CIPP/US EXAM WITH 100% VERIFIED CORRECT ANSWERS

CIPP/US EXAM WITH 100% VERIFIED CORRECT ANSWERS Red Flags Rule - Answer-The first rule established by FACTA in 2003, this rule requires creditors and financial institutions to address the risk of identity theft by developing and implementing written identity theft prevention programs to help identify, detect and respond to patterns, practices or specific activities known as red flags that could indicate identity theft. Disposal Rule - Answer-The second rule established by FACT, went into effect in 2005, in accordance with this rule, any business or individual who uses a consumer report for a business purpose must ensure the proper disposal of information in the consumer report to protect against "unauthorized access to or use of the information". The standard for the proper disposal is flexible and allows organization and individuals covered to determine what measures are reasonable based on sensitivity of information. Privacy Rule (GLBA) - Answer-In accordance with this GLBA rule, domestic financial institutions are required to provide an initial privacy notice to all customers when the customer relationship is established and annually thereafter. The notice must be given to individual customers by mail or in person delivery. Other ways can be acceptable depending on the type of business the institution is engaged in. Also, the mechanism for providing opt-out must be reasonable and the institution must provide a reasonable time for opt-out. Safeguards Rule - Answer-In accordance with this GLBA rule, domestic financial institutions must develop a written information secruity plan protecting customer information. Must be appropriate to company's size, complexity, nature, and scope of its activities, and sensitivity of customer information it handles. As part of the plan the company must designate one or more employees to coordinate the info security program, identify and assess risks to customer information in relevant areas of the operation and evaluate effectiveness of current safeguards for controlling these risks, design, implement, monitor, and test the program, select service providers that maintain appropriate safeguards, including having contract that requires them to maintain them, and evaluate the program in light of relevant circumstances. Consumer vs. Customer - Answer-According to GLBA, a consumer is a person who obtains or has obtained a financial product or service from a financial institution that is to be used for personal, family, or household purposes primarily. A customer is a consumer with a continuing relationship. Customers must be given a copy of the privacy notice when the relationship begins.