PDPF · Question #130
PDPF Question #130: Real Exam Question with Answer & Explanation
The correct answer is D. When embedding privacy into a given technology, process, or system, it should be done in such a. Applied security standards must assure the confidentiality, integrity and availability of personal data throughout their lifecycle. Incorrect. This is an aspect of End-to-End Security - Lifecycle Protection, one of the other six basic principles. If different types of legitimate
Question
Options
- AIf different types of legitimate objectives are contradictory, the privacy objectives must be given
- BApplied security standards must assure the confidentiality, integrity and availability of personal
- CWherever possible, detailed privacy impact and risk assessments should be carried out and
- DWhen embedding privacy into a given technology, process, or system, it should be done in such a
Explanation
Applied security standards must assure the confidentiality, integrity and availability of personal data throughout their lifecycle. Incorrect. This is an aspect of End-to-End Security - Lifecycle Protection, one of the other six basic principles. If different types of legitimate objectives are contradictory, the privacy objectives must be given priority over other security objectives. Incorrect. Data protection by design rejects the idea that privacy competes with other interests, design objectives, and technical capabilities. When embedding privacy into a given technology, process, or system, it should be done in such a way that full functionality is not impaired. Correct. This is the essence. (Literature: A, Chapter 8; GDPR Article 25) Wherever possible, detailed privacy impact and risk assessments should be carried out and published, clearly documenting the privacy risks. Incorrect. This is an aspect of Privacy Embedded into Design, one of the other six basic principles.
Community Discussion
No community discussion yet for this question.