Which of the following aspects of personal information lifecycle management should the privacy function in an organization be concerned with i. Policy definition ii. Policy enforcement iii. IT infrastructure setup iv. Physical infrastructure setup Please select the correct option:

• A.Only i. and ii.
• B.Only i.
• C.All except iv
• D.All

Comment: *

Name: *

Email: *

Verification: *

According to the IT (Amendment) Act, 2008, a corporate entity could be liable to pay compensation for negligence in implementing and maintaining reasonable security practices and procedures in order to protect Sensitive Personal Data or Information. What is the amount of penalty?

• A.Upper limit not defined
• B.Rs. 5,000,000
• C.Rs. 50,000,000
• D.Rs. 500,000,000

Comment: *

Name: *

Email: *

Verification: *

Which of the following does not fall under the category of Sensitive Personal Data or Information as defined in the Information Technology (Reasonable Security Practices and Procedures and Sensitive Data or Information) Rules, 2011?

• A.Medical records and history
• B.Religious Beliefs
• C.Password
• D.Sexual orientation

Comment: *

Name: *

Email: *

Verification: *

De-identification of personal information is advocated by which of the following privacy regulations?

• A.Australia's ANPP
• B.Canada's PIPEDA
• C.EU Data Protection Directive
• D.IT Act of India

Comment: *

Name: *

Email: *

Verification: *

How soon after becoming aware of the breach the data controller has to notify the supervisory authority under Article 33 of GDPR.

• A.17 hours
• B.36 hours
• C.24 hours
• D.72 hours

Comment: *

Name: *

Email: *

Verification: *