Free IAPP CIPP-US Exam Questions

Become IAPP Certified with updated CIPP-US exam questions and correct answers

Page: 1 / 41

Total 201 Questions | Updated On: Apr 01, 2026

Add To Cart

Question 1

Which of the following is most likely to provide privacy protection to private-sector employees in the United States?

A : ate law, contract law, and tort law

B : Federal Trade Commission Act (FTC Act)

C : endments one, four, and five of the U.S. Constitution

D : U.S. Department of Health and Human Services (HHS)

Answer: A

Question 2

Which of the following describes the most likely risk for a company developing a privacy policy with standards that are much higher than its competitors?

A : ing more closely scrutinized for any breaches of policy

B : tting accused of discriminatory practices

C : tracting skepticism from auditors

D : ving a security system failure

Answer: A

Question 3

A company based in United States receives information about its UK subsidiary’s employees in connection with

the centralized HR service it provides.

How can the UK company ensure an adequate level of data protection that would allow the restricted data

transfer to continue?

A : signing up to an approved code of conduct under UK GDPR to demonstrate compliance with its requirements, both for the parent and the subsidiary companies

B : revising the contract with the United States parent company incorporating EU SCCs, as it continues to be valid for restricted transfers under the UK regime

C : By submitting to the ICO a new application for the UK BCRs using the UK BCR application forms, as their existing authorized EU BCRs are not recognized.

D : allowing each employee the option to opt-out to the restricted transfer, as it is necessary to send their names in order to book the sales bonuses.

Answer: B

Question 4

The Cable Communications Policy Act of 1984 requires which activity?

A : livery of an annual notice detailing how subscriber information is to be used

B : Destruction of personal information a maximum of six months after it is no longer needed

C : tice to subscribers of any investigation involving unauthorized reception of cable services

D : taining subscriber consent for disseminating any personal information necessary to render cable services

Answer: C

Question 5

Which jurisdiction must courts have in order to hear a particular case?

A : bject matter jurisdiction and regulatory jurisdiction

B : bject matter jurisdiction and professional jurisdiction

C : rsonal jurisdiction and subject matter jurisdiction

D : rsonal jurisdiction and professional jurisdiction

Answer: C

Page: 1 / 41

Total 201 Questions | Updated On: Apr 01, 2026

Add To Cart