Which action will help a business prove compliance under Canada’s Anti-Spam Legislation (CASL)?
How would an individual determine whether their personal information was used by the federal government for data matching?
As response to TJX Winners - Homesense, why is "hashing" preferable to storing a personal identifier such as a driver’s license number?
Under the Personal Information Protection and Electronic Documents Act (PIPEDA), an organization must maintain a record of every breach of security safeguards involving personal information for a minimum of?
Which of the following existing frameworks is least effective in addressing emerging AI issues while specific AI legislation is being decided?
Of the key principles in the Personal Information Protection and Electronic Documents Act (PIPEDA), which principle in particular contributes to the increase in privacy policies in recent years?
Which question is NOT part of the Office of the Privacy Commissioner of Canada’s (OPC’s) four-point test for establishing whether providing access to genetic testing results goes beyond what is necessary or reasonable?
What must a federal government department do before it implements an electronic service (e-service)?
What is required through the "circle of care" concept under Canadian health information privacy law?
In what situation is the federal Privacy Commissioner authorized to proceed to federal court?
A new client is opening a Registered Retirement Savings Plan. Their investment advisor asks for their social insurance number (SIN). The advisor must tell the client that because they are opening a tax reporting product, their SIN is mandatory for tax reporting purposes and?
The process of de-identification where new data elements are substituted for identifying information is?
What is a difference between the Personal Information Protection and Electronic Documents Act (PIPEDA) and the Personal Information Privacy Act (PIPA) of both Alberta and British Columbia?
Which case, brought before the Federal Court, helped determine that the Office of the Privacy Commissioner of Canada (OPC) had jurisdiction to investigate complaints about United States companies collecting, using and disclosing the personal information of individuals within Canada?
Under PIPEDA, each of the following are considered to be personal information EXCEPT?
According to the Voluntary Code of Conduct on the Responsible Development and Management of Advanced Generative AI Systems, signatories commit to doing all of the following EXCEPT?
What is critical to consider when an organization responsible for a large number of records wants to outsource the storage of those records?