Exin Exam PDPF Topic 6 Question 41 Discussion

Actual exam question for Exin's PDPF exam

Question #: 41
Topic #: 6

[All PDPF Questions]

According to the GDPR, in what situation must data subjects always be notified of a personal data breach?

AWhen personal data is processed at a facility of the processor that is not located within the borders of the EEA

BWhen personal data is processed by a party that agreed to the draft processing contract but has not yet signed it

CWhen the system on which the personal data is processed is attacked causing damage to its storage devices

DWhen there is a significant probability that the breach will lead to a high risk for the privacy of the data subjects

Show Suggested Answer

Suggested Answer: D

Data protection and privacy are complementary, but not the same thing.

A very repeated phrase is: ''It is possible to have security without privacy, but it is not possible to have privacy without security''.

Privacy is a right that must be protected, and Data Protection are the measures that will be used to achieve this protection.

by Ruthann at Mar 31, 2023, 09:07 AM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

2 days ago

D seems like the obvious choice here. The GDPR clearly states that data subjects must be notified when a breach poses a high risk to their privacy.

upvoted 0 times

...

17 days ago

I'm not sure, but it makes sense to inform them when there's a high risk to their privacy.

upvoted 0 times

...

20 days ago

I agree with Huey, notifying data subjects in high-risk situations is crucial.

upvoted 0 times

...

24 days ago

I think the answer is D.

upvoted 0 times

...