• Home
  • Articles
  • New Free4Dump CIPP-US Exam Questions Real CIPP-US Dumps Updated on Nov 26, 2021 [Q30-Q50]

New Free4Dump CIPP-US Exam Questions Real CIPP-US Dumps Updated on Nov 26, 2021 [Q30-Q50]

Share

New Free4Dump CIPP-US Exam Questions| Real CIPP-US Dumps Updated on Nov 26, 2021

CIPP-US Braindumps – CIPP-US Questions to Get Better Grades


Who should take the IAPP CIPP-US: Certified Information Privacy Professional/United States (CIPP/US) Exam

The IAPP CIPP/US exam test is ideal for those tech pros that want to accelerate their data privacy career. When looking at the role that a IAPP CIPP-US: Certified Information Privacy Professional/United States (CIPP/US) certified professional would play, it’s most relevant to those that are involved in processing of personal data, particularly those in the public sector and from EU institutions, agencies and bodies, including:

  • Record Managers
  • Compliance Officers
  • Data Protection Lawyers
  • Data Protection Professionals
  • Information Officers
  • Human Resources Officers
  • Data Protection Officers
  • Anyone who uses, processes and maintains personal data

Prerequisites

Commonly, candidates do not have specific conditions to meet before they sit for the CIPP-US exam. However, one needs to have a basic understanding of data protection policies and concepts in the country. If a candidate does not have prior experience in the industry that will have exposed them to the concepts and skills tested, they should study the Body of Knowledge for this certificate, the certification handbook, as well as the exam outline.

 

NEW QUESTION 30
A student has left high school and is attending a public postsecondary institution. Under what condition may a school legally disclose educational records to the parents of the student without consent?

  • A. If the student is in danger of academic suspension
  • B. If the student has applied to transfer to another institution
  • C. If the student has not yet turned 18 years of age
  • D. If the student is still a dependent for tax purposes

Answer: D

Explanation:
Explanation/Reference: https://www2.ed.gov/policy/gen/guid/fpco/pdf/ferpafaq.pdf

 

NEW QUESTION 31
In 2014, Google was alleged to have violated the Family Educational Rights and Privacy Act (FERPA) through its Apps for Education suite of tools. For what specific practice did students sue the company?

  • A. Scanning emails sent to and received by students
  • B. Relying on verbal consent for a disclosure of education records
  • C. Disclosing education records without obtaining required consent
  • D. Making student education records publicly available

Answer: A

Explanation:
Explanation/Reference: https://www.edweek.org/ew/articles/2014/03/13/26google.h33.html

 

NEW QUESTION 32
SCENARIO
Please use the following to answer the next question:
Matt went into his son's bedroom one evening and found him stretched out on his bed typing on his laptop.
"Doing your network?" Matt asked hopefully.
"No," the boy said. "I'm filling out a survey."
Matt looked over his son's shoulder at his computer screen. "What kind of survey?"
"It's asking questions about my opinions."
"Let me see," Matt said, and began reading the list of questions that his son had already answered. "It's asking your opinions about the government and citizenship. That's a little odd. You're only ten." Matt wondered how the web link to the survey had ended up in his son's email inbox. Thinking the message might have been sent to his son by mistake he opened it and read it. It had come from an entity called the Leadership Project, and the content and the graphics indicated that it was intended for children. As Matt read further he learned that kids who took the survey were automatically registered in a contest to win the first book in a series about famous leaders.
To Matt, this clearly seemed like a marketing ploy to solicit goods and services to children. He asked his son if he had been prompted to give information about himself in order to take the survey. His son told him he had been asked to give his name, address, telephone number, and date of birth, and to answer questions about his favorite games and toys.
Matt was concerned. He doubted if it was legal for the marketer to collect information from his son in the way that it was. Then he noticed several other commercial emails from marketers advertising products for children in his son's inbox, and he decided it was time to report the incident to the proper authorities.
Based on the incident, the FTC's enforcement actions against the marketer would most likely include what violation?

  • A. Disregarding the privacy policy of the children's marketing industry.
  • B. Intruding upon the privacy of a family with young children.
  • C. Failing to notify of a breach of children's private information.
  • D. Collecting information from a child under the age of thirteen.

Answer: A

Explanation:
Explanation/Reference: https://www.ftc.gov/system/files/2012-31341.pdf

 

NEW QUESTION 33
What was the original purpose of the Federal Trade Commission Act?

  • A. To enforce antitrust laws
  • B. To protect consumers
  • C. To ensure privacy rights of U.S. citizens
  • D. To negotiate consent decrees with companies violating personal privacy

Answer: B

 

NEW QUESTION 34
What is an exception to the Electronic Communications Privacy Act of 1986 ban on interception of wire, oral and electronic communications?

  • A. Only if all parties have given consent
  • B. Where one of the parties has given consent
  • C. Where state law permits such interception
  • D. If an organization intercepts an employee's purely personal call

Answer: D

 

NEW QUESTION 35
A company's employee wellness portal offers an app to track exercise activity via users' mobile devices. Which of the following design techniques would most effectively inform users of their data privacy rights and privileges when using the app?

  • A. Publish a privacy policy written in clear, concise, and understandable language.
  • B. Present a privacy policy to users during the wellness program registration process.
  • C. Provide a link to the wellness program privacy policy at the bottom of each screen.
  • D. Offer information about data collection and uses at key data entry points.

Answer: B

 

NEW QUESTION 36
How did the Fair and Accurate Credit Transactions Act (FACTA) amend the Fair Credit Reporting Act (FCRA)?

  • A. It increased the obligation of organizations to dispose of consumer data in ways that prevent unauthorized access
  • B. It expanded the definition of "consumer reports" to include communications relating to employee investigations
  • C. It stipulated the purpose of obtaining a consumer report can only be for a review of the employee's credit worthiness
  • D. It required employers to get an employee's consent in advance of requesting a consumer report for internal investigation purposes Section: (none) Explanation

Answer: A

 

NEW QUESTION 37
Which of the following is an example of federal preemption?

  • A. The California Consumer Privacy Act (CCPA) regulating businesses that have no physical brick-and-mortal presence in California, but which do business there.
  • B. The U.S. Federal Trade Commission's (FTC) ability to enforce against unfair and deceptive trade practices across sectors and industries.
  • C. The Payment Card Industry's (PCI) ability to self-regulate and enforce data security standards for payment card data.
  • D. The U.S. Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act prohibiting states from passing laws that impose greater obligations on senders of email marketing.

Answer: B

 

NEW QUESTION 38
The FTC often negotiates consent decrees with companies found to be in violation of privacy principles. How does this benefit both parties involved?

  • A. It avoids potentially harmful publicity.
  • B. It spares the expense of going to trial.
  • C. It standardizes the amount of fines.
  • D. It simplifies the audit requirements.

Answer: A

 

NEW QUESTION 39
In March 2012, the FTC released a privacy report that outlined three core principles for companies handling consumer dat a. Which was NOT one of these principles?

  • A. Practicing Privacy by Design.
  • B. Providing greater transparency.
  • C. Simplifying consumer choice.
  • D. Enhancing security measures.

Answer: D

 

NEW QUESTION 40
Which of the following best describes how federal anti-discrimination laws protect the privacy of private-sector employees in the United States?

  • A. They promote a workforce of employees with diverse skills and interests.
  • B. They limit the amount of time a potential employee can be interviewed.
  • C. They prescribe working environments that are safe and comfortable.
  • D. They limit the types of information that employers can collect about employees.

Answer: C

 

NEW QUESTION 41
The Video Privacy Protection Act of 1988 restricted which of the following?

  • A. When downloading of copyrighted audio visual materials is allowed
  • B. Who advertisements for videos and video games may target
  • C. Which purchase records of audio visual materials may be disclosed
  • D. When a user's viewing of online video content can be monitored

Answer: C

 

NEW QUESTION 42
SCENARIO
Please use the following to answer the next QUESTION:
Declan has just started a job as a nursing assistant in a radiology department at Woodland Hospital. He has also started a program to become a registered nurse.
Before taking this career path, Declan was vaguely familiar with the Health Insurance Portability and Accountability Act (HIPAA). He now knows that he must help ensure the security of his patients' Protected Health Information (PHI). Therefore, he is thinking carefully about privacy issues.
On the morning of his first day, Declan noticed that the newly hired receptionist handed each patient a HIPAA privacy notice. He wondered if it was necessary to give these privacy notices to returning patients, and if the radiology department could reduce paper waste through a system of one-time distribution.
He was also curious about the hospital's use of a billing company. He Questioned whether the hospital was doing all it could to protect the privacy of its patients if the billing company had details about patients' care.
On his first day Declan became familiar with all areas of the hospital's large radiology department. As he was organizing equipment left in the halfway, he overheard a conversation between two hospital administrators. He was surprised to hear that a portable hard drive containing non-encrypted patient information was missing. The administrators expressed relief that the hospital would be able to avoid liability. Declan was surprised, and wondered whether the hospital had plans to properly report what had happened.
Despite Declan's concern about this issue, he was amazed by the hospital's effort to integrate Electronic Health Records (EHRs) into the everyday care of patients. He thought about the potential for streamlining care even more if they were accessible to all medical facilities nationwide.
Declan had many positive interactions with patients. At the end of his first day, he spoke to one patient, John, whose father had just been diagnosed with a degenerative muscular disease. John was about to get blood work done, and he feared that the blood work could reveal a genetic predisposition to the disease that could affect his ability to obtain insurance coverage. Declan told John that he did not think that was possible, but the patient was wheeled away before he could explain why. John plans to ask a colleague about this.
In one month, Declan has a paper due for one his classes on a health topic of his choice. By then, he will have had many interactions with patients he can use as examples. He will be pleased to give credit to John by name for inspiring him to think more carefully about genetic testing.
Although Declan's day ended with many Questions, he was pleased about his new position.
Based on the scenario, what is the most likely way Declan's supervisor would answer his question about the hospital's use of a billing company?

  • A. By suggesting that Declan look at the hospital's publicly posted privacy policy
  • B. By describing how the billing system is integrated into the hospital's electronic health records (EHR) system
  • C. By pointing out that contracts are in place to help ensure the observance of minimum security standards
  • D. By assuring Declan that third parties are prevented from seeing Private Health Information (PHI)

Answer: C

 

NEW QUESTION 43
Under state breach notification laws, which is NOT typically included in the definition of personal information?

  • A. Social Security number
  • B. Medical Information
  • C. State identification number
  • D. First and last name

Answer: B

 

NEW QUESTION 44
The Family Educational Rights and Privacy Act (FERPA) requires schools to do all of the following EXCEPT?

  • A. Obtain student authorization before releasing directory information in their records.
  • B. Respond to all reasonable student requests regarding explanation of their records.
  • C. Provide students with access to their records within a specified amount of time.
  • D. Verify the identity of students who make requests for access to their records.

Answer: C

 

NEW QUESTION 45
SCENARIO
Please use the following to answer the next QUESTION
Felicia has spent much of her adult life overseas, and has just recently returned to the U.S. to help her friend Celeste open a jewelry store in Californi a. Felicia, despite being excited at the prospect, has a number of security concerns, and has only grudgingly accepted the need to hire other employees. In order to guard against the loss of valuable merchandise, Felicia wants to carefully screen applicants. With their permission, Felicia would like to run credit checks, administer polygraph tests, and scrutinize videos of interviews. She intends to read applicants' postings on social media, ask Question:s about drug addiction, and solicit character references. Felicia believes that if potential employees are serious about becoming part of a dynamic new business, they will readily agree to these requirements.
Felicia is also in favor of strict employee oversight. In addition to protecting the inventory, she wants to prevent mistakes during transactions, which will require video monitoring. She also wants to regularly check the company vehicle's GPS for locations visited by employees. She also believes that employees who use their own devices for work-related purposes should agree to a certain amount of supervision.
Given her high standards, Felicia is skeptical about the proposed location of the store. She has been told that many types of background checks are not allowed under California law. Her friend Celeste thinks these worries are unfounded, as long as applicants verbally agree to the checks and are offered access to the results. Nor does Celeste share Felicia's concern about state breach notification laws, which, she claims, would be costly to implement even on a minor scale. Celeste believes that even if the business grows a customer database of a few thousand, it's unlikely that a state agency would hassle an honest business if an accidental security incident were to occur.
In any case, Celeste feels that all they need is common sense - like remembering to tear up sensitive documents before throwing them in the recycling bin. Felicia hopes that she's right, and that all of her concerns will be put to rest next month when their new business consultant (who is also a privacy professional) arrives from North Carolina.
Which law will be most relevant to Felicia's plan to ask applicants about drug addiction?

  • A. The Health Insurance Portability and Accountability Act (HIPAA).
  • B. The Occupational Safety and Health Act (OSHA).
  • C. The Americans with Disabilities Act (ADA).
  • D. The Genetic Information Nondiscrimination Act of 2008.

Answer: C

 

NEW QUESTION 46
Acme Student Loan Company has developed an artificial intelligence algorithm that determines whether an individual is likely to pay their bill or default. A person who is determined by the algorithm to be more likely to default will receive frequent payment reminder calls, while those who are less likely to default will not receive payment reminders.
Which of the following most accurately reflects the privacy concerns with Acme Student Loan Company using artificial intelligence in this manner?

  • A. If the algorithm uses risk factors that impact the automatic decision engine. Acme must ensure that the algorithm does not have a disparate impact on protected classes in the output.
  • B. If the algorithm's methodology is disclosed to consumers, then it is acceptable for Acme to have a disparate impact on protected classes.
  • C. If the algorithm makes automated decisions based on risk factors and public information, Acme need not determine if the algorithm has a disparate impact on protected classes.
  • D. If the algorithm uses information about protected classes to make automated decisions, Acme must ensure that the algorithm does not have a disparate impact on protected classes in the output.

Answer: C

Explanation:
Explanation/Reference: https://www.ftc.gov/news-events/blogs/business-blog/2020/04/using-artificial-intelligence-algorithms

 

NEW QUESTION 47
What consumer service was the Fair Credit Reporting Act (FCRA) originally intended to provide?

  • A. The ability to investigate incidents of identity theft.
  • B. The ability to appeal negative credit-based decisions.
  • C. The ability to receive reports from multiple credit reporting agencies.
  • D. The ability to correct inaccurate credit information.

Answer: A

 

NEW QUESTION 48
SCENARIO
Please use the following to answer the next QUESTION:
Declan has just started a job as a nursing assistant in a radiology department at Woodland Hospital. He has also started a program to become a registered nurse.
Before taking this career path, Declan was vaguely familiar with the Health Insurance Portability and Accountability Act (HIPAA). He now knows that he must help ensure the security of his patients' Protected Health Information (PHI). Therefore, he is thinking carefully about privacy issues.
On the morning of his first day, Declan noticed that the newly hired receptionist handed each patient a HIPAA privacy notice. He wondered if it was necessary to give these privacy notices to returning patients, and if the radiology department could reduce paper waste through a system of one-time distribution.
He was also curious about the hospital's use of a billing company. He Questioned whether the hospital was doing all it could to protect the privacy of its patients if the billing company had details about patients' care.
On his first day Declan became familiar with all areas of the hospital's large radiology department. As he was organizing equipment left in the halfway, he overheard a conversation between two hospital administrators. He was surprised to hear that a portable hard drive containing non-encrypted patient information was missing. The administrators expressed relief that the hospital would be able to avoid liability. Declan was surprised, and wondered whether the hospital had plans to properly report what had happened.
Despite Declan's concern about this issue, he was amazed by the hospital's effort to integrate Electronic Health Records (EHRs) into the everyday care of patients. He thought about the potential for streamlining care even more if they were accessible to all medical facilities nationwide.
Declan had many positive interactions with patients. At the end of his first day, he spoke to one patient, John, whose father had just been diagnosed with a degenerative muscular disease. John was about to get blood work done, and he feared that the blood work could reveal a genetic predisposition to the disease that could affect his ability to obtain insurance coverage. Declan told John that he did not think that was possible, but the patient was wheeled away before he could explain why. John plans to ask a colleague about this.
In one month, Declan has a paper due for one his classes on a health topic of his choice. By then, he will have had many interactions with patients he can use as examples. He will be pleased to give credit to John by name for inspiring him to think more carefully about genetic testing.
Although Declan's day ended with many Questions, he was pleased about his new position.
How can the radiology department address Declan's concern about paper waste and still comply with the Health Insurance Portability and Accountability Act (HIPAA)?

  • A. Post the privacy notice in a prominent location instead
  • B. Direct patients to the correct area of the hospital website
  • C. State the privacy policy to the patient verbally
  • D. Confirm that patients are given the privacy notice on their first visit

Answer: B

Explanation:
Section: (none)
Explanation

 

NEW QUESTION 49
When does the Telemarketing Sales Rule require an entity to share a do-not-call request across its organization?

  • A. When the entity manages user preferences through multiple platforms
  • B. When the goods and services sold by its divisions are very similar
  • C. When a call is not the result of an error or other unforeseen cause
  • D. When the operational structures of its divisions are not transparent

Answer: C

 

NEW QUESTION 50
......

CIPP-US Exam Dumps - Try Best CIPP-US Exam Questions: https://www.free4dump.com/CIPP-US-braindumps-torrent.html

Get New CIPP-US Certification – Valid Exam Dumps Questions: https://drive.google.com/open?id=106i-UZZxZMCCSZOnbqE8aHV-Zt_4q9tG

Related Articles

more
IAPP CIPP-US Certification Practice Exam