Free IAPP CIPT Exam Questions

Become IAPP Certified with updated CIPT exam questions and correct answers

Page: 1 / 53

Total 261 Questions | Updated On: Nov 21, 2024

Add To Cart

Question 1

SCENARIO

Please use the following to answer the next question:

Light Blue Health (LBH) is a healthcare technology company developing a new web and mobile application that collects personal health information from electronic patient health records. The application will use machine learning to recommend potential medical treatments and medications based on information collected from anonymized electronic health records. Patient users may also share health data collected from other mobile apps with the LBH app.

The application requires consent from the patient before importing electronic health records into the application and sharing it with their authorized physicians or healthcare provider. The patient can then review and share the recommended treatments with their physicians securely through the app. The patient user may also share location data and upload photos in the app. The patient user may also share location data and upload photos in the app for a healthcare provider to review along with the health record. The patient may also delegate access to the app.

LBH's privacy team meets with the Application development and Security teams, as well as key business stakeholders on a periodic basis. LBH also implements Privacy by Design (PbD) into the application development process.

The Privacy Team is conducting a Privacy Impact Assessment (PIA) to evaluate privacy risks during development of the application. The team must assess whether the application is collecting descriptive, demographic or any other user related data from the electronic health records that are not needed for the purposes of the application. The team is also reviewing whether the application may collect additional personal data for purposes for which the user did not provide consent.

Regarding the app, which action is an example of a decisional interference violation?

A : The app asks income level to determine the treatment of care.

B : The app sells aggregated data to an advertising company without prior consent.

C : The app has a pop-up ad requesting sign-up for a pharmaceutical company newsletter.

D : The app asks questions during account set-up to disclose family medical history that is not necessary for the treatment of the individual's symptoms.

Answer: A

Question 2

How can a hacker gain control of a smartphone to perform remote audio and video surveillance?

A : performing cross-site scripting.

B : By installing a roving bug on the phone.

C : manipulating geographic information systems.

D : accessing a phone's global positioning system satellite signal.

Answer: B

Question 3

Which of the following is an example of drone `swarming`?

A : A drone filming a cyclist from above as he rides.

B : A drone flying over a building site to gather data.

C : Drones delivering retailers' packages to private homes.

D : Drones communicating with each other to perform a search and rescue.

Answer: D

Question 4

An organization is deciding between building a solution in-house versus purchasing a solution for a new customer facing application. When security threats are taken into consideration, a key advantage of purchasing a solution would be the availability of?

A : Outsourcing.

B : Persistent VPN.

C : Patching and updates.

D : Digital Rights Management.

Answer: C

Question 5

Which of the following is an example of an appropriation harm?

A : A friend takes and uploads your pictures to a social media website.

B : A hacker gains access to your email account and reads your messages.

C : A government agency uses cameras to monitor your movements in a public area.

D : An unauthorized individual obtains access to your personal information and uses it for medical fraud.

Answer: A

Page: 1 / 53

Total 261 Questions | Updated On: Nov 21, 2024

Add To Cart