Exin Exam PDPF Topic 2 Question 31 Discussion

Actual exam question for Exin's PDPF exam

Question #: 31
Topic #: 2

[All PDPF Questions]

After notifying the supervisory authority, what should be the first action the controller must take when it finds a security breach where unauthorized people have accessed personal data?

AContact the DPO for formal notification to the Supervisory Authority.

BAnalyze whether sensitive data has been accessed.

CRegister a Police Report at the cybercrime station.

DNotify data subjects that have been subject to a security breach.

Show Suggested Answer

Suggested Answer: D

Data protection and privacy are complementary, but not the same thing.

A very repeated phrase is: ''It is possible to have security without privacy, but it is not possible to have privacy without security''.

Privacy is a right that must be protected, and Data Protection are the measures that will be used to achieve this protection.

by Theola at Sep 16, 2022, 11:15 AM

Limited Time Offer

25%

Off

Get Premium PDPF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Crista

3 days ago

I think option B is the correct answer. Analyzing the data accessed is the first step to understand the impact of the breach.

upvoted 0 times

...

Verlene

4 days ago

I think analyzing whether sensitive data has been accessed is also crucial before taking any further actions.

upvoted 0 times

...

Dustin

6 days ago

I agree with Salena. It's important to notify the authorities first to handle the breach properly.

upvoted 0 times

...

Salena

9 days ago

I think the first action should be to contact the DPO for formal notification to the Supervisory Authority.

upvoted 0 times

...