An organization is using new technologies that will target and process personal data of EU customers. In which of the following circumstances would a privacy technologist need to support a data protection impact assessment (DPIA)?
A.
If a privacy notice and opt-in consent box are not displayed to the individual
B.
If security of data processing has not been evaluated
C.
If a large amount of personal data will be collected
D.
If data processing is a high risk to an individual’s rights and freedoms
The correct answer is **D. If data processing is a high risk to an individual’s rights and freedoms**.
A Data Protection Impact Assessment (DPIA) is required under the General Data Protection Regulation (GDPR) when the processing of personal data is likely to result in a high risk to the rights and freedoms of individuals. The DPIA helps identify and mitigate those risks, ensuring that the organization takes appropriate measures to protect personal data.
This section is not available anymore. Please use the main Exam Page.CIPT Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Ssourav
10 months agoDrMai
1 year, 8 months ago