nerdexam
IAPP

CIPP-US · Question #120

CIPP-US Question #120: Real Exam Question with Answer & Explanation

The correct answer is D. The state UDAP statute.. The state UDAP statute, which stands for Unfair and Deceptive Acts and Practices, is a law that protects consumers from unfair or deceptive business practices. In this case, the employer's failure to protect the employee's personal information from a phishing attack could be cons

Question

The CFO of a pharmaceutical company is duped by a phishing email and discloses many of the company's employee personnel files to an online predator. The files include employee contact information, job applications, performance reviews, discipline records, and job descriptions. Which of the following state laws would be an affected employee's best recourse against the employer?

Options

  • AThe state social security number confidentiality statute.
  • BThe state personnel record review statute.
  • CThe state data destruction statute.
  • DThe state UDAP statute.

Explanation

The state UDAP statute, which stands for Unfair and Deceptive Acts and Practices, is a law that protects consumers from unfair or deceptive business practices. In this case, the employer's failure to protect the employee's personal information from a phishing attack could be considered an unfair or deceptive act or practice that harmed the employee. The employee could sue the employer under the state UDAP statute for damages, injunctive relief, or other remedies.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CIPP-US Practice