Certified Information Privacy Professional – United States (CIPP/US) — Question 189

Under GLBA, which of these organizations would not be required to provide its customers with an annual privacy notice?

Answer options

• A. An insurance company that has no privacy department.
• B. An auction house that also acts as a financial institution.
• C. A credit union that has made changes to its privacy notice from last year.
• D. A credit union that has not made changes to its privacy notice from last year.

Correct answer: D

Explanation

The correct answer is D because under GLBA, organizations are not required to issue an annual privacy notice if there have been no changes to the previous year's notice. Options A, B, and C involve entities that either lack necessary privacy departments or have made changes requiring notification.