Master DSCI DCPP-01 Exam with Reliable Practice Questions
Upgrade to Premium
The Indian cancer-treatment hospital Mumbai Hospital has organized a free health checkup for women in a specific district after securing adequate permission from the appropriate authority. During the camp the hospital staffs will be feeding. A computer connected to the hospital network system stores the medical records of these women. Are the participants at this camp required to be informed of the hospital's privacy policy and asked to consent to its collection and processing of personal information?
Correct : A
Start a Discussions
According to the IT (Amendment) Act, 2008, a corporate entity could be liable to pay compensation for negligence in implementing and maintaining reasonable security practices and procedures in order to protect Sensitive Personal Data or Information. What is the amount of penalty?
Correct : C
Rs. 5 Crore Sec 43A - ''Where a body corporate possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation to the person so affected.'' Compensation for failure to implement reasonable security practices can be upto Rs. 5 Crores (the Adjudicating Officer has the power to award this). A data subject can further approach a civil court if compensation desired is more than Rs. 5 Crore.
Start a Discussions
Under GDPR, the European Commission takes the adequacy decision in relation to privacy laws in a third country, territory, sector etc. A subjective approach is taken. For the assessment of whether a third country, a territory, or one or more specific sectors within that third country, or an international organization has an adequate level of protection, who is required to provide an opinion to the Commission?
Correct : A
Start a Discussions
As part of the new EU General Data Protection Regulation, which of the following is being proposed?
Correct : A
Start a Discussions
The Qatar Concerning Privacy and Protection of Personal Data Act, 2016 addresses different types of personal data, including:
Correct : B
Page No 18 of PBok Addendum: The law is applicable to only personal data that is electronically processed or obtained, collected and extracted for electronic processing or when a combination of traditional and electronic processing is used. Following are situations where the law is not applicable: Any personal data (1) processed by individuals privately and when done in a family context & (2) gathered for official surveys and statistics The law is applicable to all residents of Qatar. It does not differentiate between Qataris and nonQataris.
Start a Discussions