Effective 2013, HIPAA Omnibus rule applies to which of the following?
A. Covered Entities only
B. Business Associates only
C. Covered Entities and Business Associates
D. Federal Health Bodies only
A US IT company has created a cloud based application for Canadian consumers only, with servers located in Vancouver, Canada. The application allows its users to publish their short stories, essays or e-books. The purpose of the application, i.e. literary work, is clearly stated in the terms and conditions which are mandatorily acknowledged by each user.
With respect to this application, the company must ensure compliance with:
A. PIPEDA
B. US Consumer Privacy Bill of Rights
C. EU Data Protection Directive
D. None of the above
Select the element(s) of APEC cross border privacy rules system from the following list:
i. self-assessment
ii. compliance review
iii. recognition/acceptance by APEC members
iv. dispute resolution and enforcement
Please select correct option:
A. i, ii and iii
B. ii, iii, and iv
C. i, iii and iv
D. i, ii, iii and iv
A ministry under government of India plans to collect citizens' information related to their education, medical condition, economic status, caste and religion. As per the privacy requirements mentioned under Sec 43A of IT (Amendment) Act, 2008, the citizens' `Consent' would be mandatory for which of the following elements before their collection?
A. Educational records
B. Medical condition
C. Caste and religion
D. Sec 43A may not be applicable
Which of the following legislations/ guidelines do not cover the concept of trans-border data flow?
A. OECD
B. IT (Amendment) Act, 2008
C. PIPEDA
D. None of the above
XYZ is a successful startup that acquired a respectable size and scale of operations in last 3 years, handling business process services for small and medium scale enterprises, largely in US and Europe. They are at the stage of closing a deal with a new banking client and working out the details of privacy related obligations in contract. Ensuring effective enforcement of which of the below listed privacy principles is client's accountability, even after outsourcing its loan approval process to XYZ?
I. Notice
II. Choice and Consent
III. Collection Limitation
IV.
Use Limitation
V.
Access and Correction
VI. Security
VII. Disclosure to third Party
Please select the correct set of principles from below listed options:
A. None of the above, since they are outsourcing the work to XYZ who will carry the liability going forward
B. All except V and VI
C. All except III
D. All of the above listed privacy principles
Companies based in EU and willing to transfer data outside the EU/EEA, use model contracts as an instrument.
Which of the following statements are true in reference to above statement?
A. It is a requirement mentioned in EU Data Protection Directive
B. It is a requirement mentioned in the OECD Privacy Framework
C. It is a requirement mentioned in the EU E-Commerce Directive
D. None of the above
After the rules were notified under section 43A of the IT (Amendment) Act, 2008, a clarification was issued by the government which exempted the service providers, which get access to/processes Sensitive Personal Data or information (SPDI) under contractual agreement with a legal entity located within or outside India.
Which privacy principle provisions notified under Sec 43A were exempted for the service providers?
A. Consent
B. Privacy policy (which is published)
C. Access and Correction
D. Disclosure of information
Complete the sentence: The Gramm-Leach-Bliley Act (GLBA) of US regulates the privacy practices adopted by financial institutions, requiring them to provide adequate security of the customer records. It lays various obligations on the financial institutions but allows such financial institutions to share the non-public information of customers (after properly notifying their consumers in a manner mentioned in the Act) with
A. Its affiliates only after obtaining explicit consent from the consumers
B. Its affiliates without need for obtaining explicit consent from the consumers for sharing their data
C. Its affiliates after disclosure in initial and annual GLBA privacy notices
D. Its affiliates after obtaining explicit permission of Federal Trade Commission
Which of the following privacy principle deals with informed consent of the data subject before sharing the personal information (of the data subject) to third parties for processing?
A. Collection limitation
B. Purpose limitation
C. Disclosure of information
D. Accountability
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only DSCI exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your DCPP-01 exam preparations and DSCI certification application, do not hesitate to visit our Vcedump.com to find your solutions here.