To establish a privacy organization structure in a bank, which one of the following is least practiced by the industry for the positioning of privacy organization?
A. Privacy reporting to the Chief Information Officer (CIO)
B. Privacy reporting to the Chief Risk Officer (CRO)
C. Privacy reporting to corporate communication function
D. Privacy reporting to legal function
A global Business Process Management (BPM) organization based in India, headquartered in the US is in receipt of a Request for Proposal (RFP) for a potential deal. The privacy function in this company has just got formulated.
Which of the following stage would be most effective for sales team to involve privacy function?
A. RFP response stage
B. Post-RFP stage once the BPM organization is selected as one of the potential service providers
C. During service provider evaluation stage based on RFP response, and face-to-face reviews of the service provider
D. During contract negotiation stage
ABC Health Care is a large healthcare delivery chain, with 8 hospitals and more than 20 health centers. It has decided to streamline its patient care system. The new system needs to integrate data from more than 20 clinical, scheduling, and billing systems. It needs to support all types of data-intensive projects, which includes masking sensitive health information.
You have been approached to address privacy concerns during integration of the new system. Arrange the below listed steps in sequential order for the most appropriate implementation of privacy protection measures.
I. Creating a privacy policy to safeguard the sensitive personal data
II. Measuring and monitoring privacy policy and processes implementation to provide ongoing proof that data has been protected
III. Defining and classifying sensitive personal data, including data and metadata patterns
IV.
Masking data consistently across the systems to meet various compliance standards
V.
Discovering where the sensitive personal data is stored across databases, applications, endpoints and servers
Please select the most logical sequence from below options:
A. II - I - IV - V
B. V - II - III - I - IV
C. III - V - I - IV - II
D. I - III - V - II - IV
Which of the following could be considered as the most beneficial aspect of implementing Privacy Enhancing Technologies or Tools (PETs)?
A. Improves the quality of the information.
B. Reduces audit, supervisory and management costs.
C. Increases users' control over their personal data.
D. Ensures security by design in all products and services.
Which among the following would not be characteristic of a good privacy notice?
A. Easy to understand
B. Clear and concise
C. Comprehensive ?explaining all the possible scenarios and processing details making the notice lengthy
D. Multilingual
Which of the following statement is incorrect?
A. Privacy policy may be derived from outcomes of privacy impact assessment.
B. Misuse of personal information available in public domain may be construed as a privacy violation.
C. A privacy policy once framed cannot be changed before the specified review period.
D. None of the Above
Which of the following mechanisms or steps are likely to be taken by an organization for implementing privacy program?
i Deploying physical and technology safeguards to protect personal information assets
ii. Privacy consideration in product and service design
iii. Privacy implementation to focus only on projects impacted by privacy breaches
iv.
Benchmarking against industry peers’ privacy implementation
v.
Installing privacy enhancing tools and technologies for the projects dealing with organization's intellectual property
Please select the correct set of statements from the below options:
A. All
B. All except iii
C. Only i, and ii
D. Only i, ii and iv
Which of the following aspects of personal information lifecycle management should the privacy function in an organization be concerned with
i. Policy definition
ii. Policy enforcement
iii. IT infrastructure setup
iv.
Physical infrastructure setup
A.
Only i.
B.
Only i. and ii.
C.
All
D.
All except iv
Please select the correct option:
Which of the following statements is true with respect to organization's privacy training and awareness program?
A. Should define roles and responsibilities of personnel in privacy function
B. Should cover employees of service provider dealing with personal information
C. Should necessarily cover official from Law Enforcement Agencies that request lawful access to personal information
D. None of the above
Which of the following factor is least likely to be considered while implementing or augmenting data security solution for privacy protection:
A. Security controls deployment at the database level
B. Information security infrastructure up-gradation in the organization
C. Classification of data type and its usage by various functions in the organization
D. Training and awareness program for third party organizations
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only DSCI exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your DCPP-01 exam preparations and DSCI certification application, do not hesitate to visit our Vcedump.com to find your solutions here.