CIPP-US Exam Details

  • Exam Code
    :CIPP-US
  • Exam Name
    :Certified Information Privacy Professional/United States (CIPP/US)
  • Certification
    :IAPP Certifications
  • Vendor
    :IAPP
  • Total Questions
    :198 Q&As
  • Last Updated
    :Jun 28, 2026

IAPP CIPP-US Online Questions & Answers

  • Question 171:

    Which of the following best describes an employer's privacy-related responsibilities to an employee who has left the workplace?

    A. An employer has a responsibility to maintain a former employee's access to computer systems and company data needed to support claims against the company such as discrimination.
    B. An employer has a responsibility to permanently delete or expunge all sensitive employment records to minimize privacy risks to both the employer and former employee.
    C. An employer may consider any privacy-related responsibilities terminated, as the relationship between employer and employee is considered primarily contractual.
    D. An employer has a responsibility to maintain the security and privacy of any sensitive employment records retained for a legitimate business purpose.

  • Question 172:

    best describes how federal anti-discrimination laws protect the privacy of private-sector employees in the United States? Which of the following

    A. They prescribe working environments that are safe and comfortable.
    B. They limit the amount of time a potential employee can be interviewed.
    C. They promote a workforce of employees with diverse skills and interests.
    D. They limit the types of information that employers can collect about employees.

  • Question 173:

    What is the main purpose of the CAN-SPAM Act?

    A. To diminish the use of electronic messages to send sexually explicit materials
    B. To authorize the states to enforce federal privacy laws for electronic marketing
    C. To empower the FTC to create rules for messages containing sexually explicit content
    D. To ensure that organizations respect individual rights when using electronic advertising

  • Question 174:

    According to Section 5 of the FTC Act, self-regulation primarily involves a company's right to do what?

    A. Determine which bodies will be involved in adjudication
    B. Decide if any enforcement actions are justified
    C. Adhere to its industry's code of conduct
    D. Appeal decisions made against it

  • Question 175:

    What is the main reason some supporters of the European approach to privacy are skeptical about self-regulation of privacy practices?

    A. A large amount of money may have to be sent on improved technology and security
    B. Industries may not be strict enough in the creation and enforcement of rules
    C. A new business owner may not understand the regulations
    D. Human rights may be disregarded for the sake of privacy

  • Question 176:

    Under the Telemarketing Sales Rule, what characteristics of consent must be in place for an organization to acquire an exception to the Do-Not-Call rules for a particular consumer?

    A. The consent must be in writing, must state the times when calls can be made to the consumer and must be signed
    B. The consent must be in writing, must contain the number to which calls can be made and must have an end date
    C. The consent must be in writing, must contain the number to which calls can be made and must be signed
    D. The consent must be in writing, must have an end date and must state the times when calls can be made

  • Question 177:

    Which of the following federal agencies does NOT enforce the Disposal Rule under the Fair and Accurate Credit Transactions Act (FACTA)?

    A. The Office of the Comptroller of the Currency
    B. The Consumer Financial Protection Bureau
    C. The Department of Health and Human Services
    D. The Federal Trade Commission

  • Question 178:

    In March 2012, the FTC released a privacy report that outlined three core principles for companies handling consumer data. Which was NOT one of these principles?

    A. Simplifying consumer choice.
    B. Enhancing security measures.
    C. Practicing Privacy by Design.
    D. Providing greater transparency.

  • Question 179:

    The CFO of a pharmaceutical company is duped by a phishing email and discloses many of the company's employee personnel les to an online predator. The les include employee contact information, job applications, performance reviews, discipline records, and job descriptions.

    Which of the following state laws would be an affected employee's best recourse against the employer?

    A. The state social security number con dentiality statute.
    B. The state personnel record review statute.
    C. The state data destruction statute.
    D. The state UDAP statute.

  • Question 180:

    The Cable Communications Policy Act of 1984 requires which activity?

    A. Delivery of an annual notice detailing how subscriber information is to be used
    B. Destruction of personal information a maximum of six months after it is no longer needed
    C. Notice to subscribers of any investigation involving unauthorized reception of cable services
    D. Obtaining subscriber consent for disseminating any personal information necessary to render cable services

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IAPP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIPP-US exam preparations and IAPP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.