DATA PROTECTION & PRIVACY TRAINING

Welcome to your e-assessment.

Number of Questions: 20

Time Allowed: 15 minutes.

You are allowed only one (1) attempt.

By clicking Start, you consent to your personal information being processed in line with DataPro’s Privacy Policy.

Name

Organisation

While NDPA protects and safeguards the rights and freedom of every Nigerian over their personal data, GDPR

affects organizations in Nigeria that process the personal data of EU citizens

ensure that businesses and government agencies in California remain competitive in international trade

protects the personal data of individuals in South Africa

affects all organization and individuals around the world.

None

What is the lawful basis for processing data?

consent

legitimate interest

contractual necessity

all of the above

None

What are the potential enforcement orders that can be imposed on a data controller or data processor for violating data protection regulations?

Compensation to affected individuals

Suspension of business operations

Public apology

Mandatory data breach notification

All of the above

None

……………….. is responsible for handling complaints from data subjects

Data Protection Officer

data processor

customer service

Human resources

None

What factors does the Commission consider when determining sanctions for violations of data protection regulations?

Annual revenue of the organization

Number of data breaches

Duration of the violation

Level of employee satisfaction

All of the above

None

What is one of the potential impacts of a personal data breach?

Identity Fraud

Social Media Addiction

Physical Fitness Improvement

Environmental Conservation

None

…………………..is any individual person who can be identified directly or indirectly by an identifier, factor, physiological cultural or social identity

data miner

data subject

data processor

data contractor

None

What is the main purpose of a Data Protection Impact Assessment (DPIA)?

To identify potential risks and impacts to individuals' data privacy

To assess the effectiveness of cybersecurity measures

To determine the financial impact of a data breach

To evaluate the performance of data protection officers

None

What actions may be taken to limit the damage caused by a breach?

Password changes

Disabling swipe access to secure areas

Searching for lost equipment

Forensics

All of the above

None

Consent should be given through clear affirmative action. Which of the following satisfies the requirement?

Pre-ticked boxes on electronic forms

Silence or inactivity of the individual

Provision of an opt-out option after data processing has occurred

Active selection of options such as ticking a box or appending a signature

None

Who can be deemed culpable if an offence is committed by a body corporate or firm?

Shareholders

Employees

Principal officers

Regulatory authorities

None

How can email etiquette help prevent data breaches?

By encrypting all email attachments

By using blind carbon copy (BCC) when sending to multiple recipients

By forwarding all emails to everyone in the organization

By replying to spam emails with personal information

None

The NDPA is technology neutral and applies to both manual and electronic processing of personal data.

True

False

None

What regulatory authority is responsible for investigating potential breaches of privacy rights in Nigeria?

NITDA

NDPC

LIRS

EFCC

None

All but one constitutes personal data

BVN

CCTV footage

fingerprint

call recording

None

Which of the following is an exception to the application of the Nigeria Data Protection Act?

Personal data processed by an individual for personal or domestic use

Personal data processed for law enforcement purposes

Personal data processed by government institutions for national security purposes

All of the above

None

What are some of the responsibilities of a departmental privacy champion?

Handling basic inquiries and escalating as needed

Developing data security policies

Conducting high-risk reviews independently

Managing the entire privacy program

None

……………… is any information relating to an identified or identifiable natural person

data

identity

personal data

personal identification

None

What is the principle of data minimization?

Collecting and using as much data as possible for analysis

Limiting the collection of personal data to what is necessary for a specific purpose

Sharing personal data with third parties without individuals' consent

Retaining personal data indefinitely for future use

None

What is the difference between a data controller and a data processor?

A data controller determines the purposes and means of data processing, while a data processor processes data on behalf of the data controller.

A data controller only handles sensitive personal data, while a data processor handles non-sensitive data

A data controller is responsible for data breaches, while a data processor is not liable

A data controller is an individual, while a data processor is an organization

None

Time's up

Time is Up!

DATA PROTECTION & PRIVACY TRAINING

Welcome to your e-assessment.

Title