Login / Register   My Cart (0)

DumpExams is an authorized company offering valid and latest dump exams & dumps VCE materials. Our dump exams & dumps VCE materials are high-quality; our passing rate is higher than others.

All Products Contact now
  • Home
  • Articles
  • [Oct 14, 2021] Updates Up to 365 days On Valid CIPP-US Braindumps [Q11-Q36]

[Oct 14, 2021] Updates Up to 365 days On Valid CIPP-US Braindumps [Q11-Q36]

Share

[Oct 14, 2021] Updates Up to 365 days On Valid CIPP-US Braindumps

Best QualityCIPP-US Exam Questions  IAPP Test To Gain Brilliante Result

NEW QUESTION 11
SCENARIO
Please use the following to answer the next QUESTION:
Cheryl is the sole owner of Fitness Coach, Inc., a medium-sized company that helps individuals realize their physical fitness goals through classes, individual instruction, and access to an extensive indoor gym. She has owned the company for ten years and has always been concerned about protecting customer's privacy while maintaining the highest level of service. She is proud that she has built long-lasting customer relationships.
Although Cheryl and her staff have tried to make privacy protection a priority, the company has no formal privacy policy. So Cheryl hired Janice, a privacy professional, to help her develop one.
After an initial assessment, Janice created a first of a new policy. Cheryl read through the draft and was concerned about the many changes the policy would bring throughout the company. For example, the draft policy stipulates that a customer's personal information can only be held for one year after paying for a service such as a session with personal trainer. It also promises that customer information will not be shared with third parties without the written consent of the customer. The wording of these rules worry Cheryl since stored personal information often helps her company to serve her customers, even if there are long pauses between their visits. In addition, there are some third parties that provide crucial services, such as aerobics instructors who teach classes on a contract basis. Having access to customer files and understanding the fitness levels of their students helps instructors to organize their classes.
Janice understood Cheryl's concerns and was already formulating some ideas for revision. She tried to put Cheryl at ease by pointing out that customer data can still be kept, but that it should be classified according to levels of sensitivity. However, Cheryl was skeptical. It seemed that classifying data and treating each type differently would cause undue difficulties in the company's day-to-day operations. Cheryl wants one simple data storage and access system that any employee can access if needed.
Even though the privacy policy was only a draft, she was beginning to see that changes within her company were going to be necessary. She told Janice that she would be more comfortable with implementing the new policy gradually over a period of several months, one department at a time. She was also interested in a layered approach by creating documents listing applicable parts of the new policy for each department.
What is the main problem with Cheryl's suggested method of communicating the new privacy policy?

  • A. Employees might not understand how the documents relate to the policy as a whole.
  • B. The policy would not be considered valid if not communicated in full.
  • C. The policy might not be implemented consistency across departments.
  • D. Employees would not be comfortable with a policy that is put into action over time.

Answer: C

 

NEW QUESTION 12
What is the main purpose of the Global Privacy Enforcement Network?

  • A. To promote universal cooperation among privacy authorities
  • B. To arbitrate disputes between countries over jurisdiction for privacy laws
  • C. To protect the interests of privacy consumer groups worldwide
  • D. To investigate allegations of privacy violations internationally

Answer: A

 

NEW QUESTION 13
Which of these organizations would be required to provide its customers with an annual privacy notice?

  • A. The Golden Gavel Auction House.
  • B. The King County Savings and Loan.
  • C. The Breezy City Housing Commission.
  • D. The Four Winds Tribal College.

Answer: A

 

NEW QUESTION 14
Which of the following best describes private-sector workplace monitoring in the United States?

  • A. Employers have broad authority to monitor their employees
  • B. Judgments in private lawsuits have severely limited the monitoring of employees
  • C. Most employees are protected from workplace monitoring by the U.S. Constitution
  • D. U.S. federal law restricts monitoring only to industries for which it is necessary

Answer: A

 

NEW QUESTION 15
Which jurisdiction must courts have in order to hear a particular case?

  • A. Personal jurisdiction and professional jurisdiction
  • B. Subject matter jurisdiction and professional jurisdiction
  • C. Subject matter jurisdiction and regulatory jurisdiction
  • D. Personal jurisdiction and subject matter jurisdiction

Answer: D

Explanation:
Reference:
~klett/chapter%25202%2520bl281%2520judicial%2520review%2520new.htm
+&cd=1&hl=en&ct=clnk&gl=pk&client=firefox-b-e

 

NEW QUESTION 16
Which action is prohibited under the Electronic Communications Privacy Act of 1986?

  • A. Accessing stored communications with the consent of the sender or recipient of the message
  • B. Monitoring employee telephone calls of a personal nature
  • C. Intercepting electronic communications and unauthorized access to stored communications
  • D. Monitoring all employee telephone calls

Answer: C

 

NEW QUESTION 17
The U.S. Supreme Court has recognized an individual's right to privacy over personal issues, such as contraception, by acknowledging which of the following?

  • A. Federal preemption of state constitutions that expressly recognize an individual right to privacy.
  • B. The doctrine of stare decisis, which allows the U.S. Supreme Court to follow the precedent of previously decided case law.
  • C. An interpretation of the U.S. Constitution's explicit definition of privacy that extends to personal issues.
  • D. A "penumbra" of unenumerated constitutional rights as well as more general protections of due process of law.

Answer: D

 

NEW QUESTION 18
In which situation would a policy of "no consumer choice" or "no option" be expected?

  • A. When a job applicant's credit report is provided to an employer
  • B. When a patient's health record is made available to a pharmaceutical company
  • C. When a customer's financial information is requested by the government
  • D. When a customer's street address is shared with a shipping company

Answer: D

 

NEW QUESTION 19
What is an exception to the Electronic Communications Privacy Act of 1986 ban on interception of wire, oral and electronic communications?

  • A. If an organization intercepts an employee's purely personal call
  • B. Where state law permits such interception
  • C. Where one of the parties has given consent
  • D. Only if all parties have given consent

Answer: A

Explanation:
Explanation/Reference: https://www.sciencedirect.com/topics/computer-science/electronic-communications-privacy-act

 

NEW QUESTION 20
What type of material is exempt from an individual's right to disclosure under the Privacy Act?

  • A. Material requires by statute to be maintained and used solely for research purposes.
  • B. Material reporting investigative efforts pertaining to the enforcement of criminal law.
  • C. Material used to determine potential collaboration with foreign governments in negotiation of trade deals.
  • D. Material reporting investigative efforts to prevent unlawful persecution of an individual.

Answer: C

 

NEW QUESTION 21
Which of the following best describes an employer's privacy-related responsibilities to an employee who has left the workplace?

  • A. An employer has a responsibility to maintain a former employee's access to computer systems and company data needed to support claims against the company such as discrimination.
  • B. An employer may consider any privacy-related responsibilities terminated, as the relationship between employer and employee is considered primarily contractual.
  • C. An employer has a responsibility to permanently delete or expunge all sensitive employment records to minimize privacy risks to both the employer and former employee.
  • D. An employer has a responsibility to maintain the security and privacy of any sensitive employment records retained for a legitimate business purpose.

Answer: C

 

NEW QUESTION 22
What is the most important action an organization can take to comply with the FTC position on retroactive changes to a privacy policy?

  • A. Obtaining affirmative consent from its customers.
  • B. Reassuring customers of the security of their information.
  • C. Publicizing the policy changes through social media.
  • D. Describing the policy changes on its website.

Answer: A

 

NEW QUESTION 23
Global Manufacturing Co's Human Resources department recently purchased a new software tool. This tool helps evaluate future candidates for executive roles by scanning emails to see what those candidates say and what is said about them. This provides the HR department with an automated "360 review" that lets them know how the candidate thinks and operates, what their peers and direct reports say about them, and how well they interact with each other.
What is the most important step for the Human Resources Department to take when implementing this new software?

  • A. Making sure that the software does not unintentionally discriminate against protected groups.
  • B. Ensuring that the software contains a privacy notice explaining that employees have no right to privacy as long as they are running this software on organization systems to scan email systems.
  • C. Confirming that employees have read and signed the employee handbook where they have been advised that they have no right to privacy as long as they are using the organization's systems, regardless of the protected group or laws enforced by EEOC.
  • D. Providing notice to employees that their emails will be scanned by the software and creating automated profiles.

Answer: A

Explanation:
Explanation/Reference: https://www.beckage.com/tag/artificial-intelligence/

 

NEW QUESTION 24
SCENARIO
Please use the following to answer the next QUESTION
Matt went into his son's bedroom one evening and found him stretched out on his bed typing on his laptop. "Doing your homework?" Matt asked hopefully.
"No," the boy said. "I'm filling out a survey."
Matt looked over his son's shoulder at his computer screen. "What kind of survey?" "It's asking Question:s about my opinions."
"Let me see," Matt said, and began reading the list of Question:s that his son had already answered. "It's asking your opinions about the government and citizenship. That's a little odd. You're only ten." Matt wondered how the web link to the survey had ended up in his son's email inbox. Thinking the message might have been sent to his son by mistake he opened it and read it. It had come from an entity called the Leadership Project, and the content and the graphics indicated that it was intended for children. As Matt read further he learned that kids who took the survey were automatically registered in a contest to win the first book in a series about famous leaders.
To Matt, this clearly seemed like a marketing ploy to solicit goods and services to children. He asked his son if he had been prompted to give information about himself in order to take the survey. His son told him he had been asked to give his name, address, telephone number, and date of birth, and to answer Question:s about his favorite games and toys.
Matt was concerned. He doubted if it was legal for the marketer to collect information from his son in the way that it was. Then he noticed several other commercial emails from marketers advertising products for children in his son's inbox, and he decided it was time to report the incident to the proper authorities.
Depending on where Matt lives, the marketer could be prosecuted for violating which of the following?

  • A. Unfair and Deceptive Acts and Practices laws.
  • B. Red Flag Rules.
  • C. Consumer Bill of Rights.
  • D. Investigative Consumer Reporting Agencies Act.

Answer: A

 

NEW QUESTION 25
Which of the following describes the most likely risk for a company developing a privacy policy with standards that are much higher than its competitors?

  • A. Being more closely scrutinized for any breaches of policy
  • B. Attracting skepticism from auditors
  • C. Having a security system failure
  • D. Getting accused of discriminatory practices

Answer: A

 

NEW QUESTION 26
What are banks required to do under the Gramm-Leach-Bliley Act (GLBA)?

  • A. Process requests for changes to user preferences within a designated time frame
  • B. Conduct annual consumer surveys regarding satisfaction with user preferences
  • C. Offer an Opt-Out before transferring PI to an unaffiliated third party for the latter's own use
  • D. Provide consumers with the opportunity to opt out of receiving telemarketing phone calls

Answer: C

Explanation:
Explanation/Reference: https://www.investopedia.com/terms/g/glba.asp

 

NEW QUESTION 27
The rules for "e-discovery" mainly prevent which of the following?

  • A. A conflict between business practice and technological safeguards
  • B. The loss of information due to poor data retention practices
  • C. A breach of an organization's data retention program
  • D. The practice of employees using personal devices for work

Answer: B

 

NEW QUESTION 28
SCENARIO
Please use the following to answer the next QUESTION:
Matt went into his son's bedroom one evening and found him stretched out on his bed typing on his laptop. "Doing your network?" Matt asked hopefully.
"No," the boy said. "I'm filling out a survey."
Matt looked over his son's shoulder at his computer screen. "What kind of survey?" "It's asking Questions about my opinions."
"Let me see," Matt said, and began reading the list of Questions that his son had already answered. "It's asking your opinions about the government and citizenship. That's a little odd. You're only ten." Matt wondered how the web link to the survey had ended up in his son's email inbox. Thinking the message might have been sent to his son by mistake he opened it and read it. It had come from an entity called the Leadership Project, and the content and the graphics indicated that it was intended for children. As Matt read further he learned that kids who took the survey were automatically registered in a contest to win the first book in a series about famous leaders.
To Matt, this clearly seemed like a marketing ploy to solicit goods and services to children. He asked his son if he had been prompted to give information about himself in order to take the survey. His son told him he had been asked to give his name, address, telephone number, and date of birth, and to answer Questions about his favorite games and toys.
Matt was concerned. He doubted if it was legal for the marketer to collect information from his son in the way that it was. Then he noticed several other commercial emails from marketers advertising products for children in his son's inbox, and he decided it was time to report the incident to the proper authorities.
How could the marketer have best changed its privacy management program to meet COPPA "Safe Harbor" requirements?

  • A. By regularly assessing the security risks to consumer privacy
  • B. By participating in an approved self-regulatory program
  • C. By receiving FTC approval for the content of its emails
  • D. By making a COPPA privacy notice available on website

Answer: C

 

NEW QUESTION 29
SCENARIO
Please use the following to answer the next QUESTION
Felicia has spent much of her adult life overseas, and has just recently returned to the U.S. to help her friend Celeste open a jewelry store in Californi a. Felicia, despite being excited at the prospect, has a number of security concerns, and has only grudgingly accepted the need to hire other employees. In order to guard against the loss of valuable merchandise, Felicia wants to carefully screen applicants. With their permission, Felicia would like to run credit checks, administer polygraph tests, and scrutinize videos of interviews. She intends to read applicants' postings on social media, ask Question:s about drug addiction, and solicit character references. Felicia believes that if potential employees are serious about becoming part of a dynamic new business, they will readily agree to these requirements.
Felicia is also in favor of strict employee oversight. In addition to protecting the inventory, she wants to prevent mistakes during transactions, which will require video monitoring. She also wants to regularly check the company vehicle's GPS for locations visited by employees. She also believes that employees who use their own devices for work-related purposes should agree to a certain amount of supervision.
Given her high standards, Felicia is skeptical about the proposed location of the store. She has been told that many types of background checks are not allowed under California law. Her friend Celeste thinks these worries are unfounded, as long as applicants verbally agree to the checks and are offered access to the results. Nor does Celeste share Felicia's concern about state breach notification laws, which, she claims, would be costly to implement even on a minor scale. Celeste believes that even if the business grows a customer database of a few thousand, it's unlikely that a state agency would hassle an honest business if an accidental security incident were to occur.
In any case, Celeste feels that all they need is common sense - like remembering to tear up sensitive documents before throwing them in the recycling bin. Felicia hopes that she's right, and that all of her concerns will be put to rest next month when their new business consultant (who is also a privacy professional) arrives from North Carolina.
Regarding credit checks of potential employees, Celeste has a misconception regarding what?

  • A. Disclosure requirements.
  • B. Employment-at-will rules.
  • C. Consent requirements.
  • D. Records retention policies

Answer: C

 

NEW QUESTION 30
Which of the following became the first state to pass a law specifically regulating the collection of biometric data?

  • A. Washington.
  • B. Illinois.
  • C. California.
  • D. Texas.

Answer: B

 

NEW QUESTION 31
Which of the following best describes how federal anti-discrimination laws protect the privacy of private-sector employees in the United States?

  • A. They promote a workforce of employees with diverse skills and interests.
  • B. They prescribe working environments that are safe and comfortable.
  • C. They limit the amount of time a potential employee can be interviewed.
  • D. They limit the types of information that employers can collect about employees.

Answer: B

 

NEW QUESTION 32
According to FERPA, when can a school disclose records without a student's consent?

  • A. If the disclosure is to provide transcripts to a school where a student intends to enroll
  • B. If the disclosure is to practitioners who are involved in a student's health care
  • C. If the disclosure would not reveal a student's student identification number
  • D. If the disclosure is not to be conducted through email to the third party

Answer: A

Explanation:
Explanation/Reference: https://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html

 

NEW QUESTION 33
John, a California resident, receives notification that a major corporation with $500 million in annual revenue has experienced a data breach. John's personal information in their possession has been stolen, including his full name and social security numb. John also learns that the corporation did not have reasonable cybersecurity measures in place to safeguard his personal information.
Which of the following answers most accurately reflects John's ability to pursue a legal claim against the corporation under the California Consumer Privacy Act (CCPA)?

  • A. John can sue the corporation for the data breach but only to recover monetary damages he actually suffered as a result of the data breach.
  • B. John has no right to sue the corporation because the CCPA does not address any data breach rights.
  • C. John cannot sue the corporation for the data breach because only the state's Attoney General has authority to file suit under the CCPA.
  • D. John can sue the corporation for the data breach to recover monetary damages suffered as a result of the data breach, and in some circumstances seek statutory damages irrespective of whether he suffered any financial harm.

Answer: A

 

NEW QUESTION 34
Although an employer may have a strong incentive or legal obligation to monitor employees' conduct or behavior, some excessive monitoring may be considered an intrusion on employees' privacy? Which of the following is the strongest example of excessive monitoring by the employer?

  • A. An employer who installs data loss prevention software on all employee computers to limit transmission of confidential company information.
  • B. An employer who installs a video monitor in physical locations, such as a warehouse, to ensure employees are performing tasks in a safe manner and environment.
  • C. An employer who records all employee phone calls that involve financial transactions with customers completed over the phone.
  • D. An employer who installs video monitors in physical locations, such as a changing room, to reduce the risk of sexual harassment.

Answer: D

 

NEW QUESTION 35
SCENARIO
Please use the following to answer the next QUESTION:
Declan has just started a job as a nursing assistant in a radiology department at Woodland Hospital. He has also started a program to become a registered nurse.
Before taking this career path, Declan was vaguely familiar with the Health Insurance Portability and Accountability Act (HIPAA). He now knows that he must help ensure the security of his patients' Protected Health Information (PHI). Therefore, he is thinking carefully about privacy issues.
On the morning of his first day, Declan noticed that the newly hired receptionist handed each patient a HIPAA privacy notice. He wondered if it was necessary to give these privacy notices to returning patients, and if the radiology department could reduce paper waste through a system of one-time distribution.
He was also curious about the hospital's use of a billing company. He Questioned whether the hospital was doing all it could to protect the privacy of its patients if the billing company had details about patients' care.
On his first day Declan became familiar with all areas of the hospital's large radiology department. As he was organizing equipment left in the halfway, he overheard a conversation between two hospital administrators. He was surprised to hear that a portable hard drive containing non-encrypted patient information was missing. The administrators expressed relief that the hospital would be able to avoid liability. Declan was surprised, and wondered whether the hospital had plans to properly report what had happened.
Despite Declan's concern about this issue, he was amazed by the hospital's effort to integrate Electronic Health Records (EHRs) into the everyday care of patients. He thought about the potential for streamlining care even more if they were accessible to all medical facilities nationwide.
Declan had many positive interactions with patients. At the end of his first day, he spoke to one patient, John, whose father had just been diagnosed with a degenerative muscular disease. John was about to get blood work done, and he feared that the blood work could reveal a genetic predisposition to the disease that could affect his ability to obtain insurance coverage. Declan told John that he did not think that was possible, but the patient was wheeled away before he could explain why. John plans to ask a colleague about this.
In one month, Declan has a paper due for one his classes on a health topic of his choice. By then, he will have had many interactions with patients he can use as examples. He will be pleased to give credit to John by name for inspiring him to think more carefully about genetic testing.
Although Declan's day ended with many Questions, he was pleased about his new position.
How can the radiology department address Declan's concern about paper waste and still comply with the Health Insurance Portability and Accountability Act (HIPAA)?

  • A. Post the privacy notice in a prominent location instead
  • B. Confirm that patients are given the privacy notice on their first visit Section: (none) Explanation
  • C. State the privacy policy to the patient verbally
  • D. Direct patients to the correct area of the hospital website

Answer: D

 

NEW QUESTION 36
......

Focus on CIPP-US All-in-One Exam Guide For Quick Preparation: https://www.dumpexams.com/CIPP-US-real-answers.html

Tested Material Used To CIPP-US: https://drive.google.com/open?id=13EGStttpVkgD49azL0Ubog2qMBE8JlJq

Related Articles

more
IAPP CIPP-US Certification Practice Exam

DumpExams is an authorized company offering valid and latest dump exams & dumps VCE materials. Our dump exams & dumps VCE materials are high-quality; our passing rate is higher than others.

Latest Dumps Exams

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Dumpexams NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy