200-201 · Question #539
200-201 Question #539: Real Exam Question with Answer & Explanation
The correct answer is D: Delete the data if the customer ID is stored alongside additional information that can identify the. A unique customer ID is not personally sensitive information on its own, but if it is stored together with other data that can identify the individual, it must be deleted. Therefore, deletion is required only when the ID is linked to identifiable information.
Question
A data privacy officer at a marketing firm has received a request from a former client to delete all personally sensitive information held by the company. The firm operates globally and follows international data protection standards. The only information retained about the client is a unique customer ID, "051473912", which is not directly tied to the name, address, or any other identifiable details. Which action should the data privacy officer take?
Options
- ADelete the data immediately to comply with all global privacy regulations.
- BRetain the data, as a customer ID by itself does not qualify as PSI under international standards.
- CConsult the legal team, as customer IDs are always considered PSI and cannot be retained.
- DDelete the data if the customer ID is stored alongside additional information that can identify the
Explanation
A unique customer ID is not personally sensitive information on its own, but if it is stored together with other data that can identify the individual, it must be deleted. Therefore, deletion is required only when the ID is linked to identifiable information.
Topics
Community Discussion
No community discussion yet for this question.