Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ACFE CFE-Law Exam - Topic 1 Question 24 Discussion

Which of the following is NOT a requirement of the European Union's (EU) General Data Protection Regulation (GDPR)?
B) An organization must have a documented lawful basis for collecting or processing personal data.
A) An organization must delete a data subject's personal data automatically when the data are no longer m use.
C) An organization generally must notify all affected data subjects without undue delay when a high-risk data breach occurs
D) An organization must confirm or deny that it possesses a data subject's personal data upon that individual's request

ACFE CFE-Law Exam - Topic 1 Question 24 Discussion

Actual exam question for ACFE's CFE-Law exam
Question #: 24
Topic #: 1
[All CFE-Law Questions]

Which of the following is NOT a requirement of the European Union's (EU) General Data Protection Regulation (GDPR)?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Kate at Oct 05, 2023, 06:26 AM

Limited Time Offer

25%

Off

Get Premium CFE-Law Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Malinda
6 months ago
I’m surprised A is even an option here!
upvoted 0 times
...
Madelyn
7 months ago
B and C are the real deal, no doubt about it.
upvoted 0 times
...
Carrol
7 months ago
Wait, I thought organizations had to delete data automatically?
upvoted 0 times
...
Malcolm
7 months ago
Totally agree, A is misleading!
upvoted 0 times
...
Leslee
7 months ago
A is definitely not a requirement.
upvoted 0 times
...
Francoise
8 months ago
I’m leaning towards option C being a requirement since I studied about breach notifications, but I’m not 100% confident about the specifics.
upvoted 0 times
...
Cheryl
8 months ago
I definitely remember that organizations need a lawful basis for processing data, so option B seems like a requirement.
upvoted 0 times
...
Alease
8 months ago
I'm not entirely sure, but I feel like option D is also a tricky one. I practiced a question where organizations had to confirm possession, but I can't recall the exact details.
upvoted 0 times
...
Albert
8 months ago
I think option A might be the one that's not a requirement. I remember something about data retention policies being more flexible.
upvoted 0 times
...
Aliza
8 months ago
I'm feeling confident about this one. The GDPR doesn't mandate automatic deletion of data, just that organizations have a valid reason for keeping it. I'll go with A.
upvoted 0 times
...
Solange
8 months ago
Okay, let me think this through. I know the GDPR requires organizations to have a lawful basis for processing data, and to notify data subjects of breaches. I think the answer is A.
upvoted 0 times
...
Cherilyn
8 months ago
Hmm, I'm a bit confused on this one. I know the GDPR has a lot of requirements, but I can't quite remember all the details.
upvoted 0 times
...
Samira
8 months ago
I'm pretty sure the answer is A. The GDPR doesn't require automatic deletion of personal data when it's no longer in use.
upvoted 0 times
...
Rodolfo
8 months ago
I think I know the answer, but I want to double-check my understanding before selecting it.
upvoted 0 times
...
Nichelle
8 months ago
Hmm, this looks like a tricky one. I think I'll start by considering the options that directly address the performance issue, like increasing the number of workers or using a larger instance type.
upvoted 0 times
...
Ivan
8 months ago
Based on the description, I think Social Studio would be the most appropriate solution. It sounds like it would allow the Alumni Relations office to manage their responses across Instagram, Twitter, and Facebook from a single platform.
upvoted 0 times
...

Save Cancel