Question
Question 1 (4 points) What information is OSHA required by law to disclose? Question 1 options: Compilation and reporting of information about certain workplace injuries
Question 1 (4 points)
What information is OSHA required by law to disclose?
Question 1 options:
Compilation and reporting of information about certain workplace injuries and illnesses. | |
Serious adverse events, product problems or medication errors suspected to be associated with the use of regulated drug, biologic, device or dietary supplement. | |
Protected health information. | |
Routinely required to produce emails, documents and other company records containing substantial personal information. |
View hint for Question 1 |
Question 2 (4 points)
What or whom is the person whose data is being processed?
Question 2 options:
Health Data | |
Data Subject | |
Data Security | |
Data Object |
View hint for Question 2 |
Question 3 (4 points)
Intercepting communications in the workplace has two exceptions. The first is the interception is done in the ordinary course of business. Which of below is the second exception?
Question 3 options:
The intercept is by the person or entity providing a wire or electronic communications service. | |
The interception is by a user of that service with respect to a communication of or intended for that use | |
If a person is intercepted using location based services. | |
If a person is a party to a call or where one of the parties has given consent. |
View hint for Question 3 |
Question 4 (4 points)
Which of the following is a mechanism that exists for lawful transfers of personal data from the EU to the United States?
Question 4 options:
Standard contractual clauses (SCCs). | |
EU-U.S. Privacy Shield. | |
Binding corporate rules (BCRs). | |
Appropriate Safeguards. |
View hint for Question 4 |
Question 5 (4 points)
Who or what determines the purposes and the means of the processing of personal data?
Question 5 options:
Processor | |
Consent | |
Controller | |
Protection Officer |
View hint for Question 5 |
Question 6 (4 points)
The data subject withdraws consent on which the processing is based and where there is no other legal ground for the processing applies to which of the following?
Question 6 options:
Right to Rectify | |
Right to Erasure | |
Right to Restrict | |
Right to Object |
View hint for Question 6 |
Question 7 (4 points)
Which law has been important to the last century of Fourth Amendment jurisprudence?
Question 7 options:
Telephone Wiretap Law | |
Electronic Communications Privacy Act | |
Stored Communications Act | |
Communications Assistance to Law Enforcement Act |
View hint for Question 7 |
Question 8 (4 points)
Which fo the following is the practice of identifying and removing or blocking information from documents being produced pursuant to a discovery request or as evidence in a court proceeding?
Question 8 options:
Data Retention | |
Redacting | |
Assisting Law Enforcement | |
Section 702 |
View hint for Question 8 |
Question 9 (4 points)
Which of the following requires an employer to provide reasonable accommodation to qualified individuals who are employees or applicants for employment, unless to do so would cause undue hardship?
Question 9 options:
The Age Discrimination Act | |
Title VII of the Civil Rights Act | |
The Americans with Disabilities Act of 1990 (ADA) | |
National Child Protection Act |
View hint for Question 9 |
Question 10 (6 points)
HIPAA, COBRA, ERISA, and FLMA are examples of what?
Question 10 options:
Laws Protecting Employee Privacy | |
Laws Establishing Fair Pay | |
Laws Regulating Workplace Safety | |
Laws Regulating Employee Background Checks |
View hint for Question 10 |
Question 11 (6 points)
These two statements are reasons for what? 1) Limit liability for unlicensed transmission of copyrighted material and other confidential company information and 2) Protect trade secrets
Question 11 options:
Lifestyle Monitoring | |
Monitoring in the Workplace | |
Social Media Monitoring | |
BYOD Monitoring |
View hint for Question 11 |
Question 12 (6 points)
When engaged in pretrial discovery in U.S. courts, parties can be caught between conflicting demands. On the one hand, they must comply with U.S. discovery rules that expressly recognize the importance of broad preservation, collection and production. On the other hand, parties may also face compliance obligations under foreign laws that place an emphasis of the protection of personal data and recognize privacy as a fundamental right. Which of the following best defines these statements?
Question 12 options:
General Data Protection Regulation. | |
Data Protection Directive. | |
Transborder Data Flows. | |
Hague Convention on the Taking of Evidence. |
View hint for Question 12 |
Question 13 (6 points)
The Cybersecurity Information Sharing Act (CISA) became law in 2015. The statute permits the federal government to share unclassified technical data with companies about how networks have been attacked and how successful defenses against such attacks have been carried out. Which CISA provisions is this statement? "For sharing to qualify for protections under CISA, the companys actions must be done in accordance with certain requirements. For example, a company intending to share a cyber threat indicator must first remove, or implement a technical capacity configured to remove, any information that is not directly related to a threat and relates to a specific individual."
Question 13 options:
Authorization for a company to share or receive cyber threat indicators or defensive measures. | |
Requirement for company to remove personal information before sharing. | |
Sharing information with federal government does not waive privileges. | |
Prohibition on government using shared information to regulate or take enforcement actions against lawful activities. |
View hint for Question 13 |
Question 14 (10 points)
Company XYZ's current BYOD policy prevents personal devices from connecting directly to the companys VPN. The company is thinking of changing this policy. One concern is theft of trade secrets when an employee leaves XYZ and joins a competitor. In which of the following examples could XYZ demand access to an employee's personal device?
Question 14 options:
Employees may be required to provide access to their personal devices or personal accounts in response to electronic discovery demands in legal proceedings against the company. | |
Employees may be required to provide access to their personal device or personal accounts if the device exposed the organization to security vulnerabilities and threats that they could otherwise protect against with work-issued devices. | |
Employees may be required to provide access to their personal devices or personal accounts to prevent data loss (ensure that sensitive data is not accessed, misused, or lost by unauthorized users.) | |
Employees may be required to provide access to their personal devices or personal accounts to monitor social media accounts. |
View hint for Question 14 |
Question 15 (10 points)
When company ABC performs renovations because of a medical condition or disability, the company works with health insurance companies, Medicare/Medicaid, and medical doctors to plan appropriate modifications to the home and to obtain reimbursement from insurers. This sometimes requires ABC to receive, process, store, and transmit Protected Health Information (PHI) generated by medical practitioners or as provided by the customer. ABC received a request to share the collect PHI as part of a state-wide research project into smart homes? Why can ABC not release this information?
Question 15 options:
The Privacy Rule | |
Freedom of Information Act (FOIA) | |
Attorney-Client Privilege | |
Electronic Communication Privacy Act |
View hint for Question 15 |
Question 16 (10 points)
One of comapny ABC's employee handbook sections covers employee monitoring. An employee filed a complaint with the HR department stating he opposes this monitoring and chooses to opt out. What legal authority allows ABC to monitor employees using company owned resources?
Question 16 options:
The Wiretap Act | |
Electronic Communications Privacy Act | |
Stored Communications Act | |
Communications Assistance to Law Enforcement Act |
View hint for Question 16 |
Question 17 (10 points)
Company XYZ wants to start using consumer reports obtained from consumer reporting agencies (CRAs) when the HR department performs reference checking and background checks of future and current employees. Permissible purposes for using consumer reports include employment purposes which in turn include (1) preemployment screening for the purpose of evaluating the candidate for employment and (2) determining if an existing employee qualities for promotion, reassignment or retention. Which of the following allows an employer to obtain a consumer report assuming the employer meets all standards?
Question 17 options:
The Electronic Communications Privacy Act (ECPA) | |
The Fair Credit Reporting Act (FCRA) | |
The National Labor Relations Act (NLRA) | |
The Fair Labor Standards Act (FLSA) |
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started