CDPSE · Question #110
When contracting with a Software as a Service (SaaS) provider, which of the following is the MOST important contractual requirement to ensure data privacy at service termination?
The correct answer is B. Removal of customer data. At service termination, the overriding privacy concern is that the SaaS provider no longer retains the customer's data in any form. 'Removal of customer data' (B) is the broadest and most critical obligation-it ensures the provider deletes or returns all data and ceases to hold i
Question
When contracting with a Software as a Service (SaaS) provider, which of the following is the MOST important contractual requirement to ensure data privacy at service termination?
Options
- AEncryption of customer data
- BRemoval of customer data
- CDe-identification of customer data
- DDestruction of customer data
How the community answered
(35 responses)- A11% (4)
- B80% (28)
- C6% (2)
- D3% (1)
Explanation
At service termination, the overriding privacy concern is that the SaaS provider no longer retains the customer's data in any form. 'Removal of customer data' (B) is the broadest and most critical obligation-it ensures the provider deletes or returns all data and ceases to hold it. Encryption (A) protects data in transit/at rest but does not eliminate the provider's possession of it. De-identification (C) still leaves data in the provider's environment. Destruction (D) is often a subset of removal and refers mainly to physical media; contractual language for 'removal' typically encompasses all forms of data elimination and is the standard term used in data processing agreements.
Topics
Community Discussion
No community discussion yet for this question.