IAPP Exam CIPM Topic 8 Question 53 Discussion

Actual exam question for IAPP's CIPM exam

Question #: 53
Topic #: 8

While trying to e-mail her manager, an employee has e-mailed a list of all the company's customers, including their bank details, to an employee with the same name at a different company. Which of the following would be the first stage in the incident response plan under the General Data Protection Regulation (GDPR)?

ANotification to data subjects.

BContainment of impact of breach.

CRemediation offers to data subjects.

DNotification to the Information Commissioner's Office (ICO).

Show Suggested Answer

Suggested Answer: B

The first stage in the incident response plan under the General Data Protection Regulation (GDPR) for this scenario would be to contain the impact of the breach. This means taking immediate action to stop the unauthorized access or disclosure of personal data, and to prevent it from happening again in the future. This could involve revoking access to the data, notifying the employee who mistakenly sent the data, and implementing security measures to prevent similar breaches from occurring in the future.

https://gdpr-info.eu/art-33-gdpr/

https://gdpr-info.eu/art-34-gdpr/

by Micaela at Oct 21, 2023, 02:40 AM

Limited Time Offer

25%

Off

Get Premium CIPM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!