Which of the following is the BEST indication of an effective records management program for personal data?
Correct Answer: D
A retention schedule is a document that specifies how long different types of records or data should be kept and when they should be deleted or disposed of, based on legal, regulatory, operational or historical requirements. A retention schedule is the best indication of an effective records management program for personal data, as it reflects the principles of data minimization and storage limitation, which require limiting the collection, storage and processing of personal data to what is necessary and relevant for the intended purposes, and deleting or disposing of personal data when it is no longer needed or justified. A retention schedule also helps to reduce the privacy risks and costs associated with data storage and retention, such as data breaches, unauthorized access, misuse or loss of data. The other options are not as indicative of an effective records management program for personal data as a retention schedule. Archived data is used for future analytics may indicate that the organization is leveraging its data assets for business intelligence or research purposes, but it may not comply with the principles of data minimization and storage limitation, or the privacy rights and preferences of the data subjects. The legal department has approved the retention policy may indicate that the organization has obtained legal advice or guidance on its records management program for personal data, but it may not reflect the actual implementation or execution of the retention policy. All sensitive data has been tagged may indicate that the organization has implemented a data classification scheme for its records or data, but it may not indicate how long the records or data should be kept or when they should be deleted or disposed of1, p. 99-100 Reference: 1: CDPSE Review Manual (Digital Version)
Question 107
An online retail company is trying to determine how to handle users' data if they unsubscribe from marketing emails generated from the website. Which of the following is the BEST approach for handling personal data that has been restricted?
Correct Answer: D
The best approach for handling personal data that has been restricted is to flag users' email addresses to make sure they do not receive promotional information, because this will respect the users' preferences and rights to opt out of marketing communications. This will also help the company comply with the data protection laws and regulations that require consent and transparency for sending marketing emails, such as the General Data Protection Regulation (GDPR) and the CAN-SPAM Act12. The other options are not appropriate or sufficient for handling restricted data, because they may violate the users' rights, expectations, or agreements, or cause operational issues for the company. Reference: CDPSE Review Manual, Chapter 3 - Data Lifecycle, Section 3.1 - Data Classification3. CDPSE Certified Data Privacy Solutions Engineer All-in-One Exam Guide, Chapter 3 - Data Lifecycle, Section 3.2 - Data Classification4.
Question 108
During the design of a role-based user access model for a new application, which of the following principles is MOST important to ensure data privacy is protected?
Correct Answer: C
Question 109
When tokenizing credit card data, what security practice should be employed with the original data before it is stored in a data lake?
Correct Answer: C
Reference: Encryption is a security practice that transforms data into an unreadable format using a secret key or algorithm. Encryption protects the confidentiality and integrity of data, especially when they are stored in a data lake or other cloud-based storage systems. Encryption ensures that only authorized parties can access and use the original data, while unauthorized parties cannot decipher or modify the data without the key or algorithm. Encryption also helps to comply with data protection laws and regulations, such as the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA), which require data controllers and processors to implement appropriate technical and organizational measures to safeguard personal data. The other options are less effective or irrelevant for securing the original data before storing them in a data lake. Encoding is a process of converting data from one format to another, such as base64 or hexadecimal. Encoding does not protect the data from unauthorized access or use, as it can be easily reversed without a key or algorithm. Backup is a process of creating a copy of data for recovery purposes, such as in case of data loss or corruption. Backup does not protect the data from unauthorized access or use, as it may create additional copies of sensitive data that need to be secured. Classification is a process of assigning labels or categories to data based on their sensitivity, value or risk level, such as public, confidential or restricted. Classification helps to identify and manage the data according to their security requirements, but it does not protect the data from unauthorized access or use by itself. Tokenization: Your Secret Weapon for Data Security? - ISACA, section 2: "Encryption is one of the most effective security controls available to enterprises, but it can be challenging to deploy and maintain across a complex enterprise landscape." Credit Card Tokenization: What It Is, How It Works - NerdWallet, section 2: "Encrypting personal data automatically before sending them through email, using encryption standards and algorithms that are compliant with data protection laws and regulations." Tokenized Credit Card Data: Everything You Need to Know - Koombea, section 3: "The sensitive card data itself is stored on a server with much higher security." What is Data Tokenization and Why is it Important? | Immuta, section 2: "Tokenization replaces the original sensitive data with randomly generated, nonsensitive substitute characters as placeholder data."
Question 110
Which of the following scenarios poses the GREATEST risk to an organization from a privacy perspective?
