Home DATA PROTECTION AND PRIVACY DATA PROTECTION AND PRIVACY.

DATA PROTECTION AND PRIVACY

0 %

Completed

Course content

DATA PROTECTION AND PRIVACY.

10 XP
Prev Next
Fullscreen Share
Rating
0 0

There are no comments for now.

Join this Course
to be the first to leave a comment.

1. Over-Collection at Origination A loan officer collects: ID Phone number Social media handles Full family contact list …even though only ID and phone are required. Which principle is MOST clearly violated?
Accuracy Data Minimization Storage Limitation Accountability
2. Customer data collected for loan processing is later used to send marketing messages without informing the customer. What is the main issue?
Data breach Lack of encryption Violation of purpose limitation and consent Data inaccuracy
3. An MFI uses a fintech platform to process loan applications. The fintech only processes data based on instructions from the MFI. Who is the Data Controller?
The fintech The customer The MFI Both equally
4. A loan form includes a pre-ticked box stating: “I agree to all data usage and sharing.” What is the issue?
Consent is valid Consent is implied Consent is not valid because it is not explicit Consent only applies to marketing
5. A customer is listed on CRB but claims they were never informed or did not consent. What is the key risk?
Data accuracy issue Breach of consent and transparency requirements Storage limitation issue System failure
6. A loan officer shares customer bank statements in a WhatsApp group for approval. What is the PRIMARY risk?
Data inaccuracy Unauthorized disclosure of personal data Data duplication Slow processing
7. An institution stores customer data on servers located outside Kenya without informing customers or assessing legal requirements. What is the issue?
No issue if data is stored securely Violation of cross-border data transfer requirements Only a technical issue Only affects IT department
8. A staff member accesses customer accounts outside their portfolio “out of curiosity.” What principle is violated?
Accuracy Data Minimization Integrity & Confidentiality Storage Limitation
9. An institution keeps all customer data indefinitely, even after loan closure. What is the key issue?
Data breach Violation of storage limitation principle Consent issue Processing issue
10. A laptop containing unencrypted customer data is stolen. How should this be classified?
Not a breach System failure Data breach due to loss of personal data Internal error
11. After discovering a breach, management delays reporting for several days to “investigate internally.” What is the issue?
No issue Good practice Violation of breach reporting timelines Only affects IT