Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPT All Questions

View all questions & answers for the CIPT exam
Go to Exam

Exam CIPT topic 1 question 103 discussion

Actual exam question from IAPP's CIPT
Question #: 103
Topic #: 1
[All CIPT Questions]

An organization based in California, USA is implementing a new online helpdesk solution for recording customer call information. The organization considers the capture of personal data on the online helpdesk solution to be in the interest of the company in best servicing customer calls.
Before implementation, a privacy technologist should conduct which of the following?

  • A. A Data Protection Impact Assessment (DPIA) and consultation with the appropriate regulator to ensure legal compliance.
  • B. A privacy risk and impact assessment to evaluate potential risks from the proposed processing operations.
  • C. A Legitimate Interest Assessment (LIA) to ensure that the processing is proportionate and does not override the privacy, rights and freedoms of the customers.
  • D. A security assessment of the help desk solution and provider to assess if the technology was developed with a security by design approach.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Reference:
https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/legitimate- interests/
by 837vq3 at Oct. 27, 2021, 5:55 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
waterdogs
2 months, 2 weeks ago
Selected Answer: B
'Legitimate Interest Assessment' is a GDPR term and GDPR requirement, not specifically required under californian law. in any case, best servicing customer calls by asking for PI doesnt sound like an ethical edge case that warrants a LIA, a DPIA or PIA of the system is more standard practice. but since consulting with a regulator is also not something i've heard any regulator do, the answer is probably B.
upvoted 1 times
...
moxiangnaicha
2 months, 4 weeks ago
Selected Answer: C
Because the question specifically mentioned this is done in the interest of the company
upvoted 1 times
waterdogs
2 months, 2 weeks ago
pretty sure 'Legitimate Interest Assessment' is a GDPR term and GDPR requirement, not specifically required under californian law. in any case, best servicing customer calls by asking for PI doesnt sound like an ethical edge case that warrants a LIA, a DPIA or PIA of the system is more standard practice. but since consulting with a regulator is also not something i've heard any regulator do, the answer is probably B.
upvoted 1 times
...
...
Ssourav
3 months, 2 weeks ago
Selected Answer: A
A. A Data Protection Impact Assessment (DPIA) and consultation with the appropriate regulator to ensure legal compliance. A DPIA is essential for identifying and mitigating privacy risks related to the processing of personal data, especially when implementing new systems that handle customer information. It ensures compliance with data protection regulations and helps address potential privacy concerns before implementation.
upvoted 1 times
waterdogs
2 months, 2 weeks ago
consultation with the appropriate regulator? not sure that's a legitimate option for most companies and haven't heard of this being standard practice
upvoted 1 times
...
...
Ahpl
2 years, 8 months ago
why not B? Privacy and Data Protection Impact Assessments - Assessments evaluating privacy harms and issues for major activities undertaken by an organization.
upvoted 2 times
...
837vq3
3 years ago
https://dataprivacymanager.net/what-is-lia-legitimate-interests-assessment-and-how-to-conduct-it/
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel