CDPSE Question #125: Real Exam Question with Answer & Explanation

The correct answer is C: Determine the categories of personal data collected. Before de-identifying data, it is important to determine the categories of personal data collected, such as names, addresses, phone numbers, email addresses, social security numbers, health information, and so on. This will help to identify which data elements are considered iden

Data Life Cycle

Question

An organization must de-identify its data before it is transferred to a third party. Which of the following should be done FIRST?

Options

AEncrypt the data at rest and in motion
BRemove the identifiers during the data transfer
CDetermine the categories of personal data collected
DEnsure logging is turned on for the database

Explanation

Before de-identifying data, it is important to determine the categories of personal data collected, such as names, addresses, phone numbers, email addresses, social security numbers, health information, and so on. This will help to identify which data elements are considered identifiers or quasi-identifiers, and which de-identification techniques are appropriate for each category. For example, some data elements may need to be removed completely, while others may be masked, generalized, or perturbed.

Topics

#Data de-identification#Data classification#Data inventory

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice Browse All CDPSE Questions