Free IAPP CIPP-US Exam Questions

Become IAPP Certified with updated CIPP-US exam questions and correct answers

Page: 1 / 41

Total 201 Questions | Updated On: Apr 01, 2026

Add To Cart

Question 1

Which statement is FALSE regarding the provisions of the Employee Polygraph Protection Act of 1988 (EPPA)?

A : EPPA requires that employers post essential information about the Act in a conspicuous location

B : EPPA includes an exception that allows polygraph tests in professions in which employee honesty is necessary for public safety.

C : ployers are prohibited from administering psychological testing based on personality traits such as honesty, preferences or habits.

D : ployers involved in the manufacture of controlled substances may terminate employees based on polygraph results if other evidence exists

Answer: C

Question 2

Which of the following describes the most likely risk for a company developing a privacy policy with standards that are much higher than its competitors?

A : ing more closely scrutinized for any breaches of policy

B : tting accused of discriminatory practices

C : tracting skepticism from auditors

D : ving a security system failure

Answer: A

Question 3

The Cable Communications Policy Act of 1984 requires which activity?

A : livery of an annual notice detailing how subscriber information is to be used

B : Destruction of personal information a maximum of six months after it is no longer needed

C : tice to subscribers of any investigation involving unauthorized reception of cable services

D : taining subscriber consent for disseminating any personal information necessary to render cable services

Answer: C

Question 4

Which of the following is most likely to provide privacy protection to private-sector employees in the United States?

A : ate law, contract law, and tort law

B : Federal Trade Commission Act (FTC Act)

C : endments one, four, and five of the U.S. Constitution

D : U.S. Department of Health and Human Services (HHS)

Answer: A

Question 5

An organization self-certified under Privacy Shield must, upon request by an individual, do what?

A : pend the use of all personal information collected by the organization to fulfill its original purpose

B : ovide the identities of third parties with whom the organization shares personal information.

C : ovide the identities of third and fourth parties that may potentially receive personal information

D : Identify all personal information disclosed during a criminal investigation

Answer: B

Page: 1 / 41

Total 201 Questions | Updated On: Apr 01, 2026

Add To Cart