nerdexam
Isaca

CDPSE · Question #76

Which of the following should be done FIRST to establish privacy to design when developing a contact-tracing application?

The correct answer is A. Conduct a privacy impact assessment (PIA).. Conducting a privacy impact assessment (PIA) should be done first to establish privacy by design when developing a contact-tracing application. A PIA is a systematic process that identifies and evaluates the potential effects of personal data processing operations on the privacy

Privacy Governance

Question

Which of the following should be done FIRST to establish privacy to design when developing a contact-tracing application?

Options

  • AConduct a privacy impact assessment (PIA).
  • BConduct a development environment review.
  • CIdentify privacy controls for the application.
  • DIdentify differential privacy techniques.

How the community answered

(43 responses)
  • A
    88% (38)
  • B
    7% (3)
  • C
    2% (1)
  • D
    2% (1)

Explanation

Conducting a privacy impact assessment (PIA) should be done first to establish privacy by design when developing a contact-tracing application. A PIA is a systematic process that identifies and evaluates the potential effects of personal data processing operations on the privacy of individuals and the organization. A PIA helps to identify privacy risks and mitigation strategies at an early stage of development and ensures compliance with legal and regulatory requirements. Conducting a development environment review, identifying privacy controls, or identifying differential privacy techniques are important steps in privacy by design, but they should be done after conducting a PIA.

Topics

#Privacy Impact Assessment (PIA)#Privacy by Design#Risk Assessment#Application Development

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice