- Home
- IAPP
- Certified Information Privacy Professional/United States (CIPP/US)
- IAPP.CIPP-US.v2025-06-10.q88
- Question 68
Valid CIPP-US Dumps shared by ExamDiscuss.com for Helping Passing CIPP-US Exam! ExamDiscuss.com now offer the newest CIPP-US exam dumps, the ExamDiscuss.com CIPP-US exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CIPP-US dumps with Test Engine here:
Access CIPP-US Dumps Premium Version
(228 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 68/88
What does the Massachusetts Personal Information Security Regulation require as it relates to encryption of personal information?
Correct Answer: D
The Massachusetts Personal Information Security Regulation (201 CMR 17.00) requires that any person or entity that owns or licenses personal information of Massachusetts residents must implement and maintain a comprehensive written information security program that includes administrative, technical, and physical safeguards to protect such information. One of the technical requirements of the regulation is to encrypt all personal information of Massachusetts residents that is stored on laptops or other portable devices, regardless of where the equipment is located12. The regulation defines personal information as a person's first name and last name or first initial and last name in combination with any one or more of the following data elements that relate to such person: (a) Social Security number; (b) driver's license number or state-issued identification card number; or financial account number, or credit or debit card number, with or without any required security code, access code, personal identification number or password, that would permit access to a resident's financial account1. The regulation also requires encryption of all transmitted records and files containing personal information that will travel across public networks, and encryption of all data containing personal information to be transmitted wirelessly1. References:
* Regulation 201 CMR 17.00: Standards for the Protection of Personal Information of MA Residents
* Massachusetts Law Raises the Bar for Data Security
* Regulation 201 CMR 17.00: Standards for the Protection of Personal Information of MA Residents
* Massachusetts Law Raises the Bar for Data Security
- Question List (88q)
- Question 1: SCENARIO Please use the following to answer the next QUESTIO...
- Question 2: SCENARIO Please use the following to answer the next QUESTIO...
- Question 3: Which of the following data elements is most likely to be su...
- Question 4: SCENARIO Please use the following to answer the next QUESTIO...
- Question 5: In March 2012, the FTC released a privacy report that outlin...
- Question 6: SCENARIO Please use the following to answer the next QUESTIO...
- Question 7: Chanel Hair Studio is a busy high-end hair salon. In an effo...
- Question 8: Which of the following state laws has an entity exemption fo...
- Question 9: Which of the following practices is NOT a key component of a...
- Question 10: Smith Memorial Healthcare (SMH) is a hospital network headqu...
- Question 11: SuperMart is a large Nevada-based business that has recently...
- Question 12: SCENARIO Please use the following to answer the next QUESTIO...
- Question 13: Which of the following best describes what a "private right ...
- Question 14: Which of the following federal agencies does NOT have regula...
- Question 15: Which of the following became the first state to pass a law ...
- Question 16: A large online bookseller decides to contract with a vendor ...
- Question 17: All of the following are tasks in the "Discover" phase of bu...
- Question 18: What is a legal document approved by a judge that formalizes...
- Question 19: SCENARIO Please use the following to answer the next questio...
- Question 20: Acme Student Loan Company has developed an artificial intell...
- Question 21: SCENARIO Please use the following to answer the next questio...
- Question 22: SCENARIO Please use the following to answer the next QUESTIO...
- Question 23: When may a financial institution share consumer information ...
- Question 24: The CFO of a pharmaceutical company is duped by a phishing e...
- Question 25: A law enforcement subpoenas the ACME telecommunications comp...
- Question 26: All of the following organizations are specified as covered ...
- Question 27: Which statement is FALSE regarding the provisions of the Emp...
- Question 28: SCENARIO Please use the following to answer the next QUESTIO...
- Question 29: The Cable Communications Policy Act of 1984 requires which a...
- Question 30: SCENARIO Please use the following to answer the next QUESTIO...
- Question 31: What important action should a health care provider take if ...
- Question 32: Which of the following best describes private-sector workpla...
- Question 33: More than half of U.S. states require telemarketers to?...
- Question 34: One of the most significant elements of Senate Bill No. 260 ...
- Question 35: What is the main challenge financial institutions face when ...
- Question 36: SCENARIO Please use the following to answer the next QUESTIO...
- Question 37: SCENARIO Please use the following to answer the next questio...
- Question 38: Which of the following is NOT a principle found in the APEC ...
- Question 39: If an organization maintains data classified as high sensiti...
- Question 40: How did the Fair and Accurate Credit Transactions Act (FACTA...
- Question 41: Which of the following best describes how federal anti-discr...
- Question 42: Which of the following privacy rights is NOT available under...
- Question 43: In what way does the "Red Flags Rule" under the Fair and Acc...
- Question 44: Which action is prohibited under the Electronic Communicatio...
- Question 45: SCENARIO Please use the following to answer the next QUESTIO...
- Question 46: SCENARIO - Please use the following to answer the next quest...
- Question 47: What type of material is exempt from an individual's right t...
- Question 48: What is the most likely reason that states have adopted thei...
- Question 49: SCENARIO Please use the following to answer the next QUESTIO...
- Question 50: Which of the following is NOT one of three broad categories ...
- Question 51: The rules for "e-discovery" mainly prevent which of the foll...
- Question 52: Mega Corp. is a U.S.-based business with employees in Califo...
- Question 53: SCENARIO Please use the following to answer the next QUESTIO...
- Question 54: The FTC often negotiates consent decrees with companies foun...
- Question 55: SCENARIO - Please use the following to answer the next quest...
- Question 56: Which of the following is an important implication of the Do...
- Question 57: Which of the following does Title VII of the Civil Rights Ac...
- Question 58: In what way is the Controlling the Assault of Non-Solicited ...
- Question 59: SCENARIO Please use the following to answer the next QUESTIO...
- Question 60: SCENARIO Please use the following to answer the next QUESTIO...
- Question 61: What is the purpose of a cure provision in a stale data priv...
- Question 62: Although an employer may have a strong incentive or legal ob...
- Question 63: SCENARIO Please use the following to answer the next QUESTIO...
- Question 64: SCENARIO Please use the following to answer the next QUESTIO...
- Question 65: U.S. federal laws protect individuals from employment discri...
- Question 66: A student has left high school and is attending a public pos...
- Question 67: Global Manufacturing Co's Human Resources department recentl...
- Question 68: What does the Massachusetts Personal Information Security Re...
- Question 69: Which venture would be subject to the requirements of Sectio...
- Question 70: Under the EU-US Data Privacy Framework, what must participat...
- Question 71: Which jurisdiction must courts have in order to hear a parti...
- Question 72: According to Section 5 of the FTC Act, self-regulation prima...
- Question 73: Under the Driver's Privacy Protection Act (DPPA), which of t...
- Question 74: Which of the following is NOT a common challenge large organ...
- Question 75: Which of the following most accurately describes the regulat...
- Question 76: Which of the following describes the most likely risk for a ...
- Question 77: What was the original purpose of the Federal Trade Commissio...
- Question 78: A California resident has created an account on your company...
- Question 79: Which of the following laws is NOT involved in the regulatio...
- Question 80: Due to cookie deprecation, businesses will be required to si...
- Question 81: Under the Fair and Accurate Credit Transactions Act (FACTA),...
- Question 82: A financial services company install "bossware" software on ...
- Question 83: What consumer service was the Fair Credit Reporting Act (FCR...
- Question 84: Which of the following statements is most accurate in regard...
- Question 85: SCENARIO Please use the following to answer the next QUESTIO...
- Question 86: Which federal law or regulation preempts state law?...
- Question 87: What consumer protection did the Fair and Accurate Credit Tr...
- Question 88: Which entities must comply with the Telemarketing Sales Rule...
