Q: 9
A private sector daycare’s portal for parents stores their children’s photos, allergy information date of birth. A parent has asked about the portal’s security requirements and in three months still not has received an answer. What is missing from the daycare’s procedures?
Options
Discussion
Yeah that's a clear miss on responding within 30 days.
B, since the 30 day response window is a hard PIPEDA rule here.
Responding to the parent's request within 30 days
B
Ugh, classic PIPEDA nitpick. It's all about the 30-day response rule for access requests, not transparency in a general sense. So pretty sure the missing bit is responding to the parent within 30 days (B). Anyone see differently?
B, not A. Privacy laws like PIPEDA require organizations to reply to access or info requests within a set timeframe (usually 30 days). The daycare missed that so it’s a procedural gap. Pretty sure on this, but let me know if you see it differently.
A. Ensuring transparency, thought that was the trap since they didn't provide info back.
Responding within 30 days is the key issue. PIPEDA requires organizations to reply to access requests in that timeframe, so the daycare missed a basic compliance step. Pretty sure B covers it, unless I've misunderstood the regulations here.
Saw something just like this on a practice test. The real issue is they didn't reply within the 30-day period set out by PIPEDA, so it's about responding to the parent’s request in time. Think B is right but happy to hear other takes.
Responding to the parent's request within 30 days. Seen similar logic in official practice sets, response timelines are a big deal under PIPEDA/CASL. Not 100% but official guide really emphasizes timely access rights.
Be respectful. No spam.
