As part of the environment scanning to identify security risks to personal information, which of the following
environments would be least relevant for the organization?
A Business Process Management (BPM) organization based in India, has many domestic clients. The organization observes that one of its domestic clients does not appreciate the value of customers' personal information and have a lot of system loop holes that can be exploited to breach privacy of its customers. The contract signed with the said client makes the BPM organization 100% liable for privacy breaches. The BPM organization has paid close to $10,000 in fines as penalty to the said client in the past. The privacy office has highlighted the risk to the senior management of the BPM organization. What is the best possible approach that the BPM organization can take to resolve this issue?
In the wake of privacy-related concerns arising from various policies around the world, which of the following has not driven increased regulatory responses?
XYZ is a successful startup that acquired a respectable size & scale of operations in last 3 years, handling business process services for small & medium scale enterprises, largely in US & Europe. They are at the stage of closing a deal with a new banking client and working out the details of privacy related obligations in contract. Ensuring effective enforcement of which of the below listed privacy principles is client's accountability, even after outsourcing its loan approval process to XYZ?
1. Notice
2. Choice and Consent
3. Collection Limitation
4. Use Limitation
5. Access and Correction
6. Security
7. Disclosure to third Party
Please select the correct set of principles from below listed options:
Which among the following can be classified as the most important purpose for enactment of data protection/ privacy regulations across the globe?
