4. CIPP-A
  5. Certified Information Privacy Professional/Asia (CIPP/A) Questions and Answers

Pass the IAPP Certified Information Privacy Professional CIPP-A Questions and answers with CertsForce

 IAPP Exams      Go to Exam Detail      Get Premium Access
Viewing page 3 out of 3 pages
Viewing questions 21-30 out of questions
Questions # 21:

In Hong Kong's revised Breach Guidance Note of 2015, what course of action did the Commissioner recommend that companies take immediately after experiencing a breach?

Options:
A.

Proceed under the assumption that the breach is a threat to personal safety.

B.

Enlist the aid of law enforcement to determine the cause of the breach.

C.

Quickly issue a notification to the data subjects affected by the breach.

D.

Immediately gather essential information in relation to the breach.

Expert Solution
Questions # 22:

The "due diligence" exemption in Hong Kong's PDPO was meant to apply to?

Options:
A.

Third-party data processors located in foreign countries.

B.

Companies researching the viability of business mergers.

C.

Service providers hosting customer information in the cloud.

D.

Direct marketers acting in the best interest of their company.

Expert Solution
Questions # 23:

Which Hong Kong body has recommended legislation that provides for the right of civil action to be taken when private information is publicly disclosed?

Options:
A.

Hong Kong's Court of Final Appeal.

B.

Hong Kong Law Reform Commission.

C.

Office of the Privacy Commissioner for Personal Data.

D.

Standing Committee of the National People's Congress of the PRC.

Expert Solution
Questions # 24:

What clarification did India make in a 2011 Press Note regarding their Sensitive Personal Data Rules?

Options:
A.

That the rules apply to data subjects located outside of India.

B.

That the rules apply to persons or companies collecting sensitive data within India.

C.

That the data processor must provide notice to the data subject before data is processed.

D.

That sensitive personal data or information includes passwords, financial information, medical records, and

biometric information.

Expert Solution
Questions # 25:

How can the privacy principles issued in 1980 by the Organisation for Economic Cooperation and Development (OECD) be defined?

Options:
A.

Guidelines governing the protection of privacy and trans-border data flows issued in collaboration with the Federal Trade Commission.

B.

Guidelines governing the protection of privacy and trans-border data flows of personal data in states that are members.

C.

Mandatory rules governing the protection of privacy and trans-border data flows within the European Union.

D.

Mandatory rules governing the protection of privacy and trans-border data flows among binding member states.

Expert Solution
Questions # 26:

Under India's IT Rules 2011, data subjects have the right to correct inaccuracies in personal information collected about them only if?

Options:
A.

They are also the providers of the information.

B.

They confirm their consent to maintain the information.

C.

They are able to prove the legitimacy of the corrections.

D.

They request the corrections within a specified amount of time.

Expert Solution
Questions # 27:

In enforcement cases, what is Singapore's Personal Data Protection Commission (PDPC) obligated to do?

Options:
A.

Publish the decisions it makes regarding complaints.

B.

Provide the complainant with a way to appeal a decision.

C.

Publish the name of an organization named in a complaint.

D.

Intervene in civil actions to provide assistance to complainants.

Expert Solution
Viewing page 3 out of 3 pages
Viewing questions 21-30 out of questions