PLC Cheat Sheet 2026
The 30 highest-yield PLC facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.
90 questions
150 min time limit
70.00% to pass
- Which competency is MOST essential for professionals working in contract review & negotiation in Privacy Law? → Critical thinking combined with practical application of knowledge
- When facing an unfamiliar challenge in document preparation & filing within Privacy Law, what is the BEST approach? → Research established best practices, consult colleagues, and document the approach
- Under the California Privacy Rights Act (CPRA), businesses must conduct cybersecurity audits and risk assessments when their processing poses what type of risk? → Significant risk to consumers' privacy or security
- Under GDPR Article 25, 'data protection by design and by default' requires controllers to implement appropriate technical measures at what point? → At the time of determining means of processing AND at the time of processing itself
- Which US federal law requires financial institutions to notify customers of a security breach involving their personal financial information? → Gramm-Leach-Bliley Act (GLBA)
- GPS tracking installed on an employee-owned personal vehicle used for work is: → Generally impermissible without the employee's explicit consent
- When facing an unfamiliar challenge in contract review & negotiation within Privacy Law, what is the BEST approach? → Research established best practices, consult colleagues, and document the approach
- Which entity evaluates whether a non-EU country provides adequate protection? → European Commission
- Under the Genetic Information Nondiscrimination Act (GINA), employers are prohibited from: → Using genetic information in hiring, firing, or compensation decisions
- Under the GDPR, what is the maximum administrative fine for severe violations? → €20 million or 4% of annual global turnover
- What is the PRIMARY benefit of documenting courtroom procedures & protocols in Privacy Law? → Creating a reference for quality assurance, training, and continuous improvement
- Which element is ESSENTIAL for an effective regulatory frameworks & compliance program in Privacy Law? → Regular audits and continuous monitoring processes
- What did the Schrems II ruling invalidate? → Privacy Shield
- When learning new courtroom procedures & protocols in Privacy Law, which approach is MOST effective? → Combining theoretical study with supervised practical application
- Which factor BEST indicates mastery of document preparation & filing in Privacy Law? → The ability to adapt knowledge and skills to varying contexts while maintaining standards
- When an employee returns from FMLA leave, their medical certification and related health information must be: → Kept in a separate confidential medical file, apart from the general personnel file
- When addressing difficult situations through client communication & advocacy in Privacy Law, what strategy is BEST? → Acknowledging concerns, providing clear information, and offering solutions
- Which of the following is a legal basis for processing personal data under GDPR? → Consent
- What enforcement action can the FTC take against companies violating privacy agreements? → Issue consent decrees
- Which is a lawful basis for data transfer under GDPR when no adequacy decision exists? → Binding Corporate Rules
- Which US federal law specifically governs the privacy of video rental and streaming records, and what does it prohibit? → VPPA — prohibits disclosure of video viewing records without consent
- Which of the following is a potential penalty under the CCPA for intentional violations? → $7,500 per violation
- Which of the following is NOT typically required in a state breach notification letter to affected individuals? → The name of the employee responsible for the breach
- What mechanism is commonly used under GDPR for lawful data transfers outside the EU? → Standard Contractual Clauses
- Which of the following employee records is generally NOT subject to heightened confidentiality requirements under U.S. federal privacy law? → Performance review ratings shared through normal HR management processes
- What is the PRIMARY objective of contract review & negotiation within the Privacy Law profession? → To ensure quality outcomes through standardized practices and continuous improvement
- In Privacy Law, what is the MOST effective approach to client communication & advocacy? → Active listening combined with clear, empathetic communication
- A company wants to analyze user behavior patterns without exposing individual identities. Which Privacy by Design technique BEST supports this goal? → Data aggregation and statistical analysis at the group level
- What principle requires that personal data be collected for specified, legitimate purposes? → Purpose limitation
- Transparency in data collection ensures that: → Individuals know how their data is used
Turn these facts into recall: