This is a set of 12 Data Privacy Certification Questions and Answers. Please NOTE that all questions and answers are based on our research and self-study.
Data Privacy Certification Questions and Answers
1.) Any third party (customer or customer’s personnel or customer’s customers/ vendors) may
inform DPO or any company associate over the phone in person or by email about the personal information Breach.
Choose the correct option from the following list:
A.) False, third party cannot report personal information Breach to company
B.) True, and the informed associate should log the breach in company Incident Management tool
C.) True, but breach reported by third-party need not be logged in IMT and can be tracked
offline to closure
D.)False, third party can report personal information breach only to PO through email
provided on company website
2.) A statement outlining the organization’s privacy practices notified to data subjects is commonly
B.) Terms of service
C.) Master service agreement
D.) Security policy
3.) Which of the following is an example of Personal Information (PI) processing in company?
A.) Sharing employee ID
B.) Viewing date of joining
C.) Updating base location
D.) All of the above
4.) From the following options, select the one that you should NOT do in order to keep your
personal information secure
A.) Keep passwords secure by changing it regularly and not sharing it with anyone
B.)Lock the screen/log off computers when you are not at your desk
C.)Dispose of confidential paper waste just by tearing and not shredding
D.)Prevent virus attacks by taking care when opening emails and attachments or visiting
5.) I get emails from unknown sources in my company email box which consist of contact details of
various individuals, what should I do?
A.) Raise a privacy incident in IMT
B.) Raise a security incident in IMT
C.) Reach out to those individuals to let them know about their PI being exposed
D.) Do nothing and delete such emails
6.) Which of the following is NOT an accurate description of a privacy term?
A.) Consent – A permission granted by an individual to process his/her personal information
B.) Integrity – Data must be accurate and the data subject must have access and ability to
correct the inaccurate data
C.) Data limitation – The data controller must be able to use the available data for any purpose of
D.) Security – Safeguards to prevent misuse, loss or unauthorized access to process data
7.) Which among the following is correct in relation to PI, SPI, PFI, and PHI?
A.) PHI is always a subset of SPI
B.) PFI is always a subset of PHI
C.) PHI and PFI are always a subset of Pl and SPI
D.) SPI, PFI and PHI are always a subset of PI
8.) What constitutes Personal Information (PI) in all jurisdictions?
A.) Information related to any individual or natural person
B.) Information related to a family
C.) Information related to company
D.) Information related to a client organization
9.) Hiding/masking personal identifiers from a data set, so that the data set can never identify an
individual, even if it is correlated with other data sets is known as ________________.
10.) Data Privacy is a matter of _____________.
A.) human desire
B.) human dignity and personal liberty
C.) human dreams
D.) None of the above
11.) While collecting any personal information, you must________.
A.) Collect as much information as possible as you would not know what information you might
B.) Be obscure about why you need this information or what you would use it for so that the
user will not withhold any required information
C.) Limit the amount and type of information gathered to what is necessary for your identified
D.) None of the above
12.) Mr. John has been given the responsibility of taking care of his tax filing to a CA firm ABC. The firm ABC will prepare and process John’s income and taxes as per the procedure defined by the
taxation authority. ABC is a :
A.) Data Processor
B.) Data Controller
C.) Joint Controller
D.) Data sub-processor
data privacy certification data privacy certification data privacy certification data privacy certification