For a third country, a territory or one or more specified sectors within that third country, or an international organization to be granted an adequacy decision under EU GDPR. The law of that region must be:
A. Identical to EU GDPRWhich of the following is outside the scope of an organization's privacy incident management plan?
A. Detection of leakage of personal informationXYZ Inc of USA has setup a captive back office operations center in India. The captive is registered as a separate legal entity by the name XYZ India Private Limited and provides services only to XYZ Inc by catering its technology support needs. During the process of providing services, the Indian entity does not receive any customer information of the XYZ Inc. However, information such as financial information and biometric information etc. of the employees of XYZ India is
shared with the XYZ Inc.
What necessary steps need to be taken before actual sharing of the aforesaid information happens?
1.
Seek consent from the employees of XYZ India before sharing the information;
2.
A lawful contract between the XYZ Inc and XYZ India regarding the terms of sharing and data protection measures to be taken, with the obligation on XYZ Inc of not sharing the received information further without permission from Indian entity;
3.
The XYZ Inc should agree to provide better or at-par level of data protection as prescribed in the IT (Amendment) Act, 2008;
4.
The country in which the XYZ Inc is located should ensure better or same level of data protection as prescribed in the IT (Amendment) Act, 2008
A. 1 and 2As per Article 33 of GDPR, in case of a personal data breach, the data controller has to inform the supervisory authority within ___________ of becoming aware of the breach.
A. 48 hoursA ___________ is typically provided at the time of PI collection from the data subject.
A. NoticeCompanies based in EU and willing to transfer data outside the EU/EEA, use model contracts as an instrument. Which of the following statements are true in reference to above statement?
A. It is a requirement mentioned in EU Data Protection Directive____________ is used to identify and reduce privacy risks by analyzing that is processed by the entity and the policies in place to protect the data.
A. Privacy Impact AssessmentWhich among the following organizations does not issue a privacy seal?
A. EuroPriSeWhich one of the following is considered as the first step of evolution in the formation of today's concept of privacy?
A. Fundamental civil libertyTo establish a privacy organization structure in a bank, which one of the following is least practiced by the industry for the positioning of privacy organization?
A. Privacy reporting to the Chief Information Officer (CIO)Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only DSCI exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your DCPP-01 exam preparations and DSCI certification application, do not hesitate to visit our Vcedump.com to find your solutions here.