[CCCure CISSP] Qs5 Law: cccure QuizEngn doubts

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[CCCure CISSP] Qs5 Law: cccure QuizEngn doubts

Amlan Deb
Hello everyone,
 
I have some doubts regarding some cccure Quiz questions and concepts mentioned below. Would really appreciate it if you could take out some time and help me with them. Request you to please provide a quick reply as I need to appear for the exam in the month of July.
 
Thanks,
Amlan
 

Doubt#5
========

 

83. 

1.     Question: 2253 | Difficulty: 2/5 | Relevancy: 3/3

The US-EU Safe Harbor process has been created to address which of the following?

o      Integrity of data transfered between U.S. and european companies

o      Confidentiality of data transfered between U.S  and European companies

o     Protection of personal data transfered between U.S and European companies

o      Confidentiality of data transfered between European and international companies

You did not provide any answer to this question. Please review details below.

The correct answer is: Protection of personal data transfered between U.S and European companies

US-EU Safe Harbor is a streamlined process for US companies to comply with the EU Directive 95/46/EC on the protection of personal data.

The European Commission’s Directive on Data Protection went into effect in October of 1998, and would prohibit the transfer of personal data to non-European Union countries that do not meet the European Union (EU) “adequacy” standard for privacy protection.

While the United States and the EU share the goal of enhancing privacy protection for their citizens, the United States takes a different approach to privacy from that taken by the EU. In order to bridge these differences in approach and provide a streamlined means for U.S. organizations to comply with the Directive, the U.S. Department of Commerce in consultation with the European Commission developed a "safe harbor" framework and a website to provide the information an organization should need to evaluate – and then join – the U.S.-EU Safe Harbor program.  See link to the website listed below.

Intended for organizations within the EU or US that store customer data, the Safe Harbor Principles are designed to prevent accidental information disclosure or loss. US companies can opt into the program as long as they adhere to the 7 principles outlined in the Directive.

The process was developed by the US Department of Commerce in consultation with the EU.

The following answers are incorrect:

o Integrity of data transfered between U.S. and european companies: Integrity is not the goal of the Safe Harbor requirements.

o Confidentiality of data transfered between U.S  and European companies: Confidentiality is not the goal of the Safe Harbor requirements

o Confidentiality of data transfered between European and international companie: Safe Harbor has been created to deal with U.S. companies and does not focus on confidentiality.


The following reference(s) were/was used to create this question:
All In One by Shon Harris 5th edition p(855)

Wikipedia: The United States Department of Commerce runs a certification program which it calls Safe Harbor and which aims to harmonize data privacy practices in trading between the United States of America and the stricter privacy controls of the European Union Directive 95/46/EC on the protection of personal data. For more information, see Safe Harbor Principles.

http://export.gov/safeharbor/eu/eg_main_018365.asp : U.S. – European Union Safe Harbor

 Question contributed by: Bruno Charon

 



My doubt:  Is my understanding correct that the Safe Harbour process is only applicable between EU and US companies and not between EU and any other international company?

 

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org