With respect to privacy notice, what are the responsibilities of data controller?
A. Providing the notice before or during data collection
B. Identifying and communication the purposes for which data will be collected, used, and disclosed
C. Providing notice after the data collection
D. Providing notice at every instance of data processing
A privacy lead assessor assessing your company for DSCI's privacy certification gets to know that your payroll process has been outsourced to a third party service provider. So, he/she is reviewing your contract with that service provider to ascertain which privacy related clauses are incorporated in the contract.
What could be the possible reasons for reviewing the contract?
A. Possible violation of `Collection Limitation'
B. Possible violation of `Use Limitation'
C. Risk of data subjects directly reaching to service provider
D. Data security controls in third party provider's environment
Which of the following are key contributors that would enhance the complexity in implementing security measures for protection personal information?
A. Data collection through multiple modes and channels
B. Evolution of nimble and flexible business processes affecting access management
C. Regulatory requirements to issue privacy notice and data breach notification in specified format
D. Increasing focus on right to privacy
From the following list, identify the technology aspects that are specially designed for upholding the privacy:
i. Data minimization
ii. Intrusion prevention system
iii. Data scrambling
iv.
Data loss prevention
v.
Data portability
vi. Data obfuscation
vii. Data encryption
viii. Data mirroring
Please select the correct set of aspects from below options:
A. Only i., iii., vii. and viii
B. Only i., ii., iii., vii. and viii
C. Only i., ii., vi. and vii
D. Only ii., v., vi., vii. and viii
A company collects personal information about its employees and requests them to provide accurate information in order to avail benefits such as life insurance and medical insurance. Employees of the company have raised concerns about use of their personal information. Due to the concerns, the company has decided to create a privacy policy.
What all should the company include in its privacy policy to address the raised concerns?
A. The purpose of collection of personal data
B. The principle of presumed consent for data disclosure to avail benefits
C. Information about how personal information is processed and used, specifically
D. Contact details of Law Enforcement Agencies (LEA) to whom information is disclosed
A Privacy Impact Assessment (PIA) should ideally accomplish which of the following goals?
A. To determine the risks and effects of collecting, storing and distributing personal information
B. To evaluate processes for handling personal information for mitigating potential privacy risks
C. To acknowledge the organization's role in collecting personal identifiable information
D. To comply with ISO 27001:2013 standard
BS 10012 is a British standard used to establish ___________.
A. Personal information management system
B. Privacy technology architecture
C. Privacy reference architecture
D. Privacy by design framework
One of the main objectives of `Do Not Track' technology is to A. Opt out from the web based analytics services, advertising networks and social platforms
B. Opt out from call back services by e-commerce companies
C. Opt out from monitoring and surveillance programs of governments, intelligence and Law Enforcement Agencies
D. None of the above
Privacy enhancing tools aim to allow users to take one or more of the following actions related to their personal data that is sent to, and used by online service providers, merchants or other users:
i. Increase control over their personal data
ii. Choose whether to use services anonymously or not
iii. Obtain informed consent about sharing their personal data
iv.
Opt-out of behavioral advertising or any other use of data Please select correct option from below:
A.
Only i
B.
Only i and ii
C.
All
D.
Only ii
As a newly-appointed Data Protection officer of an IT company gearing up for DSCI's privacy certification, you are trying to understand what data elements are involved in each of the business process, function and if these data elements can be classified as sensitive personal information.
What is being accomplished with this effort?
A. Organization to get "Visibility" over its exposure to sensitive personal information
B. It is a part of the annual exercise per the organization's privacy policy/ processes
C. Information security controls for confidential information being reviewed
D. Gathering inputs to restructure privacy function
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only DSCI exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your DCPP-01 exam preparations and DSCI certification application, do not hesitate to visit our Vcedump.com to find your solutions here.