Notifications
Clear all
Topic starter
Which of the following is NOT a requirement of the European Union's (EU) General Data Protection Regulation (GDPR)?
- A . An organization must delete a data subject's personal data automatically when the data are no longer m use.
B. An organization must have a documented lawful basis for collecting or processing personal data.
C. An organization generally must notify all affected data subjects without undue delay when a high-risk data breach occurs
D. An organization must confirm or deny that it possesses a data subject's personal data upon that individual's request
Suggested Answer: B
Posted : 01/02/2023 9:27 am