CIPP/US Glossary question and answer graded A+ already passed 2023

CIPP/US Glossary question and answer graded A+ already passed 2023Accountability - correct answer A fair information practices principle, it is the idea that when personal information is to be transferred to another person or organization, the personal information controller should obtain the consent of the individual or exercise due diligence and take reasonable steps to ensure that the recipient person or organization will protect the information consistently with other fair use principles. Adequate Level of Protection - correct answer A label that the EU may apply to third-party countries who have committed to protect data through domestic law making or international commitments. Conferring of the label requires a proposal by the European Commission, an Article 29 Working Group Opinion, an opinion of the article 31 Management Committee, a right of scrutiny by the European Parliament and adoption by the European Commission. Adverse Action - correct answer Under the Fair Credit Reporting Act, the term "adverse action" is defined very broadly to include all business, credit and employment actions affecting consumers that can be considered to have a negative impact, such as denying or canceling credit or insurance, or denying employment or promotion. No adverse action occurs in a credit transaction where the creditor makes a counteroffer that is accepted by the consumer. Such an action requires that the decision maker furnish the recipient of the adverse action with a copy of the credit report leading to the adverse action. American Institute of Certified Public Accountants - correct answer A U.S. professional organization of certified public accountants and co-creator of the WebTrust seal program. Americans with Disabilities Act - correct answer A U.S. law that bars discrimination against qualified individuals with disabilities. Antidiscrimination Laws - correct answer Refers to the right of people to be treated equally. APEC Privacy Principles - correct answer A set of non-binding principles adopted by the Asia-Pacific Economic Cooperative (APEC) that mirror the OECD Fair Information Privacy Practices. Though based on OECD Guidelines, they seek to promote electronic commerce throughout the Asia-Pacific region by balancing information privacy with business needs. Background Screening/Checks - correct answer Verifying an applicant's ability to function in the working environment as well as assuring the safety and security of existing workers. Background checks range from checking a person's educational background to checking on past criminal activity. Bank Secrecy Act, The - correct answer A U.S. federal law that requires U.S. financial institutions and money services businesses (MSBs), which are entities that sell money orders or provide cash transfer services, to record, retain and report certain financial transactions to the federal government. This requirement is meant to assist the government in the investigation of money laundering, tax evasion, terrorist financing and various other domestic and international criminal activities. Behavioral Advertising - correct answer The act of tracking users' online activities and then delivering ads or recommendations based upon the tracked activities. The most comprehensive form of targeted advertising. By building a profile on a user through their browsing habits such as sites they visit, articles read, searches made, ads previously clicked on, etc., advertising companies place ads pertaining to the known information about the user across all websites visited. Behavioral Advertising also uses data aggregation to place ads on websites that a user may not have shown interest in, but similar individuals had shown interest in. Binding Corporate Rules - correct answer Legally binding internal corporate privacy rules for transferring personal information within a corporate group. BCRs are typically used by corporations that operate in multiple jurisdictions, and they are alternatives to the U.S.-EU Safe Harbor and Model Contract Clauses. BCRs must be approved by the EU data protection authorities of the member states in which the corporation operates. Binding Safe Processor Rules - correct answer Self-regulatory principles (similar to Binding Corporate Rules) for processors that are applicable to customer personal data. Once a supplier's BSPR are approved, a supplier gains "safe processor" status and its customers would be able to meet the EU Data Protection Directive's requirements for international transfers in a similar manner as BCR allow. BSPR are currently being considered as a concept by the Article 29 Working Party and national authorities. Breach Disclosure - correct answer The requirement that a data controller notify regulators and victims of incidents affecting the confidentiality and security of personal data. It is a transparency mechanism highlights operational failures, this helps mitigate damage and aids in the understanding of causes of failure.