Exin Exam PDPF Topic 2 Question 31 Discussion

Actual exam question for Exin's PDPF exam

Question #: 31
Topic #: 2

[All PDPF Questions]

After notifying the supervisory authority, what should be the first action the controller must take when it finds a security breach where unauthorized people have accessed personal data?

AContact the DPO for formal notification to the Supervisory Authority.

BAnalyze whether sensitive data has been accessed.

CRegister a Police Report at the cybercrime station.

DNotify data subjects that have been subject to a security breach.

Show Suggested Answer

Suggested Answer: D

Data protection and privacy are complementary, but not the same thing.

A very repeated phrase is: ''It is possible to have security without privacy, but it is not possible to have privacy without security''.

Privacy is a right that must be protected, and Data Protection are the measures that will be used to achieve this protection.

by Theola at Sep 16, 2022, 11:15 AM

Limited Time Offer

25%

Off

Get Premium PDPF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Brynn

26 days ago

Option A sounds like the safe bet. Get the DPO involved early on to make sure everything is handled properly.

upvoted 0 times

...

Dexter

1 months ago

Ha! I bet the controller is freaking out right now. Maybe they should just unplug the whole system and call it a day.

upvoted 0 times

Bernardine

1 days ago

B) Analyze whether sensitive data has been accessed.

upvoted 0 times

...

Earnestine

20 days ago

A) Contact the DPO for formal notification to the Supervisory Authority.

upvoted 0 times

...

Gwenn

1 months ago

Hmm, I'm not sure. Option C about filing a police report seems like a good idea too, just to cover all bases.

upvoted 0 times

Gilma

2 days ago

C) Register a Police Report at the cybercrime station.

upvoted 0 times

...

Valentin

4 days ago

B) Analyze whether sensitive data has been accessed.

upvoted 0 times

...

Audry

14 days ago

A) Contact the DPO for formal notification to the Supervisory Authority.

upvoted 0 times

...

Jonell

19 days ago

B) Analyze whether sensitive data has been accessed.

upvoted 0 times

...

Irving

24 days ago

A) Contact the DPO for formal notification to the Supervisory Authority.

upvoted 0 times

...

Noel

1 months ago

I disagree, I believe D is the right choice. Notifying the data subjects is crucial to protect them from potential harm.

upvoted 0 times

...

Crista

2 months ago

I think option B is the correct answer. Analyzing the data accessed is the first step to understand the impact of the breach.

upvoted 0 times

Buddy

19 days ago

User 2: That makes sense. It's important to assess the extent of the breach before taking further actions.

upvoted 0 times

...

Chantell

20 days ago

User 1: I think option B is the correct answer. Analyzing the data accessed is the first step to understand the impact of the breach.

upvoted 0 times

...

Verlene

2 months ago

I think analyzing whether sensitive data has been accessed is also crucial before taking any further actions.

upvoted 0 times

...

Dustin

2 months ago

I agree with Salena. It's important to notify the authorities first to handle the breach properly.

upvoted 0 times

...

Salena

2 months ago

I think the first action should be to contact the DPO for formal notification to the Supervisory Authority.

upvoted 0 times

...