Question 1

Please use the following to answer the next question:

ProStorage is a multinational cloud storage provider headquartered in the Netherlands. Its CEO. Ruth Brown, has developed a two-pronged strategy for growth: 1) expand ProStorage s global customer base and 2) increase ProStorage's sales force by efficiently onboarding effective teams. Enacting this strategy has recently been complicated by Ruth's health condition, which has limited her working hours, as well as her ability to travel to meet potential customers. ProStorage's Human Resources department and Ruth's Chief of Staff now work together to manage her schedule and ensure that she is able to make all her medical appointments The latter has become especially crucial after Ruth's last trip to India, where she suffered a medical emergency and was hospitalized m New Delhi Unable to reach Ruths family, the hospital reached out to ProStorage and was able to connect with her Chief of Staff, who in coordination with Mary, the head of HR. provided information to the doctors based on accommodate on requests Ruth made when she started a: ProStorage

Why is the additional measure recommended by Jackie sufficient foe using UpFinance?

Options :

A : UpFinance is an established 7-year-old business.

B : UpFinance is in a highly regulated financial industry

C : UpFinance is based in a country without surveillance laws.

D : UpFinance implements sufficient data protection measures

Answer: C

Question 2

A company wishes to transfer personal data to a country outside of the European Union/EEA In order to do so, they are planning an assessment of the country's laws and practices, knowing that these may impinge upon the transfer safeguards they intend to use

All of the following factors would be relevant for the company to consider EXCEPT'?

Options :

A : Any onward transfers, such as transfers of personal data to a sub-processor in the same or another third country.

B : The process of modernization in the third country concerned and their access to emerging technologies that rely on international transfers of personal data

C : The technical, financial, and staff resources available to an authority m the third country concerned that may access the personal data to be transferred

D : The contractual clauses between the data controller or processor established in the European Union/EEA and the recipient of the transfer established in the third country concerned

Answer: B

Question 3

Why is advisable to avoid consent as a legal basis for an employer to process employee data?

Options :

A : Employee data can only be processed if there is an approval from the data protection officer.

B : Consent may not be valid if the employee feels compelled to provide it.

C : An employer might have difficulty obtaining consent from every employee.

D : Data protection laws do not apply to processing of employee data.

Answer: B

Question 4

Under the GDPR, which essential pieces of information must be provided to data subjects before collecting their personal data?

Options :

A : The authority by which the controller is collecting the data and the third parties to whom the data will be sent.

B : The name/s of relevant government agencies involved and the steps needed for revising the data.

C : The identity and contact details of the controller and the reasons the data is being collected.

D : The contact information of the controller and a description of the retention policy.

Answer: C

Question 5

According to the European Data Protection Board, if a controller that is not established in the EU but still subject to the GDPR becomes aware of a personal data breach, which supervisory authority or authorities must be notified?

Options :

A : Only the supervisory authority of the EU member state in which the controller-s EU representative (pursuant to Article 27) is established.

B : Only one lead supervisory authority, as a controller benefits from the one-stop shop mechanism under the GDPR’s enforcement regime.

C : Every supervisory authority of the EU member states where the controller is offering goods or services.

D : Every supervisory authority for which affected data subjects reside in their EU member state.

Answer: A

Higher Test Marks with Free Online CIPP-E Exam Practice

Buying Options: