Free IAPP CIPP-US Exam Questions

Become IAPP Certified with updated CIPP-US exam questions and correct answers

Page: 1 / 41

Total 201 Questions | Updated On: Sep 09, 2025

Add To Cart

Question 1

Which of the following would NOT be considered a method of obtaining verifiable parental consent before collecting, using or disclosing personal information from children under the Children’s Online Privacy Protection Act (COPPA) of 1998?

A : ing a credit card, debit card, or other online payment system

B : ving the parent call a toll-free telephone number staffed by trained personnel.

C : Having the parent sign a consent form and return it to the operator by postal mail, facsimile, or electronic scan.

D : nding a text message to the parent explaining the intended uses of the information.

Answer: D

Question 2

Under the Fair Credit Reporting Act (FCRA), what must a person who is denied employment based upon his credit history receive?

A : prompt notification from the employer

B : opportunity to reapply with the employer.

C : formation from several consumer reporting agencies (CRAs).

D : A list of rights from the Consumer Financial Protection Bureau (CFPB).

Answer: A

Question 3

Which statement is FALSE regarding the provisions of the Employee Polygraph Protection Act of 1988 (EPPA)?

A : EPPA requires that employers post essential information about the Act in a conspicuous location

B : EPPA includes an exception that allows polygraph tests in professions in which employee honesty is necessary for public safety.

C : ployers are prohibited from administering psychological testing based on personality traits such as honesty, preferences or habits.

D : ployers involved in the manufacture of controlled substances may terminate employees based on polygraph results if other evidence exists

Answer: C

Question 4

An organization self-certified under Privacy Shield must, upon request by an individual, do what?

A : pend the use of all personal information collected by the organization to fulfill its original purpose

B : ovide the identities of third parties with whom the organization shares personal information.

C : ovide the identities of third and fourth parties that may potentially receive personal information

D : Identify all personal information disclosed during a criminal investigation

Answer: B

Question 5

All of the following organizations are specified as covered entities under the Health Insurance Portability and Accountability Act (HIPAA) EXCEPT?

A : althcare information clearinghouses

B : armaceutical companies

C : althcare providers

D : alth plans

Answer: B

Page: 1 / 41

Total 201 Questions | Updated On: Sep 09, 2025

Add To Cart