ExamTopics Logo
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPP-US All Questions

View all questions & answers for the CIPP-US exam
Go to Exam

Exam CIPP-US topic 1 question 204 discussion

Actual exam question from IAPP's CIPP-US
Question #: 204
Topic #: 1
[All CIPP-US Questions]

SCENARIO -

Please use the following to answer the next question:

Miraculous Healthcare is a large medical practice with multiple locations in California and Nevada. Miraculous normally treats patients in person, but has recently decided to start offering telehealth appointments, where patients can have virtual appointments with on-site doctors via a phone app.

For this new initiative. Miraculous is considering a product built by MedApps, a company that makes quality telehealth apps for healthcare practices and licenses them to be used with the practices’ branding. MedApps provides technical support for the app, which it hosts in the cloud. MedApps also offers an optional benchmarking service for providers who wish to compare their practice to others using the service.

Riya is the Privacy Officer at Miraculous, responsible for the practice’s compliance with HIPAA and other applicable laws, and she works with the Miraculous procurement team to get vendor agreements in place. She occasionally assists procurement in vetting vendors and inquiring about their own compliance practices, as well as negotiating the terms of vendor agreements. Riya is currently reviewing the suitability of the MedApps app from a privacy perspective.

Riya has also been asked by the Miraculous Healthcare business operations team to review the MedApps’ optional benchmarking service. Of particular concern is the requirement that Miraculous Healthcare upload information about the appointments to a portal hosted by MedApps.


If MedApps receives an access request under CCPA from a California-based app user, how should it handle the request?

  • A. MedApps should immediately begin deleting the user’s data.
  • B. MedApps should provide the privacy notice in an easily readable format.
  • C. MedApps should decline the request because MedApps is not based in California.
  • D. MedApps should promptly forward the request to Miraculous for instructions on handling.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by twiny at Dec. 30, 2024, 2:16 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
twiny
1 month, 1 week ago
Selected Answer: D
The correct answer is: D. MedApps should promptly forward the request to Miraculous for instructions on handling. This is the same question as 155, but the answer choices A and B are different. Regardless, I still think choice D (which is choice C in 155) is the best answer to the question asked: D. MedApps should promptly forward the request to Miraculous for instructions on handling. It's supported by the following reference: Cal. Civ. Code § 1798.130 https://leginfo.legislature.ca.gov/faces/codes_displaySection.xhtml?lawCode=CIV&sectionNum=1798.130. "(3) (A) A service provider or contractor shall not be required to comply with a verifiable consumer request received directly from a consumer or a consumer’s authorized agent, pursuant to Section 1798.110 or 1798.115, to the extent that the service provider or contractor has collected personal information about the consumer in its role as a service provider or contractor. A service provider or contractor shall provide assistance to a business with which it has a contractual relationship with respect to the business’ response to a verifiable consumer request."
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago