CIPP-US Exam Questions

In which situation would a policy of "no consumer choice" or "no option" be expected?

What is the main challenge financial institutions face when managing user preferences?

A large online bookseller decides to contract with a vendor to manage Personal Information (PI). What is the least important factor for the company to consider when selecting the v...

SCENARIO Please use the following to answer the next question: Matt went into his son's bedroom one evening and found him stretched out on his bed typing on his laptop. "Doing your...

What important action should a health care provider take if the she wants to qualify for funds under the Health Information Technology for Economic and Clinical Health Act (HITECH)...

All of the following organizations are specified as covered entities under the Health Insurance Portability and Accountability Act (HIPAA) EXCEPT?

A covered entity suffers a ransomware attack that affects the personal health information (PHI) of more than 500 individuals. According to Federal law under HIPAA, which of the fol...

What consumer protection did the Fair and Accurate Credit Transactions Act (FACTA) require?

Who has rulemaking authority for the Fair Credit Reporting Act (FCRA) and the Fair and Accurate Credit Transactions Act (FACTA)?

Under the Fair and Accurate Credit Transactions Act (FACTA), what is the most appropriate action for a car dealer holding a paper folder of customer credit reports?

When may a financial institution share consumer information with non-affiliated third parties for marketing purposes?

What are banks required to do under the Gramm-Leach-Bliley Act (GLBA)?

SCENARIO Please use the following to answer the next question: Declan has just started a job as a nursing assistant in a radiology department at Woodland Hospital. He has also star...

SCENARIO Please use the following to answer the next question: Declan has just started a job as a nursing assistant in a radiology department at Woodland Hospital. He has also star...

SCENARIO Please use the following to answer the next question: Declan has just started a job as a nursing assistant in a radiology department at Woodland Hospital. He has also star...

Which entities must comply with the Telemarketing Sales Rule?

Under the Telemarketing Sales Rule, what characteristics of consent must be in place for an organization to acquire an exception to the Do-Not-Call rules for a particular consumer?

When does the Telemarketing Sales Rule require an entity to share a do-not-call request across its organization?

Within what time period must a commercial message sender remove a recipient's address once they have asked to stop receiving future e-mail?

A student has left high school and is attending a public postsecondary institution. Under what condition may a school legally disclose educational records to the parents of the stu...

In what way does the "Red Flags Rule" under the Fair and Accurate Credit Transactions Act (FACTA) relate to the owner of a grocery store who uses a money wire service?

Which of the following is an important implication of the Dodd-Frank Wall Street Reform and Consumer Protection Act?

Which act violates the Family Educational Rights and Privacy Act of 1974 (FERPA)?

According to FERPA, when can a school disclose records without a student's consent?

What is the main purpose of the CAN-SPAM Act?

The Video Privacy Protection Act of 1988 restricted which of the following?

The Cable Communications Policy Act of 1984 requires which activity?

What is the main purpose of requiring marketers to use the Wireless Domain Registry?

SCENARIO Please use the following to answer the next question: You are the chief privacy officer at HealthCo, a major hospital in a large U.S. city in statea. HealthCo is a HIPAA-c...

SCENARIO Please use the following to answer the next question: You are the chief privacy officer at HealthCo, a major hospital in a large U.S. city in statea. HealthCo is a HIPAA-c...

SCENARIO Please use the following to answer the next question: You are the chief privacy officer at HealthCo, a major hospital in a large U.S. city in statea. HealthCo is a HIPAA-c...

SCENARIO Please use the following to answer the next question: You are the chief privacy officer at HealthCo, a major hospital in a large U.S. city in statea. HealthCo is a HIPAA-c...

Which of the following types of information would an organization generally NOT be required to disclose to law enforcement?

A law enforcement subpoenas the ACME telecommunications company for access to text message records of a person suspected of planning a terrorist attack. The company had previously...

What practice do courts commonly require in order to protect certain personal information on documents, whether paper or electronic, that is involved in litigation?

What is an exception to the Electronic Communications Privacy Act of 1986 ban on interception of wire, oral and electronic communications?

What was the original purpose of the Foreign Intelligence Surveillance Act?

What practice does the USA FREEDOM Act NOT authorize?

Why was the Privacy Protection Act of 1980 drafted?

The rules for "e-discovery" mainly prevent which of the following?

What do the Civil Rights Act, Pregnancy Discrimination Act, Americans with Disabilities Act, Age Discrimination Act, and Equal Pay Act all have in common?

Which is an exception to the general prohibitions on telephone monitoring that exist under the U.S.Wiretap Act?

SCENARIO Please use the following to answer the next question: Larry has become increasingly dissatisfied with his telemarketing position at SunriseLynx, and particularly with his...

SCENARIO Please use the following to answer the next question: Larry has become increasingly dissatisfied with his telemarketing position at SunriseLynx, and particularly with his...

SCENARIO Please use the following to answer the next question: Larry has become increasingly dissatisfied with his telemarketing position at SunriseLynx, and particularly with his...

SCENARIO Please use the following to answer the next question: Larry has become increasingly dissatisfied with his telemarketing position at SunriseLynx, and particularly with his...

Which of the following best describes private-sector workplace monitoring in the United States?

Which of the following is most likely to provide privacy protection to private-sector employees in the United States?

What role does the U.S. Constitution play in the area of workplace privacy?

Most states with data breach notification laws indicate that notice to affected individuals must be sent in the "most expeditious time possible without unreasonable delay." By cont...