IAPP Exam CIPM Topic 6 Question 66 Discussion

Actual exam question for IAPP's CIPM exam

Question #: 66
Topic #: 6

[All CIPM Questions]

A minimum requirement for carrying out a Data Protection Impact Assessment (DPIA) would include?

AProcessing on a large scale of special categories of data.

BMonitoring of a publicly accessible area on a large scale.

CAssessment of the necessity and proportionality.

DAssessment of security measures.

Show Suggested Answer

Suggested Answer: C

Under the GDPR, when the applicable lawful basis for the processing of personal data is a legal obligation with which the controller must comply, the data subject can exercise the right to restriction. This means that the data subject can request the controller to limit the processing of their personal data in certain circumstances, such as when they contest the accuracy or lawfulness of the processing. The other rights are not applicable in this case, as they are either dependent on consent (right to withdraw consent and right to data portability) or subject to exceptions (right to erasure).Reference:GDPR, Articles 6(1), 18, 21(1).

by Kerrie at Jul 17, 2024, 09:43 PM

Limited Time Offer

25%

Off

Get Premium CIPM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Edna

1 months ago

I'm going with C. Seems like the best all-encompassing choice to me. Although, I'm curious what kind of 'security measures' the exam writers had in mind for D...

upvoted 0 times

Adelina

3 days ago

C: Yeah, it covers a lot of aspects that need to be considered.

upvoted 0 times

...

Denise

14 days ago

B: I agree, assessing the necessity and proportionality is crucial.

upvoted 0 times

...

Billye

20 days ago

A: I think C is the most important requirement for a DPIA.

upvoted 0 times

...

Delmy

2 months ago

Haha, the answer is clearly C. Anyone who's worked in data privacy knows that's the bread and butter of a DPIA. 'Necessity and proportionality' - classic data protection lingo!

upvoted 0 times

Verdell

23 days ago

C: Couldn't agree more, that's the heart of data protection assessments.

upvoted 0 times

...

Ludivina

1 months ago

B: Definitely, it's all about assessing if the data processing is really needed and if it's done in a fair way.

upvoted 0 times

...

Mitzie

1 months ago

A: I agree, necessity and proportionality are key in a DPIA.

upvoted 0 times

...

Anisha

2 months ago

C definitely sounds like the most comprehensive option. Gotta cover all the bases when it comes to data protection!

upvoted 0 times

Martin

1 months ago

C) Assessment of the necessity and proportionality.

upvoted 0 times

...

Ettie

1 months ago

B) Monitoring of a publicly accessible area on a large scale.

upvoted 0 times

...

Julio

1 months ago

A) Processing on a large scale of special categories of data.

upvoted 0 times

...

Bonita

2 months ago

Hmm, I'm not sure. I was thinking B might be the right answer since monitoring a public area on a large scale could potentially have privacy implications.

upvoted 0 times