New Year Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

IAPP Updated CIPP-US Exam Questions and Answers by kyrie

Page: 6 / 12

IAPP CIPP-US Exam Overview :

Exam Name: Certified Information Privacy Professional/United States (CIPP/US)
Exam Code: CIPP-US Dumps
Vendor: IAPP Certification: Certified Information Privacy Professional
Questions: 194 Q&A's Shared By: kyrie
Question 24

SCENARIO -

Please use the following to answer the next question:

Miraculous Healthcare is a large medical practice with multiple locations in California and Nevada. Miraculous normally treats patients in person, but has recently decided to start offering telehealth appointments, where patients can have virtual appointments with on-site doctors via a phone app.

For this new initiative, Miraculous is considering a product built by MedApps, a company that makes quality telehealth apps for healthcare practices and licenses them to be usedwith the practices’ branding. MedApps provides technical support for the app, which it hosts in the cloud. MedApps also offers an optional benchmarking service for providers who wish to compare their practice to others using the service.

Riya is the Privacy Officer at Miraculous, responsible for the practice's compliance with HIPAA and other applicable laws, and she works with the Miraculous procurement team to get vendor agreements in place. She occasionally assists procurement in vetting vendors and inquiring about their own compliance practices, as well as negotiating the terms of vendor agreements. Riya is currently reviewing the suitability of the MedApps app from a privacy perspective.

Riya has also been asked by the Miraculous Healthcare business operations team to review the MedApps’ optional benchmarking service. Of particular concern is the requirement that Miraculous Healthcare upload information about the appointments to a portal hosted by MedApps.

What HIPAA compliance issue would Miraculous have to consider before using the telehealth app?

Options:

A.

HIPAA does not permit healthcare providers to use cloud hosting services.

B.

HIPAA does not permit in-person appointment data to be hosted in the cloud.

C.

HIPAA would require Miraculous and MedApps to enter into a Business Associate Agreement.

D.

HIPAA would require Miraculous to obtain patient consent before in-person appointment data can be shared with third parties.

Discussion
Question 25

SCENARIO

Please use the following to answer the next QUESTION

When there was a data breach involving customer personal and financial information at a large retail store, the company’s directors were shocked. However, Roberta, a privacy analyst at the company and a victim of identity theft herself, was not. Prior to the breach, she had been working on a privacy program report for the executives. How the company shared and handled data across its organization was a major concern. There were neither adequate rules about access to customer information nor

procedures for purging and destroying outdated data. In her research, Roberta had discovered that even low- level employees had access to all of the company’s customer data, including financial records, and that the company still had in its possession obsolete customer data going back to the 1980s.

Her report recommended three main reforms. First, permit access on an as-needs-to-know basis. This would mean restricting employees’ access to customer information to data that was relevant to the work performed. Second, create a highly secure database for storing customers’ financial information (e.g., credit card and bank account numbers) separate from less sensitive information. Third, identify outdated customer information and then develop a process for securely disposing of it.

When the breach occurred, the company’s executives called Roberta to a meeting where she presented the recommendations in her report. She explained that the company having a national customer base meant it would have to ensure that it complied with all relevant state breach notification laws. Thanks to Roberta’s guidance, the company was able to notify customers quickly and within the specific timeframes set by state breach notification laws.

Soon after, the executives approved the changes to the privacy program that Roberta recommended in her report. The privacy program is far more effective now because of these changes and, also, because privacy and security are now considered the responsibility of every employee.

Which principle of the Consumer Privacy Bill of Rights, if adopted, would best reform the company’s privacy program?

Options:

A.

Consumers have a right to exercise control over how companies use their personal data.

B.

Consumers have a right to reasonable limits on the personal data that a company retains.

C.

Consumers have a right to easily accessible information about privacy and security practices.

D.

Consumers have a right to correct personal data in a manner that is appropriate to the sensitivity.

Discussion
Question 26

All of the following common law torts are relevant to employee privacy under US law EXCEPT?

Options:

A.

Infliction of emotional distress.

B.

Intrusion upon seclusion.

C.

Defamation

D.

Conversion.

Discussion
Conor
I recently used these dumps for my exam and I must say, I was impressed with their authentic material.
Yunus Sep 13, 2024
Exactly…….The information in the dumps is so authentic and up-to-date. Plus, the questions are very similar to what you'll see on the actual exam. I felt confident going into the exam because I had studied using Cramkey Dumps.
Joey
I highly recommend Cramkey Dumps to anyone preparing for the certification exam. They have all the key information you need and the questions are very similar to what you'll see on the actual exam.
Dexter Aug 7, 2024
Agreed. It's definitely worth checking out if you're looking for a comprehensive and reliable study resource.
Carson
Yeah, definitely. I would definitely recommend Cramkey Dumps to anyone who is preparing for an exam.
Rufus Aug 20, 2024
Me too. They're a lifesaver!
Elise
I've heard that Cramkey is one of the best websites for exam dumps. They have a high passing rate and the questions are always up-to-date. Is it true?
Cian Sep 26, 2024
Definitely. The dumps are constantly updated to reflect the latest changes in the certification exams. And I also appreciate how they provide explanations for the answers, so I could understand the reasoning behind each question.
Hendrix
Great website with Great Exam Dumps. Just passed my exam today.
Luka Aug 31, 2024
Absolutely. Cramkey Dumps only provides the latest and most updated exam questions and answers.
Question 27

What practice do courts commonly require in order to protect certain personal information on documents, whether paper or electronic, that is involved in litigation?

Options:

A.

Redaction

B.

Encryption

C.

Deletion

D.

Hashing

Discussion
Page: 6 / 12

CIPP-US
PDF

$36.75  $104.99

CIPP-US Testing Engine

$43.75  $124.99

CIPP-US PDF + Testing Engine

$57.75  $164.99