Viele Kandidaten, die sich auf die IAPP CIPP-US Zertifizierungsprüfung vorbereiten, haben auf anderen Websites auch die Online-Ressourcen zur IAPP CIPP-US Zertifizierungsprüfung gesehen. Aber unser ExamFragen ist eine einzige Website, die von den professionellen IT-Experten nach den Nachschlagen bearbeiteten IAPP CIPP-US Prüfungsfragen und Antworten bieten. Wir versprechen, das Sie mit unseren Schulungsunterlagen die IAPP CIPP-US Zertifizierungsprüfung beim ersten Versuch bestehen können.
Die IAPP CIPP-US (Certified Information Privacy Professional/United States) ist eine angesehene Zertifizierung für Fachleute im Bereich Datenschutz. Diese Zertifizierung wird von der International Association of Privacy Professionals (IAPP) vergeben, der größten und angesehensten globalen Vereinigung für Datenschutzfachleute. Die CIPP-US-Prüfung soll das Wissen eines Kandidaten über Datenschutzgesetze und -vorschriften in den USA sowie ihre Fähigkeit zur Umsetzung und Verwaltung von Datenschutzprogrammen in Organisationen testen.
Eine breite Vielzahl von IAPP CIPP-US Prüfungsfragen und Antworten aus ExamFragen sind logisch. IAPP CIPP-US Zertifizierungsantworten aus ExamFragen sind gleich wie die in der realen Prüfung. Vor dem Kauf der IAPP CIPP-US Echte Fragen können Sie kostenlose Demo zum Teil auf der Website www.ExamFragen.de herunterladen.
Die CIPP-US-Prüfung wird als Standard für Datenschutzfachleute in den Vereinigten Staaten anerkannt. Personen, die die Prüfung bestehen, zeigen ihr Wissen und Verständnis für die komplexen und vielschichtigen Bereiche des Datenschutzrechts und der Praxis. Die Zertifizierung gibt Arbeitgebern und Kunden ein klares Signal für die Fähigkeiten und Kompetenzen des Inhabers bei der Bewältigung von Datenschutzproblemen.
180. Frage
When may a financial institution share consumer information with non-affiliated third parties for marketing purposes?
Antwort: D
Begründung:
According to the Gramm-Leach-Bliley Act (GLBA) and its implementing Regulation P, a financial institution may share consumer information with non-affiliated third parties for marketing purposes only after disclosing its information-sharing practices to customers and after giving them an opportunity to opt out of such sharing. The GLBA defines a customer as a consumer who has a continuing relationship with a financial institution that provides one or more financial products or services to be used primarily for personal, family, or household purposes. A consumer is an individual who obtains or has obtained a financial product or service from a financial institution that is to be used primarily for personal, family, or household purposes, or that individual's legal representative. A non-affiliated third party is any person except a financial institution's affiliate or a person employed jointly by a financial institution and a company that is not the financial institution's affiliate. An affiliate is any company that controls, is controlled by, or is under common control with another company.
The GLBA requires that a financial institution provide a privacy notice to customers: (i) at the time of establishing the customer relationship; (ii) annually during the continuation of the customer relationship; and (iii) before disclosing any nonpublic personal information (NPI) about the customer to any non-affiliated third party, unless an exception applies. The privacy notice must describe the categories of NPI that the financial institution collects and discloses; the categories of affiliates and non-affiliated third parties to whom the financial institution discloses NPI; the categories of NPI disclosed to service providers and joint marketers; the policies and practices with respect to protecting the confidentiality and security of NPI; and the disclosures of NPI to which the customer has a right to opt out. The financial institution must also provide a reasonable means for the customer to opt out of the disclosure of NPI to non-affiliated third parties, such as a check-off box, a reply form, or a toll-free telephone number. The opt-out notice must be clear and conspicuous, and must state that the customer can opt out at any time. The opt-out notice must also explain how the customer can opt out, and the effect of opting out. The financial institution must honor the customer's opt-out direction as soon as reasonably practicable after receiving it, and must not disclose any NPI to which the opt-out applies, unless an exception applies. The GLBA provides several exceptions to the opt-out requirement, such as when the disclosure of NPI is necessary to effect, administer, or enforce a transaction requested or authorized by the customer; when the disclosure of NPI is required or permitted by law; when the disclosure of NPI is to a consumer reporting agency in accordance with the Fair Credit Reporting Act; or when the disclosure of NPI is to a person that performs marketing services on behalf of the financial institution or on behalf of the financial institution and another financial institution under a joint marketing agreement. A joint marketing agreement is a formal written contract between a financial institution and any other person under which the parties agree to offer, endorse, or sponsor a financial product or service. The joint marketing agreement must prohibit the other person from using or disclosing the NPI for any purpose other than offering, endorsing, or sponsoring the financial product or service covered by the agreement.
The GLBA also requires that a financial institution provide a privacy notice to consumers who are not customers before disclosing any NPI about the consumer to any non-affiliated third party, unless an exception applies. The financial institution does not need to provide an opt-out notice to consumers who are not customers, unless it has a customer relationship with them. However, if the financial institution establishes a customer relationship with a consumer who was previously not a customer, it must provide a privacy notice and an opt-out notice to the customer as described above.
181. Frage
According to the FTC Report of 2012, what is the main goal of Privacy by Design?
Antwort: B
182. Frage
Although an employer may have a strong incentive or legal obligation to monitor employees' conduct or behavior, some excessive monitoring may be considered an intrusion on employees' privacy? Which of the following is the strongest example of excessive monitoring by the employer?
Antwort: C
183. Frage
What was unique about the action that the Federal Trade Commission took against B.J.'s Wholesale Club in 2005?
Antwort: B
Begründung:
Per the FTC Press Release in 2005, "BJ's Wholesale Club, Inc. has agreed to settle Federal Trade Commission charges that its failure to take appropriate security measures to protect the sensitive information of thousands of its customers was an unfair practice that violated federal law."
184. Frage
When does the Telemarketing Sales Rule require an entity to share a do-not-call request across its organization?
Antwort: B
Begründung:
* The Telemarketing Sales Rule (TSR) is a federal regulation that implements the Telemarketing and Consumer Fraud and Abuse Prevention Act of 1994. The TSR aims to protect consumers from deceptive or abusive telemarketing practices, such as unwanted calls, false or misleading claims, unauthorized billing, and privacy violations1.
* The TSR requires telemarketers and sellers to comply with the National Do Not Call Registry, which is a list of phone numbers of consumers who have indicated that they do not want to receive telemarketing calls2.
* The TSR also requires telemarketers and sellers to honor the do-not-call requests of individual consumers, regardless of whether their numbers are on the National Do Not Call Registry or not2.
* A do-not-call request is a statement made by a consumer, either orally or in writing, that they do not wish to receive any more calls from a specific telemarketer or seller2.
* The TSR requires an entity to share a do-not-call request across its organization when the operational structures of its divisions are not transparent to consumers3. This means that the entity must treat the do- not-call request as if it applies to all of its affiliates and subsidiaries that engage in telemarketing, unless the consumer would reasonably expect them to be separate and distinct entities based on their names, products, or services3.
* The TSR does not require an entity to share a do-not-call request across its organization in the following situations:
* When the goods and services sold by its divisions are very similar. This is not a relevant factor for determining whether the entity must share a do-not-call request across its organization. The key factor is whether the consumers can distinguish between the different divisions based on their operational structures3.
* When a call is not the result of an error or other unforeseen cause. This is not an exception to the requirement to honor a do-not-call request. The TSR prohibits telemarketers and sellers from calling a consumer who has made a do-not-call request, unless the call falls under one of the specific exemptions, such as calls from or on behalf of tax-exempt nonprofit organizations, calls to consumers with whom the seller has an established business relationship, or calls to consumers who have given prior express written consent2.
* When the entity manages user preferences through multiple platforms. This is not an excuse for not sharing a do-not-call request across its organization. The TSR requires telemarketers and sellers to maintain an internal do-not-call list of consumers who have asked them not to call again, and to update the list at least once every 31 days2. The entity must ensure that the do-not- call request is recorded and communicated across all of its platforms that are used for telemarketing purposes3.
References: 1: Telemarketing Sales Rule 2: Q&A for Telemarketers & Sellers About DNC Provisions in TSR 3: Federal Register :: Telemarketing Sales Rule
185. Frage
......
CIPP-US Buch: https://www.examfragen.de/CIPP-US-pruefung-fragen.html