Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Exin PDPF Exam - Topic 5 Question 60 Discussion

While performing a backup, a data server disk crashed. Both the data and the backup are lost. The disk contained personal data, but no special category personal data. The processor states that this is a personal data breach. Is the statement of the processor true?
A) Yes, because there were no special category personal data stored on the disk.
B) No, because no personal data on the disk were processed, only destroyed
C) Yes, because the personal data on the disk were unlawfully processed.
D) No, because this is only a security incident and not a data breach

Exin PDPF Exam - Topic 5 Question 60 Discussion

Actual exam question for Exin's PDPF exam
Question #: 60
Topic #: 5
[All PDPF Questions]

While performing a backup, a data server disk crashed. Both the data and the backup are lost. The disk contained personal data, but no special category personal dat

a. The processor states that this is a personal data breach. Is the statement of the processor true?

Show Suggested Answer Hide Answer
Suggested Answer: A

To advise the controller on the mitigation of privacy risks to protect the controller from liability claims for non-compliance. Incorrect. The supervisory authority has the task to monitor compliance and to advise on enhancements, but its purpose is not to protect the controller.

To fulfill the obligation in the GDPR to implement appropriate technical and organizational measures for data protection. Incorrect. The audit is not the implementation of the measures, but an assessment of the effectiveness of them.

To monitor and enforce the application of the GDPR by assessing that processing is performed in compliance with the GDPR. Correct. According to the GDPR this is an important task of a supervisory authority. (Literature: A, Chapter 7; GDPR Article 57 (1)(a))


by Glennis at May 07, 2024, 10:20 AM

Limited Time Offer

25%

Off

Get Premium PDPF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Denae
6 months ago
Sounds fishy to me, is it really a breach if nothing's left?
upvoted 0 times
...
Walker
6 months ago
Wait, how can it be a breach if the data is gone?
upvoted 0 times
...
Merissa
7 months ago
Totally agree, it's a breach regardless of the data type.
upvoted 0 times
...
Tawanna
7 months ago
I disagree, the data was just destroyed, not processed.
upvoted 0 times
...
Louvenia
7 months ago
Yes, it's a personal data breach since it involves personal data.
upvoted 0 times
...
Hildred
7 months ago
I recall that a security incident doesn’t always mean a breach, so maybe option D could be correct, but I’m not sure how that applies here.
upvoted 0 times
...
Kimberlie
7 months ago
I feel like there was a practice question about data destruction versus processing. I’m leaning towards option B, but I’m not completely confident.
upvoted 0 times
...
Brandon
8 months ago
I think the processor's statement is true because any loss of personal data could be considered a breach, even if it’s not special category data.
upvoted 0 times
...
Shenika
8 months ago
I remember discussing personal data breaches in class, but I'm not entirely sure if losing data during a backup counts as a breach.
upvoted 0 times
...
Hayley
8 months ago
This is a tricky one. I'm going to carefully re-read the question and the answer choices to make sure I don't miss any important nuances.
upvoted 0 times
...
Virgina
8 months ago
The processor stated this is a personal data breach, so I'm inclined to go with that. The question is asking if the processor's statement is true, and option A seems to support that.
upvoted 0 times
...
Maia
8 months ago
I'm a bit confused on the distinction between a personal data breach and a security incident. I'll need to review that concept before selecting an answer.
upvoted 0 times
...
Kami
8 months ago
Okay, let's think this through. The data was personal but not special category, and it was lost due to a disk crash, not unlawful processing. I'm leaning towards option B.
upvoted 0 times
...
Glen
8 months ago
This question seems straightforward, but I want to make sure I understand the key details before answering.
upvoted 0 times
...
Xenia
8 months ago
I've got a strategy for this - I'll start by considering the different options and then eliminate the ones that don't make sense.
upvoted 0 times
...
Benton
8 months ago
I think option B with the TimeoutMS property could be a good solution. That way, the click activity will wait for a certain amount of time before moving on, which could help handle the case where the pop-up window appears.
upvoted 0 times
...
Pok
8 months ago
I'm a bit confused by the wording of the question, I'll need to read it a few times to make sure I understand.
upvoted 0 times
...
Rasheeda
1 year ago
Option D is clearly the best choice here. It's just a security incident, not a full-blown data breach. The processor is making a mountain out of a molehill.
upvoted 0 times
Zachary
12 months ago
User 3: Yeah, the processor is overreacting by calling it a personal data breach.
upvoted 0 times
...
Sharee
12 months ago
User 2: I agree, there was no personal data processed, only destroyed.
upvoted 0 times
...
Onita
1 year ago
User 1: I think option D is the correct choice. It's just a security incident.
upvoted 0 times
...
...
Joana
1 year ago
Haha, I bet the processor is just trying to cover their own behind. 'No special category data? No problem!' What a loophole!
upvoted 0 times
Marvel
12 months ago
C) Yes, because the personal data on the disk were unlawfully processed.
upvoted 0 times
...
Delmy
1 year ago
B) No, because no personal data on the disk were processed, only destroyed
upvoted 0 times
...
Malinda
1 year ago
A) Yes, because there were no special category personal data stored on the disk.
upvoted 0 times
...
...
Kati
1 year ago
I disagree. Option C is the way to go. The personal data were processed, even if it was unlawfully. That's a data breach according to the processor's statement.
upvoted 0 times
...
Jesusa
1 year ago
Hmm, I'm not so sure. Option B makes sense to me. Since the data were only destroyed and not processed, it may not qualify as a data breach.
upvoted 0 times
Darrin
12 months ago
Jacquelyne: That makes sense. So, it's more of a security incident than a data breach.
upvoted 0 times
...
Jacquelyne
12 months ago
User 3: I agree with Lucy. Since the data was not processed, it may not be considered a data breach.
upvoted 0 times
...
Lucy
12 months ago
User 2: But doesn't the fact that personal data was lost make it a data breach?
upvoted 0 times
...
Valentin
1 year ago
User 2: Yeah, I agree. It may not qualify as a data breach if no personal data were processed.
upvoted 0 times
...
Meghann
1 year ago
User 1: I think Option B is correct. The data were only destroyed, not processed.
upvoted 0 times
...
Ashley
1 year ago
User 1: I think option B is correct. The data was only destroyed, not processed.
upvoted 0 times
...
...
Kenneth
1 year ago
True, but any personal data being lost can still be considered a breach.
upvoted 0 times
...
Arlene
1 year ago
I think the correct answer is A. The processor is right because the data on the disk were personal data, even if they weren't special category. A data breach has occurred.
upvoted 0 times
...
Felicia
1 year ago
But there were no special category personal data, so maybe it's not a breach.
upvoted 0 times
...
Kenneth
1 year ago
I think the processor is right. It's a personal data breach.
upvoted 0 times
...

Save Cancel