Certified Information Privacy Technologist (CIPT) — Question 34

After committing to a Privacy by Design program, which activity should take place first?

Answer options

• A. Create a privacy standard that applies to all projects and services.
• B. Establish a retention policy for all data being collected.
• C. Implement easy to use privacy settings for users.
• D. Perform privacy reviews on new projects.

Correct answer: A

Explanation

The correct answer is A, as creating a privacy standard is fundamental to guiding all subsequent actions within the Privacy by Design framework. Establishing a retention policy, implementing privacy settings, and performing reviews all depend on having a clear standard in place to ensure consistency and compliance across projects.