Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

IAPP Exam CIPP-E Topic 3 Question 96 Discussion

Actual exam question for IAPP's CIPP-E exam
Question #: 96
Topic #: 3
[All CIPP-E Questions]

As a Data Protection Officer for a small bank in the European Union, you receive a data subject access request from one of your customers. The customer provides you with his

name, and has used the email address registered in your system.

What would be the most appropriate way to confirm the identity of the customer?

Show Suggested Answer Hide Answer
Suggested Answer: B

According to the CIPP/E study guide, data controllers should use the least intrusive means of verifying the identity of data subjects who make requests under the GDPR. Asking for a copy of an ID document or a bank account statement may be disproportionate and excessive, as they contain more personal data than necessary for authentication. Asking for the bank account number may not be sufficient, as it may be easily obtained by third parties. Therefore, the most appropriate way to confirm the identity of the customer is to ask additional security questions that only the customer would know, such as the date of the last transaction, the amount of the last deposit, or the name of the beneficiary of a recurring payment.


by Lawana at Sep 16, 2024, 04:45 PM

Limited Time Offer

25%

Off

Get Premium CIPP-E Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Golda
10 months ago
Haha, imagine if the customer was like, 'My ID? Yeah, I left that at home. Can I just send you a selfie instead?'
upvoted 0 times
...
Goldie
11 months ago
D is the correct answer. A government ID is the most secure way to confirm the customer's identity.
upvoted 0 times
Reyes
10 months ago
Caitlin: Thank you for providing that. Your identity has been confirmed.
upvoted 0 times
...
Caitlin
10 months ago
Sure, here is a copy of my ID.
upvoted 0 times
...
Nell
10 months ago
Can you confirm your identity by providing a copy of your government-issued ID?
upvoted 0 times
...
...
Arlette
11 months ago
Hmm, I don't know. Requesting their bank account number seems a bit too invasive, don't you think?
upvoted 0 times
Stefanie
9 months ago
Xochitl: Agreed, let's go with that.
upvoted 0 times
...
Laila
9 months ago
User 3: That sounds like a better option to confirm the customer's identity.
upvoted 0 times
...
Xochitl
10 months ago
Maybe we can request additional security questions instead.
upvoted 0 times
...
Mariann
10 months ago
I agree, asking for the bank account number is too much.
upvoted 0 times
...
...
Edelmira
11 months ago
I'm not sure, but I think requesting additional security questions could also be a good way to confirm the identity of the customer.
upvoted 0 times
...
Caitlin
11 months ago
B would be my pick. Security questions are a standard practice to verify the customer's identity.
upvoted 0 times
Reid
11 months ago
Agreed. Security questions can help ensure the customer's identity is confirmed.
upvoted 0 times
...
Kenneth
11 months ago
That's a good choice. It's important to have multiple layers of verification.
upvoted 0 times
...
Gianna
11 months ago
B) Request that the customer answer additional security questions.
upvoted 0 times
...
...
Micah
11 months ago
I agree with Madelyn. It's important to verify the identity of the customer before providing any personal data.
upvoted 0 times
...
Sabra
11 months ago
D is the way to go. A government-issued ID is the most reliable way to confirm the customer's identity.
upvoted 0 times
Avery
11 months ago
I agree, requesting a copy of the customer's government-issued ID document is the most secure way to confirm identity.
upvoted 0 times
...
Avery
11 months ago
D is the best option. A government-issued ID is the most reliable way to confirm identity.
upvoted 0 times
...
...
Madelyn
11 months ago
I think the most appropriate way would be to request a copy of the customer's government-issued ID document.
upvoted 0 times
...

Save Cancel