Name: Score:
25 Multiple choice questions
Definition 1 of 25
Transfers of data to third parties may only occur to other organizations that follow adequate data
protection principles.
EU / Safe Harbor - Data Integrity
EU / Safe Harbor - Enforcement
EU / Safe Harbor - Onward Transfer
EU / Safe Harbor - Choice
Definition 2 of 25
Developments, practices, and policies regarding personal data should be openly communicated.
In addition, subjects should be able to easily establish the existence and nature of personal data,
its use, and the identity and usual residence of the organization in possession of that data.
OECD - Use Limitation
OECD - Openness
OECD - Accountability
OECD - Data Quality
, Term 3 of 25
GDPR - Data protection officers
Act honorably, honestly, justly, responsibly, and legally.
The safety and welfare of society and the common good, duty to our principles, and to
each other, requires that we adhere, and be seen to adhere, to the highest ethical standards
of behavior. Therefore, strict adherence to this code is a condition of certification.
Companies whose activities involve data processing and monitoring must appoint a data
protection officer.
Protect society, the common good, necessary public trust and confidence, and the
infrastructure.
Definition 4 of 25
When designing data processes, care must be taken to ensure personal data is secure. The only
data is 'absolutely necessary for the completion of duties'.
GDPR - Privacy by design
OECD - Purpose Specification
GDPR - Data Portability
GDPR - RIght to access
Term 5 of 25
GDPR - Data breach notification
All users will be able to request their data 'in an electronic format'
Personal data should be kept complete and current, and be relevant to the purposes for
which it is being used
Users and data controllers must be notified of data breaches within 72 hours
Must be able to provide a free copy of individuals data if requested
25 Multiple choice questions
Definition 1 of 25
Transfers of data to third parties may only occur to other organizations that follow adequate data
protection principles.
EU / Safe Harbor - Data Integrity
EU / Safe Harbor - Enforcement
EU / Safe Harbor - Onward Transfer
EU / Safe Harbor - Choice
Definition 2 of 25
Developments, practices, and policies regarding personal data should be openly communicated.
In addition, subjects should be able to easily establish the existence and nature of personal data,
its use, and the identity and usual residence of the organization in possession of that data.
OECD - Use Limitation
OECD - Openness
OECD - Accountability
OECD - Data Quality
, Term 3 of 25
GDPR - Data protection officers
Act honorably, honestly, justly, responsibly, and legally.
The safety and welfare of society and the common good, duty to our principles, and to
each other, requires that we adhere, and be seen to adhere, to the highest ethical standards
of behavior. Therefore, strict adherence to this code is a condition of certification.
Companies whose activities involve data processing and monitoring must appoint a data
protection officer.
Protect society, the common good, necessary public trust and confidence, and the
infrastructure.
Definition 4 of 25
When designing data processes, care must be taken to ensure personal data is secure. The only
data is 'absolutely necessary for the completion of duties'.
GDPR - Privacy by design
OECD - Purpose Specification
GDPR - Data Portability
GDPR - RIght to access
Term 5 of 25
GDPR - Data breach notification
All users will be able to request their data 'in an electronic format'
Personal data should be kept complete and current, and be relevant to the purposes for
which it is being used
Users and data controllers must be notified of data breaches within 72 hours
Must be able to provide a free copy of individuals data if requested
