IAPP CIPP/US Exam - Topic 3 Question 5 Discussion

Actual exam question for IAPP's CIPP/US exam

Question #: 5
Topic #: 3

Global Manufacturing Co's Human Resources department recently purchased a new software tool. This tool helps evaluate future candidates for executive roles by scanning emails to see what those candidates say and what is said about them. This provides the HR department with an automated ''360 review'' that lets them know how the candidate thinks and operates, what their peers and direct reports say about them, and how well they interact with each other.

What is the most important step for the Human Resources Department to take when implementing this new software?

AMaking sure that the software does not unintentionally discriminate against protected groups.

BEnsuring that the software contains a privacy notice explaining that employees have no right to privacy as long as they are running this software on organization systems to scan email systems.

CConfirming that employees have read and signed the employee handbook where they have been advised that they have no right to privacy as long as they are using the organization's systems, regardless of the protected group or laws enforced by EEOC.

DProviding notice to employees that their emails will be scanned by the software and creating automated profiles.

Show Suggested Answer

Suggested Answer: A

by Roselle at May 07, 2022, 04:06 AM

Limited Time Offer

25%

Off

Get Premium CIPP/US Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Kindra

4 months ago

Not sure if this is ethical at all...

upvoted 0 times

...

Johnna

4 months ago

D is the way to go, transparency is key!

upvoted 0 times

...

Lashanda

4 months ago

Wait, can they really scan our emails like that?

upvoted 0 times

...

Lyla

5 months ago

Definitely need to ensure no discrimination happens.

upvoted 0 times

...

Cordelia

5 months ago

Sounds like a privacy nightmare!

upvoted 0 times

...

Brittney

5 months ago

I’m a bit torn between options A and D. I know both are important, but I can’t recall which one should come first in implementation.

upvoted 0 times

...

Jerry

5 months ago

I practiced a similar question where the focus was on transparency with employees. I think option D makes the most sense in that context.

upvoted 0 times

...

Gearldine

5 months ago

I'm not entirely sure, but I feel like ensuring the software doesn’t discriminate against protected groups is a top priority. It seems like a big legal risk otherwise.

upvoted 0 times

...

Jerlene

5 months ago

I remember discussing the importance of privacy and consent in class, so I think providing notice to employees about the email scanning is crucial.

upvoted 0 times

...

Moira

5 months ago

This one seems pretty straightforward. Phishing is a classic social engineering attack, so I'm going with option A.

upvoted 0 times

...

Miriam

5 months ago

I feel pretty confident about this one. The customer needs to have a Transactional Journey with the Not Sent Notification activity included in order to set up the real-time alerts they're looking for. That's the best solution to meet their needs.

upvoted 0 times

...