DCPLA

What is a Data Subject? (Choose all that apply.)A . An individual who provides his/her data/information for availing any service B. An individual who processes the data/information of individuals for providing necessary services C. An individual whose data/information is processed D. A company providing PI of its employees for processing...

XYZ bank has recently decided to start offering online banking services. For doing so, the bank has outsourced its IT operations and processes to various third parties. Acknowledging privacy concerns, bank has decided to implement a privacy program. Assuming you have been tasked to deploy this framework for the bank,...

A newly appointed Data Protection officer is reviewing the organization’s existing privacy policy. Which of the following would be the most critical factor for the review process?A . Awareness of the business units about the privacy policy B. Changes in the legal/regulatory regime C. Privacy policies of industry peers D....

CORRECT TEXT FILL BLANK PIS The company has a well-defined and effectively implemented security policy. As in case of access control, the security controls vary in different client relationships based on the client requirements but certain basic or hygiene security practices / controls are implemented organization wide. The consultants have...

Which of the following are classified as Sensitive Personal Data or Information under Section 43A of ITAA, 2008? (Choose all that apply.)A . Password B. Financial information C. Sexual orientation D. Caste and religious beliefs E. Biometric information F. Medical records and historyView AnswerAnswer: B,C,E,F

Which of the following are the key factors that need to be considered for determining the applicability of the privacy principles? (Choose all that apply.)A . The role of the organization in determining the purpose of the data collection B. How and where the data is coming in the organization...

Which of the following statements is true with respect to organization’s privacy training and awareness program?A . It should define roles and responsibilities of personnel in privacy function B. It should cover employees of service provider dealing with personal information C. It should necessarily cover officials from Law Enforcement Agencies...

‘Map the legal and compliance requirements to each data element that an organization is dealing with in all of its business processes, enterprise and operational functions, and client relationships.’ This an imperative of which DPF practice area?A . Visibility over Personal Information (VPI) B. Privacy Organization and Relationship (POR) C....

As a newly appointed Data Protection officer of an IT company gearing up for DSCI’s privacy certification, you are trying to understand what data elements are involved in each of the business process, function and if these data elements can be classified as sensitive personal information. What is being accomplished...

Its mandatory for the assessee to provide the pre-requisites to the assessor organization before commencement of the first phase of assessment.A . True B. FalseView AnswerAnswer: A