Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

BCS PDP9 Exam - Topic 5 Question 20 Discussion

Actual exam question for BCS's PDP9 exam
Question #: 20
Topic #: 5
[All PDP9 Questions]

When does a personal data breach need to be reported to a supervisory authority?

Show Suggested Answer Hide Answer
Suggested Answer: A

The definitions of ''public authority'' and ''public body'' for the purposes of the UK GDPR and the Data Protection Act 2018 are found in the Freedom of Information Act 2000 and the Data Protection Act 2018 respectively. Section 7 of the Data Protection Act 2018 provides that a public authority or a public body is one that is listed in Schedule 1 to the Freedom of Information Act 2000, or is designated by an order under section 5 of that Act. However, a court or tribunal acting in its judicial capacity is not considered a public authority or a public body under the Data Protection Act 2018.Reference:

Section 7 of the Data Protection Act 20181

Schedule 1 to the Freedom of Information Act 2000


by Carman at Jul 15, 2024, 11:20 AM

Limited Time Offer

25%

Off

Get Premium PDP9 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Miriam
4 months ago
D sounds a bit strange. Freedom of expression over privacy? Really?
upvoted 0 times
...
Carmela
4 months ago
Totally agree with C! It's all about the risk factor.
upvoted 0 times
...
Allene
4 months ago
Wait, so B isn't enough? That seems off.
upvoted 0 times
...
Arlie
4 months ago
I think A is too broad. Not all breaches need reporting.
upvoted 0 times
...
Lavonda
5 months ago
C is correct! Only report if there's a risk to rights and freedoms.
upvoted 0 times
...
Harley
5 months ago
I don't think the controller's freedom of expression is relevant here. It seems more about the potential harm to individuals, which makes me lean towards option C.
upvoted 0 times
...
Penney
5 months ago
I feel like all breaches should be reported, but I think there are specific criteria that determine when it's mandatory. Wasn't there something about special category data too?
upvoted 0 times
...
Theola
5 months ago
I remember practicing a question similar to this, and I believe it was about assessing the impact of the breach on data subjects. That might relate to option C.
upvoted 0 times
...
Valentin
5 months ago
I think a breach needs to be reported when it poses a risk to individuals' rights and freedoms, but I'm not entirely sure if that's the only condition.
upvoted 0 times
...
Karl
5 months ago
This is a tricky one. I'm not totally sure, but I think the correct answer is C. I'll double-check the information, but that's my best guess for now.
upvoted 0 times
...
Laurel
5 months ago
Okay, let me think this through. The key seems to be whether the breach poses a risk to people's rights and freedoms. I'll focus on that when deciding which answer to choose.
upvoted 0 times
...
Dolores
5 months ago
Hmm, I'm a bit confused on this one. Do we have to report all personal data breaches, or just the ones involving special category data? I'll need to review the details again.
upvoted 0 times
...
Penney
5 months ago
I think I know the answer to this one. It's option C - where the personal data breach is likely to result in a risk to the rights and freedoms of natural persons.
upvoted 0 times
...
Gilberto
6 months ago
I'm a little unsure on this one. My first instinct was to say the btool.log file, since that's where Splunk logs information about the configuration files. But the question is specifically about monitor stanzas, so the splunkd.log file might be the better choice. I'll have to think this through carefully.
upvoted 0 times
...
Kate
6 months ago
I think an unclaimed device might be one that hasn't been set up with a workflow, but I'm not entirely sure.
upvoted 0 times
...
Adria
6 months ago
Hmm, I'm a bit confused by the error message. I'll need to review the details of the question again.
upvoted 0 times
...
Chauncey
11 months ago
I bet the right answer is hidden in the fine print, like 'unless the breach involves a cat video with over 1 million views.'
upvoted 0 times
Crista
9 months ago
That's correct! It's important to report breaches that could impact people's rights and freedoms.
upvoted 0 times
...
Brittney
9 months ago
C) Where the personal data breach is likely to result in a risk to the rights and freedoms of natural persons.
upvoted 0 times
...
Twanna
10 months ago
A) All personal data breaches must be reported to a supervisory authority
upvoted 0 times
...
...
Vincenza
11 months ago
B is way too narrow. Special category data is just one type of data that needs to be reported.
upvoted 0 times
Kristeen
10 months ago
B) Only where a disclosure is of special category data
upvoted 0 times
...
Willodean
10 months ago
C) Where the personal data breach is likely to result in a risk to the rights and freedoms of natural persons.
upvoted 0 times
...
Rosann
10 months ago
A) All personal data breaches must be reported to a supervisory authority
upvoted 0 times
...
...
Kattie
11 months ago
D is just nonsense. Freedom of expression has nothing to do with reporting a data breach!
upvoted 0 times
Octavio
9 months ago
C) Where the personal data breach is likely to result in a risk to the rights and freedoms of natural persons.
upvoted 0 times
...
Tijuana
9 months ago
B) Only where a disclosure is of special category data
upvoted 0 times
...
Carli
10 months ago
C) Where the personal data breach is likely to result in a risk to the rights and freedoms of natural persons.
upvoted 0 times
...
Amie
10 months ago
A) All personal data breaches must be reported to a supervisory authority
upvoted 0 times
...
...
Nickole
11 months ago
I think A is a bit too broad. Not all breaches need to be reported, just the ones that pose a risk.
upvoted 0 times
...
Sharan
11 months ago
But what about special category data? Shouldn't those be reported too?
upvoted 0 times
...
Cordelia
11 months ago
C is the correct answer. The GDPR requires personal data breaches to be reported to the supervisory authority when they are likely to result in a risk to the rights and freedoms of individuals.
upvoted 0 times
Chi
10 months ago
That makes sense. It's important to protect people's rights and privacy.
upvoted 0 times
...
Arlette
10 months ago
C is the correct answer. The GDPR requires personal data breaches to be reported to the supervisory authority when they are likely to result in a risk to the rights and freedoms of individuals.
upvoted 0 times
...
...
Casandra
11 months ago
I agree with Michael, reporting a breach that poses a risk to people's rights is crucial for their protection.
upvoted 0 times
...
Michael
12 months ago
I think a personal data breach needs to be reported when it is likely to result in a risk to the rights and freedoms of natural persons.
upvoted 0 times
...

Save Cancel