SCENARIO
Please use the following to answer the next question:
A US-based startup company is selling a new gaming application. One day, the CEO of the company receives an urgent letter from a prominent EU-based retail partner. Triggered by an unresolved complaint lodged by an EU resident, the
letter describes an ongoing investigation by a supervisory authority into the retailer's data handling practices.
The complainant accuses the retailer of improperly disclosing her personal data, without consent, to parties in the United States. Further, the complainant accuses the EU-based retailer of failing to respond to her withdrawal of consent and
request for erasure of her personal data. Your organization, the US-based startup company, was never informed of this request for erasure by the EU-based retail partner. The supervisory authority investigating the complaint has threatened
the suspension of data flows if the parties involved do not cooperate with the investigation. The letter closes with an urgent request: "Please act immediately by identifying all personal data received from our company."
This is an important partnership. Company executives know that its biggest fans come from Western Europe; and this retailer is primarily responsible for the startup's rapid market penetration.
As the Company's data privacy leader, you are sensitive to the criticality of the relationship with the retailer.
Upon review, the data privacy leader discovers that the Company's documented data inventory is obsolete. What is the data privacy leader's next best source of information to aid the investigation?
A. Reports on recent purchase historiesAccording to the FTC Report of 2012, what is the main goal of Privacy by Design?
A. Obtaining consumer consent when collecting sensitive data for certain purposesWhich of the following statements is most accurate in regard to data breach notifications under federal and state laws:
A. You must notify the Federal Trade Commission (FTC) in addition to affected individuals if over 500 individuals are receiving notice.What is a legal document approved by a judge that formalizes an agreement between a governmental agency and an adverse party called?
A. A consent decreeCalifornia's SB 1386 was the first law of its type in the United States to do what?
A. Require commercial entities to disclose a security data breach concerning personal information about the state's residentsWhich of the following state laws has an entity exemption for organizations subject to the Gramm-Leach-Bliley Act (GLBA)?
A. Nevada Privacy Law.Once a breach has been de nitively established, which task should be prioritized next?
A. Involving law enforcement and state Attorneys General.In 2014, Google was alleged to have violated the Family Educational Rights and Privacy Act (FERPA) through its Apps for Education suite of tools. For what specific practice did students sue the company?
A. Scanning emails sent to and received by studentsA company's employee wellness portal offers an app to track exercise activity via users' mobile devices. Which of the following design techniques would most effectively inform users of their data privacy rights and privileges when using the app?
A. Offer information about data collection and uses at key data entry points.When may a financial institution share consumer information with non-affiliated third parties for marketing purposes?
A. After disclosing information-sharing practices to customers and after giving them an opportunity to opt in.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IAPP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIPP-US exam preparations and IAPP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.