New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

IAPP CIPP-E Exam - Topic 3 Question 96 Discussion

Actual exam question for IAPP's CIPP-E exam
Question #: 96
Topic #: 3
[All CIPP-E Questions]

As a Data Protection Officer for a small bank in the European Union, you receive a data subject access request from one of your customers. The customer provides you with his

name, and has used the email address registered in your system.

What would be the most appropriate way to confirm the identity of the customer?

Show Suggested Answer Hide Answer
Suggested Answer: B

According to the CIPP/E study guide, data controllers should use the least intrusive means of verifying the identity of data subjects who make requests under the GDPR. Asking for a copy of an ID document or a bank account statement may be disproportionate and excessive, as they contain more personal data than necessary for authentication. Asking for the bank account number may not be sufficient, as it may be easily obtained by third parties. Therefore, the most appropriate way to confirm the identity of the customer is to ask additional security questions that only the customer would know, such as the date of the last transaction, the amount of the last deposit, or the name of the beneficiary of a recurring payment.


by Lawana at Sep 16, 2024, 04:45 PM

Limited Time Offer

25%

Off

Get Premium CIPP-E Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Nelida
3 months ago
B could work too, but ID is definitely more reliable.
upvoted 0 times
...
Rodolfo
3 months ago
Wait, can we really ask for an ID? That feels a bit much.
upvoted 0 times
...
Rosendo
4 months ago
But what if they don’t have an ID? Seems risky.
upvoted 0 times
...
Kimberlie
4 months ago
Totally agree, D makes the most sense!
upvoted 0 times
...
Helga
4 months ago
I think D is the best option. ID is solid proof.
upvoted 0 times
...
Phil
4 months ago
I’m torn between the last bank statement and the ID. I guess the ID seems more reliable, but I’m not completely sure.
upvoted 0 times
...
Sheridan
5 months ago
I practiced a similar question where we had to confirm identity, and I think a government-issued ID is the safest choice.
upvoted 0 times
...
Sanda
5 months ago
I feel like security questions could be a good option, but they might not be foolproof.
upvoted 0 times
...
Daryl
5 months ago
I think I remember that verifying identity is really important, but I'm not sure if asking for a bank account number is the best way.
upvoted 0 times
...
Jacki
5 months ago
I feel pretty confident about this one. The best approach would be option B, asking the customer additional security questions. That way, you can verify their identity without requiring sensitive information like an ID document.
upvoted 0 times
...
Rebbecca
5 months ago
Option A doesn't seem appropriate here, as requesting a bank account number could be a security risk. I'd lean towards B or D, but I'll need to think this through carefully.
upvoted 0 times
...
Donette
5 months ago
Hmm, I'm a bit unsure about this one. I'm thinking option D might be the safest bet, as requesting a government-issued ID document seems like the most reliable way to verify the customer's identity.
upvoted 0 times
...
Emerson
5 months ago
This seems like a straightforward data protection question. I'd go with option B and request additional security questions to confirm the customer's identity.
upvoted 0 times
...
Golda
1 year ago
Haha, imagine if the customer was like, 'My ID? Yeah, I left that at home. Can I just send you a selfie instead?'
upvoted 0 times
...
Goldie
1 year ago
D is the correct answer. A government ID is the most secure way to confirm the customer's identity.
upvoted 0 times
Reyes
1 year ago
Caitlin: Thank you for providing that. Your identity has been confirmed.
upvoted 0 times
...
Caitlin
1 year ago
Sure, here is a copy of my ID.
upvoted 0 times
...
Nell
1 year ago
Can you confirm your identity by providing a copy of your government-issued ID?
upvoted 0 times
...
...
Arlette
1 year ago
Hmm, I don't know. Requesting their bank account number seems a bit too invasive, don't you think?
upvoted 0 times
Stefanie
1 year ago
Xochitl: Agreed, let's go with that.
upvoted 0 times
...
Laila
1 year ago
User 3: That sounds like a better option to confirm the customer's identity.
upvoted 0 times
...
Xochitl
1 year ago
Maybe we can request additional security questions instead.
upvoted 0 times
...
Mariann
1 year ago
I agree, asking for the bank account number is too much.
upvoted 0 times
...
...
Edelmira
1 year ago
I'm not sure, but I think requesting additional security questions could also be a good way to confirm the identity of the customer.
upvoted 0 times
...
Caitlin
1 year ago
B would be my pick. Security questions are a standard practice to verify the customer's identity.
upvoted 0 times
Reid
1 year ago
Agreed. Security questions can help ensure the customer's identity is confirmed.
upvoted 0 times
...
Kenneth
1 year ago
That's a good choice. It's important to have multiple layers of verification.
upvoted 0 times
...
Gianna
1 year ago
B) Request that the customer answer additional security questions.
upvoted 0 times
...
...
Micah
1 year ago
I agree with Madelyn. It's important to verify the identity of the customer before providing any personal data.
upvoted 0 times
...
Sabra
1 year ago
D is the way to go. A government-issued ID is the most reliable way to confirm the customer's identity.
upvoted 0 times
Avery
1 year ago
I agree, requesting a copy of the customer's government-issued ID document is the most secure way to confirm identity.
upvoted 0 times
...
Avery
1 year ago
D is the best option. A government-issued ID is the most reliable way to confirm identity.
upvoted 0 times
...
...
Madelyn
1 year ago
I think the most appropriate way would be to request a copy of the customer's government-issued ID document.
upvoted 0 times
...

Save Cancel