From the following list, identify the technology aspects that are specially designed for upholding the privacy:

i. Data minimization

ii. Intrusion prevention system

iii. Data scrambling

iv. Data loss prevention

v. Data portability

vi. Data obfuscation

vii. Data encryption

viii. Data mirroring

Please select the correct set of aspects from below options:

Which of the following instruments can be used for a legal data transfer when a company in the EU wishes to transfer data to Asian countries?

According to the EU-US Safe Harbour Framework, which of the following is not required when transferring personal information from EU member nations to the US?

As a newly-appointed privacy officer of an IT company gearing up for DSCI’s privacy certification, you are trying to understand what data elements are involved in each of the business process, function and if these data elements can be classified as sensitive personal information. What is being accomplished with this effort?

What does PHI stand for, as per HIPAA/ HITECH?

Which one of the following is considered as the first step of evolution in the formation of today’s concept of privacy?

Which of the following laid foundation for the development of OECD privacy principles for the promotion of free international trade and trans border data flows?

In India, who among the following would be the authorized legal entities to monitor and intercept communication of individuals?

Which type of data qualify as Sensitive Personal Data or Information under Section 43A of IT (Amendment) Act, 2008?

Which of the following is not a driver for increased privacy-related concerns and subsequent regulatory responses from various governments around the world?

A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries.

For exporting EU branch employees’ data to Asian Countries for processing, which of the following instruments could be used for legal data transfer?

A ministry under government of India plans to collect citizens’ information related to their education, medical condition, economic status, caste and religion. As per the privacy requirements mentioned under Sec 43A of IT (Amendment) Act, 2008, the citizens’ ‘Consent’ would be mandatory for which of the following elements before their collection?

With reference to APEC privacy framework, when personal information is to be transferred to another person or organization, whether domestically or internationally, “the ______________ should obtain the consent of the individual and exercise due diligence and take reasonable steps to ensure that the recipient person or organization will protect the information consistently with APEC information privacy principles”.

Which of the following statements are true about the privacy statement of an organization?

XYZ & Co., an Indian hospital specialized in dealing with cancer treatment has organized a free health checkup camp for women in a specific district, after seeking due permission from competent authorities. During the camp the hospital staffs will be feeding the medical records of these women into the computer connected to hospital network system. Does the said hospital need to notify its privacy policy to the women attending the camp and seek their consent regarding the collection and processing of such information?

XYZ is a successful startup that acquired a respectable size & scale of operations in last 3 years, handling business process services for small & medium scale enterprises, largely in US & Europe. They are at the stage of closing a deal with a new banking client and working out the details of privacy related obligations in contract. Ensuring effective enforcement of which of the below listed privacy principles is client’s accountability, even after outsourcing its loan approval process to XYZ?

I. Notice

II. Choice and Consent

III. Collection Limitation

IV. Use Limitation

V. Access and Correction

VI. Security

VII. Disclosure to third Party

Please select the correct set of principles from below listed options:

According to the EU, which of the following steps is not relevant when transferring data from an EU member to a third country that does not meet EU standards?

When sharing personal information (of the data subject) with third parties for processing, which of the following privacy principles includes informed consent?