In Ontario, personal information can be withheld from disclosure in a Freedom of Information (FOI) request. The following information is included in a record that is the subject of a FOI request being handled by a hospital: employee name, employee title, employee designation, employee educational history, employee personal cell phone number, and feedback about the employee from a colleague.
Which of the following statements is accurate regarding what can be released?
A. Employee name and title can only be released if the employee consents.
B. The employee designation is not to be released as it is considered employment history.
C. Employee name, title, and designation can be released as it is not classified as personal information.
D. No employee information can be released as it is information that was collected throughout the course of employment.
In which instance is your personal information deemed publicly available?
A. You belong to a professional body and your name exists on a registry that meets legal requirements.
B. You volunteer for an organization and they register you on their contact list in order to book you for future shifts.
C. You applied to a variety of universities and your application data exists on a register by the admissions departments.
D. You contributed financial donations to your local church and your name exists on their list for income tax receipt purposes.
According to the Alberta Personal Information Protection Act, which of the following data breach reporting notifications to the commissioner is NOT automatically triggered when real risk of significant harm (RROSH) has been determined?
A. Providing a description of the steps the organization will take to notify the affected individual(s).
B. Providing a description of the steps the organization has taken to reduce or mitigate that harm.
C. Providing an estimate of the number of individuals affected by the breach.
D. Providing a description of the personal information involved in the breach.
What is required of a private sector organization that is subject to a finding by a Canadian federal or provincial Privacy Commissioner?
A. In Québec, comply with the finding as a binding decision.
B. Comply with findings of the Privacy Commissioner of Canada only.
C. In all jurisdictions, adopt and apply the finding within 30 days of the published report.
D. In Ontario only, apply for judicial review within a provincial court in order to accept or refute the finding.
Which question is NOT part of the Office of the Privacy Commissioner of Canada's (OPC's) four-point test for establishing whether providing access to genetic testing results goes beyond what is necessary or reasonable?
A. Are there less privacy-invasive alternatives?
B. Are the collection and the use proportionate to the benefits gained?
C. Are the validity and accuracy of individual test results guaranteed to be accurate?
D. Is the personal information likely to be effective in achieving a legitimate business purpose?
Which of the following provincial health acts is NOT considered substantially similar to the Personal Information Protection and Electronic Documents Act (PIPEDA)?
A. New Brunswick's Personal Health Information Privacy and Access Act (PHIPAA)
B. Ontario's Personal Health Information Protection Act (PHIPA).
C. Nova Scotia's Personal Health Information Act (PHIA).
D. Alberta's Health Information Act (HIA).
Which act also includes references to the Privacy Act?
A. The Access to Information Act.
B. The Children's Online Privacy Protection Act (COPPA).
C. The Telecommunications Intercept and Access (TIA) Act.
D. The Personal Information Protection and Electronic Documents Act (PIPEDA).
A private sector daycare's portal for parents stores their children's photos, allergy information and date of birth. A parent has asked about the portal's security requirements and in three months still not has received an answer. What is missing from the daycare's procedures?
A. Ensuring transparency.
B. Responding to the parent's request within 30 days.
C. Ensuring strong encryption and security measures.
D. Completing a real risk of significant harm assessment (RROSH).
Which case, brought before the Federal Court, helped determine that the Office of the Privacy Commissioner of Canada (OPC) had jurisdiction to investigate complaints about United States companies collecting, using and disclosing the personal information of individuals within Canada?
A. TJX Winners - Homesense.
B. Facebook: 2019.
C. Blood Tribe.
D. Abika.com.
What must an organization do to fulfill the Personal Information Protection and Electronic Documents Act's (PIPEDA) transparency requirements when transferring personal information to a foreign country?
A. Inform customers if data is to be transferred outside of Canada and solicit additional consent.
B. Give individuals with an existing business relationship the right to refuse transfer of their information.
C. Advise customers that their data may be accessed by another jurisdiction's courts or law enforcement.
D. Provide new customers with a measure-by-measure comparison of relevant foreign laws with Canadian laws.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IAPP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIPP-C exam preparations and IAPP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.