Answer B - Rule 4 imposes a duty on Body Corporates seeking sensitive personal data to draft a privacy policy and make it easily accessible for people who are providing the information. The privacy policy should be clearly published on the website of the body corporate and should contain details on the type of information that is being collected, the purpose for which it has been collected and the reasonable security practices that have been undertaken to maintain the confidentiality of such information.
Rule 4 provides that the every body corporate that deals with sensitive personal data or information must have a privacy policy which shall be published on its website and provide for:
- clear and easily accessible statements of its practice and policies
- types of SPDI collected
- purpose
- disclosure
- RSPP
The privacy policy should be clearly published on the website of the body corporate and should contain details on the type of information that is being collected, the purpose for which it has been collected and the reasonable security practices that have been undertaken to maintain the confidentiality of such information.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CIPP-A Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Bhimesh
1 year, 3 months agorhyst1921
1 year, 4 months agoTERENCELEE
2 years, 1 month ago