Exin Exam PDPF Topic 9 Question 51 Discussion

Actual exam question for Exin's PDPF exam

Question #: 51
Topic #: 9

[All PDPF Questions]

A company CEO travels to a meeting in another city. He takes a notebook with information about the company's new projects and acquisitions, which will be the subject of discussion at this meeting. These are the only data stored on the notebook.

The notebook accidentally falls into the hotel's pool and all data is lost.

What happened, considering the General Data Protection Regulation (GDPR)?

AA security incident

BA vulnerability

CA data breach

DA security risk

Show Suggested Answer

Suggested Answer: A

To advise the controller on the mitigation of privacy risks to protect the controller from liability claims for non-compliance. Incorrect. The supervisory authority has the task to monitor compliance and to advise on enhancements, but its purpose is not to protect the controller.

To fulfill the obligation in the GDPR to implement appropriate technical and organizational measures for data protection. Incorrect. The audit is not the implementation of the measures, but an assessment of the effectiveness of them.

To monitor and enforce the application of the GDPR by assessing that processing is performed in compliance with the GDPR. Correct. According to the GDPR this is an important task of a supervisory authority. (Literature: A, Chapter 7; GDPR Article 57 (1)(a))

by Matthew at Dec 10, 2023, 03:51 PM

Limited Time Offer

25%

12 days ago

I think it's a data breach.

upvoted 0 times

...