← Back to exam page

CIPP-E Certified Information Privacy Professional/Europe (CIPP/E)

Loading demo links...

Showing 10–12 of 15 questions

Question 10

If a company chooses to ground an international data transfer on the contractual route, which of the following is NOT a valid set of standard contractual clauses?

Select an option, then click Submit answer.

  • Decision 2001/497/EC (EU controller to non-EU or EEA controller).

  • Decision 2004/915/EC (EU controller to non-EU or EEA controller).

  • Decision 2007/72/EC (EU processor to non-EU or EEA controller).

  • Decision 2010/87/EU (Non-EU or EEA processor from EU controller).
Question 11

A company plans to transfer employee health information between two of its entities in France. To maintain the security of the processing, what would be the most important security measure to apply to the health data transmission?

Select an option, then click Submit answer.

  • Inform the data subject of the security measures in place.

  • Ensure that the receiving entity has signed a data processing agreement.

  • Encrypt the transferred data in transit and at rest.

  • Conduct a data protection impact assessment.
Question 12

The GDPR forbids the practice of “forum shopping”, which occurs when companies do what?

Select an option, then click Submit answer.

  • Choose the data protection officer that is most sympathetic to their business concerns.

  • Designate their main establishment in member state with the most flexible practices.

  • File appeals of infringement judgments with more than one EU institution simultaneously.

  • Select third-party processors on the basis of cost rather than quality of privacy protection.