IAPP Exam CIPM Topic 6 Question 77 Discussion

Actual exam question for IAPP's CIPM exam

Question #: 77
Topic #: 6

[All CIPM Questions]

The General Data Protection Regulation (GDPR) specifies fines that may be levied against data controllers for certain infringements. Which of the following will be subject to administrative fines of up to 10 000 000 EUR, or in the case of an undertaking, up to 2% of the total worldwide annual turnover of the preceding financial year?

AFailure to demonstrate that consent was given by the data subject to the processing of their personal data where it is used as the basis for processing

BFailure to implement technical and organizational measures to ensure data protection is enshrined by design and default

CFailure to process personal information in a manner compatible with its original purpose

DFailure to provide the means for a data subject to rectify inaccuracies in personal data

Show Suggested Answer

Suggested Answer: C

Types of privacy program metrics include business enablement metrics, data enhancement metrics, and commercial metrics. Business enablement metrics measure the effectiveness of the privacy program in enabling the business to function without compromising privacy. Data enhancement metrics measure the effectiveness of the privacy program in enhancing data protection, such as through data minimization, access controls, and data security. Commercial metrics measure the effectiveness of the privacy program in creating value, such as through the development of new products, services, and customer experiences.

Privacy program metrics are used to assess the effectiveness of a privacy program and measure its progress. These metrics can include business enablement metrics, data enhancement metrics, and commercial metrics. Value creation metrics, however, are not typically used as privacy program metrics.

by Emerson at Dec 06, 2024, 08:16 PM

Limited Time Offer

25%

Off

Get Premium CIPM Questions as Interactive Web-Based Practice Test or PDF