Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. IAPP
  5. CIPP-C

IAPP CIPP-C Exam
Certified Information Privacy Professional/ Canada (CIPP/C) (Page 3 )

Updated On: 30-Jan-2026
Page 3 of 31
PDF with 150 Questions

What type of material is exempt from an individual’s right to disclosure under the Privacy Act?

  1. Material requires by statute to be maintained and used solely for research purposes.
  2. Material reporting investigative efforts to prevent unlawful persecution of an individual.
  3. Material used to determine potential collaboration with foreign governments in negotiation of trade deals.
  4. Material reporting investigative efforts pertaining to the enforcement of criminal law.

Answer(s): C



Which of the following best describes an employer’s privacy-related responsibilities to an employee who has left the workplace?

  1. An employer has a responsibility to maintain a former employee’s access to computer systems and company data needed to support claims against the company such as discrimination.
  2. An employer has a responsibility to permanently delete or expunge all sensitive employment records to minimize privacy risks to both the employer and former employee.
  3. An employer may consider any privacy-related responsibilities terminated, as the relationship between employer and employee is considered primarily contractual.
  4. An employer has a responsibility to maintain the security and privacy of any sensitive employment records retained for a legitimate business purpose.

Answer(s): B



Which of the following best describes the ASIA-Pacific Economic Cooperation (APEC) principles?

  1. A bill of rights for individuals seeking access to their personal information.
  2. A code of responsibilities for medical establishments to uphold privacy laws.
  3. An international court ruling on personal information held in the commercial sector.
  4. A baseline of marketers’ minimum responsibilities for providing opt-out mechanisms.

Answer(s): A


Reference:

http://documents1.worldbank.org/curated/en/751621525705087132/text/WPS8431.txt



All of the following common law torts are relevant to employee privacy under US law EXCEPT?

  1. Infliction of emotional distress.
  2. Intrusion upon seclusion.
  3. Defamation
  4. Conversion.

Answer(s): B


Reference:

https://en.wikipedia.org/wiki/Privacy_law



John, a California resident, receives notification that a major corporation with $500 million in annual revenue has experienced a data breach. John’s personal information in their possession has been stolen, including his full name and social security numb. John also learns that the corporation did not have reasonable cybersecurity measures in place to safeguard his personal information.
Which of the following answers most accurately reflects John’s ability to pursue a legal claim against the corporation under the California Consumer Privacy Act (CCPA)?

  1. John has no right to sue the corporation because the CCPA does not address any data breach rights.
  2. John cannot sue the corporation for the data breach because only the state’s Attoney General has authority to file suit under the CCPA.
  3. John can sue the corporation for the data breach but only to recover monetary damages he actually suffered as a result of the data breach.
  4. John can sue the corporation for the data breach to recover monetary damages suffered as a result of the data breach, and in some circumstances seek statutory damages irrespective of whether he suffered any financial harm.

Answer(s): C



Viewing page 3 of 31
Viewing questions 11 - 15 out of 150 questions



Post your Comments and Discuss IAPP CIPP-C exam prep with other Community members:

Join the CIPP-C Discussion