Free Access IAPP.CIPP-C.v2022-08-02.q111 Practice Test (Page 14)

Question 61

What was the aim of the European Data Protection Directive 95/46/EC?

A.To further reconcile the protection of the fundamental rights of individuals with the free flow of data from one member state to another.

B.To harmonize the implementation of the European Convention of Human Rights across all member states.

C.To implement the OECD Guidelines on the Protection of Privacy and trans-border flows of Personal Data.

D.To completely prevent the transfer of personal data out of the European Union.

Question 62

SCENARIO
Please use the following to answer the next QUESTION:
A US-based startup company is selling a new gaming application. One day, the CEO of the company receives an urgent letter from a prominent EU-based retail partner. Triggered by an unresolved complaint lodged by an EU resident, the letter describes an ongoing investigation by a supervisory authority into the retailer's data handling practices.
The complainant accuses the retailer of improperly disclosing her personal data, without consent, to parties in the United States. Further, the complainant accuses the EU-based retailer of failing to respond to her withdrawal of consent and request for erasure of her personal dat a. Your organization, the US-based startup company, was never informed of this request for erasure by the EU-based retail partner. The supervisory authority investigating the complaint has threatened the suspension of data flows if the parties involved do not cooperate with the investigation. The letter closes with an urgent request: "Please act immediately by identifying all personal data received from our company." This is an important partnership. Company executives know that its biggest fans come from Western Europe; and this retailer is primarily responsible for the startup's rapid market penetration.
As the Company's data privacy leader, you are sensitive to the criticality of the relationship with the retailer.
Upon review, the data privacy leader discovers that the Company's documented data inventory is obsolete. What is the data privacy leader's next best source of information to aid the investigation?

A.Database schemas held by the retailer

B.Reports on recent purchase histories

C.Lists of all customers, sorted by country

D.Interviews with key marketing personnel

Question 63

Global Manufacturing Co's Human Resources department recently purchased a new software tool. This tool helps evaluate future candidates for executive roles by scanning emails to see what those candidates say and what is said about them. This provides the HR department with an automated "360 review" that lets them know how the candidate thinks and operates, what their peers and direct reports say about them, and how well they interact with each other.
What is the most important step for the Human Resources Department to take when implementing this new software?

A.Making sure that the software does not unintentionally discriminate against protected groups.

B.Ensuring that the software contains a privacy notice explaining that employees have no right to privacy as long as they are running this software on organization systems to scan email systems.

C.Confirming that employees have read and signed the employee handbook where they have been advised that they have no right to privacy as long as they are using the organization's systems, regardless of the protected group or laws enforced by EEOC.

D.Providing notice to employees that their emails will be scanned by the software and creating automated profiles.

Question 64

According to the GDPR, how is pseudonymous personal data defined?

A.Data that has been encrypted or is subject to other technical safeguards.

B.Data that can no longer be attributed to a specific data subject, with no possibility of re-identifying the data.

C.Data that can no longer be attributed to a specific data subject without the use of additional information kept separately.

D.Data that has been rendered anonymous in such a manner that the data subject is no longer identifiable.

Question 65

How did the Fair and Accurate Credit Transactions Act (FACTA) amend the Fair Credit Reporting Act (FCRA)?

A.It expanded the definition of "consumer reports" to include communications relating to employee investigations

B.It increased the obligation of organizations to dispose of consumer data in ways that prevent unauthorized access

C.It stipulated the purpose of obtaining a consumer report can only be for a review of the employee's credit worthiness

D.It required employers to get an employee's consent in advance of requesting a consumer report for internal investigation purposes

Other Version: 748IAPP.CIPP-C.v2024-06-06.q79; 1269IAPP.CIPP-C.v2022-05-06.q52; 1417IAPP.CIPP-C.v2022-04-09.q60; 71IAPP.Fast2test.CIPP-C.v2021-09-28.by.herman.65q.pdf

Latest Upload: 103Huawei.H35-210_V2.5.v2025-09-18.q127; 103NBMTM.BCMTMS.v2025-09-18.q34; 103Microsoft.PL-500.v2025-09-18.q152; 110GAQM.CDCS-001.v2025-09-17.q15; 116Huawei.H19-301_V4.0.v2025-09-17.q37; 106VMware.5V0-33.23.v2025-09-17.q24; 115Oracle.1Z0-1078-23.v2025-09-17.q30; 154IAPP.CIPP-US.v2025-09-17.q217; 158Salesforce.ADM-201.v2025-09-16.q192; 140SAP.C-HRHPC-2505.v2025-09-15.q26

Question 61

Question 62

Question 63

Question 64

Question 65

Download PDF File