Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPP-US All Questions

View all questions & answers for the CIPP-US exam
Go to Exam

Exam CIPP-US topic 1 question 194 discussion

Actual exam question from IAPP's CIPP-US
Question #: 194
Topic #: 1
[All CIPP-US Questions]

Which of the following conditions would NOT be sufficient to excuse an entity from providing breach notification under state law?

  • A. If the data involved was encrypted.
  • B. If the data involved was accessed but not exported.
  • C. If the entity was subject to the GLBA Safeguards Rule.
  • D. If the entity followed internal notification procedures compatible with state law.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by [deleted] at June 27, 2023, 3:36 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Bhimesh
7 months, 2 weeks ago
Selected Answer: C
Agree with Ambulocetus C. If the entity was subject to the GLBA Safeguards Rule.
upvoted 2 times
...
Ambulocetus
1 year, 3 months ago
Selected Answer: C
While compliance with the Safeguards Rule helps in preventing breaches and ensuring data security, it does not necessarily exempt an entity from having to provide breach notifications as required by state laws. State breach notification laws typically have their own criteria for when notification is required, which may include factors like the type of data compromised, the potential risk of harm to individuals, and other circumstances surrounding the breach. While following the GLBA Safeguards Rule may demonstrate a commitment to data security, it doesn't automatically override the notification obligations imposed by state laws when a data breach occurs.
upvoted 2 times
...
[Removed]
1 year, 4 months ago
Selected Answer: C
Note that C says "subject to GLBA" not in compliance.
upvoted 4 times
...
[Removed]
1 year, 5 months ago
Selected Answer: B
The answer is B. Exceptions include (1) encryption, (2) being in compliance with other GLBA, and (3) internal breach notification procedures compatible with state laws. Many state laws define a breach as "unauthorized access to" files, media, databases, etc. So access alone is not a sufficient excuse to be exempted from data breach notification.
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel