Please use the following to answer the next question: Penny has recently joined Ace Space, a company that sells homeware accessories online, as its new privacy officer. The company is based in California but thanks to some great publicity from a social media influencer last year, the company has received an influx of sales from […]

What is one important factor that Albert fails to consider regarding Treasure Box’s response to their recent security incident? A. Who has access to the data B. What the nature of the data is C. How data at the company is collected D. How long data at the company is kept

Based on Albert’s observations regarding recent security incidents, which of the following should he suggest as a priority for Treasure Box? A. Appointing an internal ombudsman to address employee complaints regarding hours and pay. B. Using a third-party auditor to address privacy protection issues not recognized by the prior internal audits. C. Working with the […]

Based on Albert’s observations, executive leadership should most likely pay closer attention to what? A. Awareness campaigns with confusing information B. Obsolete data processing systems C. Outdated security frameworks D. Potential in-house threats

On which of the following topics does Albert most likely need additional knowledge? A. The role of privacy in retail companies B. The necessary maturity level of privacy programs C. The possibility of delegating responsibilities related to privacy D. The requirements for a managerial position with privacy protection duties

Please use the following to answer the next question: For 15 years, Albert has worked at Treasure Box – a mail order company in the United States (U.S.) that used to sell decorative candles around the world, but has recently decided to limit its shipments to customers in the 48 contiguous states. Despite his years […]

What is the key factor that lays the foundation for all other elements of a privacy program? A. The applicable privacy regulations B. The structure of a privacy team C. A privacy mission statement D. A responsible internal stakeholder

Which of the following is an example of Privacy by Design (PbD)? A. A company hires a professional to structure a privacy program that anticipates the increasing demands of new laws. B. The human resources group develops a training program from employees to become certified in privacy policy. C. A labor union insists that the […]

In privacy protection, what is a “covered entity”? A. Personal data collected by a privacy organization B. An organization subject to the privacy provisions of HIPAA C. A privacy office or team fully responsible for protecting personal information D. Hidden gaps in privacy protection that may go unnoticed without expert analysis Reference: https://www.healthit.gov/sites/default/files/pdf/privacy/onc_privacy_and_security_chapter4_v1_022112.pdf

How are individual program needs and specific organizational goals identified in privacy framework development? A. By employing metrics to align privacy protection with objectives B. Through conversations with the privacy team C. By employing an industry-standard needs analysis D. Through creation of the business case Reference: https://www.nist.gov/system/files/documents/2020/01/16/NIST%20Privacy%20Framework_V1.0.pdf