Which of the following describes a user's "right to be forgotten"?

• A.The data is being used to comply with legal obligations or the public interest.
• B.The data is no longer required for the purpose originally collected.
• C.The individual objects despite legitimate grounds for processing.
• D.The individual's legal residence status has recently changed.

Comment: *

Name: *

Email: *

Verification: *

To ensure effective management of an organization's data privacy policy, senior leadership MUST define:

• A.training and testing requirements for employees handling personal data.
• B.roles and responsibilities of the person with oversights.
• C.metrics and outcomes recommended by external agencies.
• D.the scope and responsibilities of the data owner.

Comment: *

Name: *

Email: *

Verification: *

An organization is creating a personal data processing register to document actions taken with personal dat a. Which of the following categories should document controls relating to periods of retention for personal data?

• A.Data archiving
• B.Data storage
• C.Data acquisition
• D.Data input

Comment: *

Name: *

Email: *

Verification: *

Which of the following needs to be identified FIRST to define the privacy requirements to use when assessing the selection of IT systems?
* Type of data being processed

• A.Applicable privacy legislation
• B.Applicable control frameworks
• C.Available technology platforms

Comment: *

Name: *

Email: *

Verification: *

Which of the following rights is an important consideration that allows data subjects to request the deletion of their data?

• A.The right to object
• B.The right to be forgotten
• C.The right to withdraw consent
• D.The right to access

Comment: *

Name: *

Email: *

Verification: *