What is required for a provincial law to be considered substantially similar to the Personal Information Protection and Electronic Documents Act (PIPEDA)?
A. Consistency with at least eight of the ten privacy principles, an independent oversight body and a complaint handling mechanism.
B. Consistency with the ten privacy principles, an independent oversight body and a process for accessing information.
C. Consistency with the ten privacy principles, an independent oversight body and a redress mechanism.
D. Consistency with the ten privacy principles, an appeal process and a redress mechanism.
Under PIPEDA, each of the following situations requires an organization to obtain express consent to use personal information EXCEPT?
A. If the use is outside of the reasonable expectations of an individual.
B. If the information is publicly available as defined by the regulation.
C. If the use is inconsistent with the original purpose.
D. If there is no risk of significant harm.
Which statement is TRUE regarding health information privacy laws in Canada?
A. Obligations regarding accountability for health information are transferred when control is outsourced to a third party.
B. Emphasis is given to personal information protection over the maintenance of the publicly funded healthcare system.
C. There is a significant amount of variation among provinces regarding the definition of consent and how the consent requirement is addressed.
D. In provinces where there are no health information privacy statutes, a combination of the public health regulations and the private sector privacy legislation apply.
Which is NOT a Canadian Standards Association (CSA) Privacy Principle?
A. Personal information shall be protected by the same security safeguards regardless of the sensitivity of the information.
B. The purpose for which personal information is collected shall be identified by the organization at or before the time the information is collected.
C. The degree to which personal information must be kept accurate and complete is determined by whether its original purpose has been achieved.
D. Upon request, an individual shall be informed of the existence, use and disclosure of their personal information and shall be given access to that information.
What is the Canadian Courts
According to the Canadian Standards Association (CSA) Model Code, how long should personal information be retained?
A. Personal information should not be retained at all.
B. Personal information should be retained indefinitely as long as consent has been given.
C. Personal information should be retained for at least two years after the last administrative use.
D. Personal information should be retained as long as necessary for the fulfillment of the purpose of the collection.
Which of the following specifically differentiates between regular personal information and employee-related or work-product information?
A. The Privacy Act.
B. The Quebec Act.
C. British Columbia's Personal Information Protection Act (PIPA).
D. Personal Information Protection and Electronic Documents Act (PIPEDA).
Which of these employees would be subject to the Personal Information Protection and Electronic Documents Act (PIPEDA)?
A. The staff of an airline offering flights across Canada.
B. Underwriters for a New Brunswick insurance company.
C. Clerks at a Montreal credit union based out of Montreal.
D. The information technology department of the Saskatchewan Office of Residential Tenancies of Saskatchewan.
A commercial business in Canada is allowed to collect personal information without the knowledge or consent of the individual in all of the following circumstances EXCEPT when?
A. The collection is for journalistic or literary purposes.
B. The collection is in the interests of the individual and the consent cannot be obtained in a timely way.
C. The collection would lead to the creation of products that would benefit the public and consent would be difficult to obtain.
D. The collection, with the knowledge of the individual, would compromise the availability and accuracy of the information and the collection is reasonable for the purposes related to investigating a federal law.
After an investigation under the Privacy Act, the Privacy Commissioner could do any of the following EXCEPT?
A. Proceed to federal court to determine if the institution improperly withheld information from an individual.
B. Order an institution to take remedial action if it determines that the Act has been breached.
C. Recommend solutions to institutions to address identified shortcomings.
D. Compel institutions to give oral or written evidence.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IAPP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIPP-C exam preparations and IAPP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.