Free Access IAPP.CIPP-US.v2022-02-24.q69 Practice Test (Page 12)

Question 51

A covered entity suffers a ransomware attack that affects the personal health information (PHI) of more than 500 individuals. According to Federal law under HIPAA, which of the following would the covered entity NOT have to report the breach to?

A.Medical providers

B.Department of Health and Human Services

C.The local media

D.The affected individuals

Question 52

Which of the following statements is most accurate in regard to data breach notifications under federal and state laws:

A.The only obligations to provide data breach notification are under state law because currently there is no federal law or regulation requiring notice for the breach of personal information.

B.When you are required to provide an individual with notice of a data breach under any state's law, you must provide the individual with an offer for free credit monitoring.

C.You must notify the Federal Trade Commission (FTC) in addition to affected individuals if over 500 individuals are receiving notice.

D.When providing an individual with required notice of a data breach, you must identify what personal information was actually or likely compromised.

Question 53

Which authority supervises and enforces laws regarding advertising to children via the Internet?

A.The Federal Trade Commission

B.The Federal Communications Commission

C.The Department of Homeland Security

D.The Office for Civil Rights

Question 54

An organization self-certified under Privacy Shield must, upon request by an individual, do what?

A.Provide the identities of third and fourth parties that may potentially receive personal information.

B.Identify all personal information disclosed during a criminal investigation.

C.Provide the identities of third parties with whom the organization shares personal information.

D.Suspend the use of all personal information collected by the organization to fulfill its original purpose.

Question 55

In a case of civil litigation, what might a defendant who is being sued for distributing an employee's private information face?

A.Probation.

B.An injunction.

C.Criminal fines.

D.A jail sentence.

Other Version: 154IAPP.CIPP-US.v2025-09-17.q217; 1169IAPP.CIPP-US.v2025-03-08.q172; 753IAPP.CIPP-US.v2023-12-19.q62; 1160IAPP.CIPP-US.v2022-12-19.q64; 1886IAPP.CIPP-US.v2022-08-15.q68; 97IAPP.Braindumpspass.CIPP-US.v2022-01-17.by.alberta.65q.pdf; 1842IAPP.CIPP-US.v2021-11-01.q37

Latest Upload: 102Huawei.H35-210_V2.5.v2025-09-18.q127; 103NBMTM.BCMTMS.v2025-09-18.q34; 102Microsoft.PL-500.v2025-09-18.q152; 110GAQM.CDCS-001.v2025-09-17.q15; 116Huawei.H19-301_V4.0.v2025-09-17.q37; 105VMware.5V0-33.23.v2025-09-17.q24; 115Oracle.1Z0-1078-23.v2025-09-17.q30; 154IAPP.CIPP-US.v2025-09-17.q217; 158Salesforce.ADM-201.v2025-09-16.q192; 140SAP.C-HRHPC-2505.v2025-09-15.q26

Question 51

Question 52

Question 53

Question 54

Question 55

Download PDF File