Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Which of the following actions would ensure that privacy of customer data would be
maintained?
Shred confidential customer data if not required
Keeping PC or laptop unlocked
Keeping any confidential and sensitive data under lock and key
All of the above
2. At the day end, if you find your colleague has left the document containing
customer/employee personal data, what would you do?
Leave the documents as it is
Inform the colleague the next day
Lock it in your drawer and sensitise him/her the next day
Shred it
3. Improper handling of data can cause serious consequences to which of the following:
Organisation
Customer
Staff
All of the above
4. A bank sends out annual statements through post to its customers detailing transactions on
their deposit accounts during the previous year. The bank wishes to print the below on the
envelope. Out of the below mentioned what can be printed on the envelope:
Name
Account number
Address
Date of Birth
5. A guardian approaches a bank for details of the minor. What should one do
Yes
No
8. Mr. X was carrying a laptop containing large amount of customer data for some official
purpose. On the way, the laptop was stolen. What could have prevented the loss of customer
data.
Encryption of laptop
Not carrying the laptop with him
Insuring the laptop
9. An official of the Financial Intelligence Unit has sought for the transaction details of some
listed customers, as they suspect some suspicion in the activities in these accounts. What should
one do in such situations:
Provide the details at his official address after verifying the identity of the official
Obtain prior consent from the customer before sharing such details
Deny the official the desired details
Obtain concurrence from the concerned team before sharing the details
10. An employee of the Group Company seeks details of the bank customers, to cross sell their
products. What should one do, in such a situation:
Share the customer details with the staff of the Group Company as the details are getting
shared within the Group itself.
Deny sharing of the customer details with the staff of Group Company
Share the details of only those members who have opted for cross sell.
11. Bank makes a service call to the customer. But, the customer was not available on the call. It
was answered by his wife. Wife is not a joint account holder. Wife desires to know the account
balance of the customer. What should be done in such a scenario:
Customer Data
Employee Data
Internal policies of the bank
13. An employee having an access to finacle receives a call from his friend enquiring about a
transaction in his account. What should be done in such a scenario:
As requested by employee, delete the records of investigation from the employee file
Retain the record of investigation
Retain the record of investigation and add a note to the file recording the employee’s
insistence that allegations are untrue.
Deny the employees request
15. Data Privacy is the responsibility of the ______________of the organisation.
Customers
Employees
Competitors
16. If you have to send personal data of customer through mail for official requirement, what
needs to be ensured:
Yes
No
18. One can share his/her password with:
Colleagues
Superiors
IT Team
None of the above
19. An employee in his individual capacity keeps a database of his friend and relatives including
their name, address and date of birth on his office PC. In case of loss of data who can be held
responsible:
Employee himself
Organisation
Both a & b above
20. An individual approaches the branch, praises the branch manager and staff for the manner in
which the customers are treated. He shares an account number of his friend with the staff and
demands an account statement from him. What should the branch staff do in such a situation:
Should share the details if the staff knows the individual personally
Should never share the details
Should share the details only if he provides a proper authorisation letter from the customer
21. A well known film actor opens an account with the bank. The personnel processing the
account opening form and account opening cheque wishes to share the good news with someone.
With whom can he share these details:
Friends
Relatives
Colleagues from other department
None of the above
22. Which of the following is personal data for corporates
The bank has to delete all the information pertaining to the customer
The bank can keep the entire details of the customer and can share it with others
The bank can keep the basic details as required by the regulator and maintain confidentiality
The bank can keep the basic details as required by the regulator and share it with others
27. A person approaches the branch and request for a bank statement of his friend. The branch
official should provide the statement only after verifying:
Authorisation letter
ID card of the person who approached the bank
Address proof
All of the above
28. A person approaches a branch seeking information pertaining to a certain account with a
formal request letter. The branch official should provide the information to the official id of the
person, if he is:
Customers
Employees
Both a & b above
33. Which of the following is not a form of Privacy
Data Privacy
Physical Privacy
Communication Privacy
None of the above
34. Following are the most common causes for Privacy Breach:
Data Stolen
Faulty business procedure
Data Lost
Mistakenly disclosed information
35. While accepting customer's application and other service requests, one should make sure that:
Handwriting is readable
Manadatory fields are completed
All necessary documents are obtained
None of the above
36. Regulator has asked for a customer information. What would you do:
The Bank
The Customer
Both a & b above
39.A fellow employee calls up the phone banking or visits the branch mentioning that his
colleague has met up with an accident. He shares the account number, the office address and
employee ID of the victim and seeks details on the account balance. What should the staff do:
Accountability
Accuracy
Consent
Limiting Retention
42. Think Privacy is a rigid customer/employee data protection standards which gives no option
of sharing the data to anyone other than the customer/employee himself/herself.
Yes it is correct
Yes it is correct, but it is only for customer’s benefit
No it is incorrect. Think privacy, is a principle based data protection standards which allow
sharing of data to third parties as per customer/employee autorisation and to the extent that
law permits.
There is no connect between Think Privacy initiative of the bank and data protection
standards
43. Once data is received by the bank, staff members as representatives of the bank can decide
with whom it can be shared at their discretion.
Yes know your customer regulations expect banks to know about the customer from all
perspectives
Know your customer regulations have its own boundaries in seeking information from the
customer viz. customer identity and customer address
Know your customer regulations have its own boundaries in seeking information from the
customer viz. customer identity and customer address. There is no contradiction with
privacy principles but complements by stating that the information sought should be
relevant and appropriate to the product or service provided.
Absolutely right! There is clear contradiction.
45. Which of the following would lead to a Privacy Breach?
It is correct
There are no Privacy or Data protection Act enacted on our country.
There is no Privacy or Data protection Act enacted in our country. But there are
acts/regulations enacted in other countries and the bank’s privacy manual has taken inputs
from it
It is correct and in addition the bank’s privacy manual has taken inputs from acts/regulations
enacted in other countries, as well.
48. What can be treated as personal information?
Use
Consent
Collection
Disclosure
Prudence
51. The organization has taken the customer details for the purpose of account opening and the
customer has not opted for cross selling. In such a scenario what can one do with the data:
Data Privacy
Customer service
Banking Law
Fraud
53. Which of the following is breach of Data Privacy?
Yes
No
55. Which of the following is breach of Data Privacy?
Compliance Team
Department Head
Each employee
Customers
58. Which of the following is a privacy breach
Yes
No
64. An employer receives several applications for a job vacancy. The employer is successful in
recruiting the desired staff for the vacant positions. The organization holds the personal data/bio-
data of unsuccessful applicants beyond a reasonable period. Is it right to hold such information.
Right
Wrong
65. Bank is unable to locate its customer who has stopped making loan repayments. The
customer has shifted his residence without notifying the bank of the new address. The bank
engages a debt collection agency to find the customer and seek repayment of debt. In this
scenario, what can the bank do to share the details with the agency:
Can share the personal details of the customer after obtaining customer's consent
Can share the personal details of the customer after obtaining consent from the regulator
Can share the personal details of the customer without obtaining the consent of the customer
Cannot share the customer's personal details to the agency under any circumstances
66. In case of corporate, any information that is not available in the public domain but is shared
with the ICICI Group will be treated on par with personal information.
True
False
67. As per Data Privacy principles, it is always advisable to:
Yes
No
69. A relative of the customer approaches the branch for the account information of the customer. What is the right
method: