ExamTopics Logo
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPP-US All Questions

View all questions & answers for the CIPP-US exam
Go to Exam

Exam CIPP-US topic 1 question 89 discussion

Actual exam question from IAPP's CIPP-US
Question #: 89
Topic #: 1
[All CIPP-US Questions]

Most states with data breach notification laws indicate that notice to affected individuals must be sent in the “most expeditious time possible without unreasonable delay.” By contrast, which of the following states currently imposes a definite limit for notification to affected individuals?

  • A. Maine
  • B. Florida
  • C. New York
  • D. California
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by jjjrbm at Nov. 5, 2023, 12:09 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Bhimesh
9 months ago
Selected Answer: B
All states with data breach notification laws use similar language to describe the required timing of notifications to affected parties. The most common phrase used in conjunction with timing is “the most expedient time possible and without unreasonable delay.” Numerous states specify a limit to the time allowed when this common phrase is utilized, with 45 days after the discovery of the breach being the most common timeframe permitted by these states. For companies operating nationally, it is important to note that the industry best practice is to report within 30 days after the discovery of the breach, meaning that a delay of 45 days could be considered unreasonable (without a valid explanation) in certain states. For example - Colorado and Florida provide for a 30-day time frame. New Mexico, Ohio, Oregon, Rhode Island, Tennessee, Vermont, Washington and Wisconsin mandate a 45-day time frame. Louisiana stipulates a 60-day requirement. “States that Require Notification within a Specific Time Frame,”
upvoted 1 times
...
Romeokton
11 months, 1 week ago
Selected Answer: B
Florida as erwingr says.
upvoted 1 times
...
erwingr
1 year ago
Selected Answer: B
State specifics • Laws recognize the need for the affected entity to conduct a “reasonable investigation in order to determine the scope of the breach and to restore the reasonable integrity of the data system” • Laws specify an expeditious time limit of 45 days (FL, NM, OH, RI, TN, VT, WA, WI)
upvoted 2 times
...
jjjrbm
1 year, 2 months ago
answer is D
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel