Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Exin Exam PDPF Topic 5 Question 60 Discussion

Actual exam question for Exin's PDPF exam
Question #: 60
Topic #: 5
[All PDPF Questions]

While performing a backup, a data server disk crashed. Both the data and the backup are lost. The disk contained personal data, but no special category personal dat

a. The processor states that this is a personal data breach. Is the statement of the processor true?

Show Suggested Answer Hide Answer
Suggested Answer: A

To advise the controller on the mitigation of privacy risks to protect the controller from liability claims for non-compliance. Incorrect. The supervisory authority has the task to monitor compliance and to advise on enhancements, but its purpose is not to protect the controller.

To fulfill the obligation in the GDPR to implement appropriate technical and organizational measures for data protection. Incorrect. The audit is not the implementation of the measures, but an assessment of the effectiveness of them.

To monitor and enforce the application of the GDPR by assessing that processing is performed in compliance with the GDPR. Correct. According to the GDPR this is an important task of a supervisory authority. (Literature: A, Chapter 7; GDPR Article 57 (1)(a))


by Glennis at May 07, 2024, 10:20 AM

Limited Time Offer

25%

Off

Get Premium PDPF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Rasheeda
30 days ago
Option D is clearly the best choice here. It's just a security incident, not a full-blown data breach. The processor is making a mountain out of a molehill.
upvoted 0 times
Onita
8 days ago
User 1: I think option D is the correct choice. It's just a security incident.
upvoted 0 times
...
...
Joana
1 months ago
Haha, I bet the processor is just trying to cover their own behind. 'No special category data? No problem!' What a loophole!
upvoted 0 times
Delmy
3 days ago
B) No, because no personal data on the disk were processed, only destroyed
upvoted 0 times
...
Malinda
19 days ago
A) Yes, because there were no special category personal data stored on the disk.
upvoted 0 times
...
...
Kati
1 months ago
I disagree. Option C is the way to go. The personal data were processed, even if it was unlawfully. That's a data breach according to the processor's statement.
upvoted 0 times
...
Jesusa
2 months ago
Hmm, I'm not so sure. Option B makes sense to me. Since the data were only destroyed and not processed, it may not qualify as a data breach.
upvoted 0 times
Valentin
19 days ago
User 2: Yeah, I agree. It may not qualify as a data breach if no personal data were processed.
upvoted 0 times
...
Meghann
30 days ago
User 1: I think Option B is correct. The data were only destroyed, not processed.
upvoted 0 times
...
Ashley
1 months ago
User 1: I think option B is correct. The data was only destroyed, not processed.
upvoted 0 times
...
...
Kenneth
2 months ago
True, but any personal data being lost can still be considered a breach.
upvoted 0 times
...
Arlene
2 months ago
I think the correct answer is A. The processor is right because the data on the disk were personal data, even if they weren't special category. A data breach has occurred.
upvoted 0 times
...
Felicia
2 months ago
But there were no special category personal data, so maybe it's not a breach.
upvoted 0 times
...
Kenneth
2 months ago
I think the processor is right. It's a personal data breach.
upvoted 0 times
...

Save Cancel