Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CIPM MAY 2023 > GDPR > Flashcards

GDPR Flashcards

1
Q

What Data Subject Can Do?

A
  • Withdraw Consent
  • Request a copy of their personal data to move to another organization or to be deleted.
  • Object to automated decision-making processes.
  • Request controllers to “freeze” processing of their PII
  • Influence Regulators
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What Organizations Must Do?

A
  • Implement Privacy by Default & Privacy by Design
  • Maintain appropriate data security
  • Notify data subjects & regulators of data breaches
  • Follow special rules for directly processing children’s data
  • Provide notice of intention to process personal information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What Organizations Must Do? Part 2

A
  • Appoint a Data Protection Officer
  • Take responsibility for processing activities of 3rd party vendors
  • Conduct data protection impact assessments
  • Ensure adequacy or appropriate safeguards for data transfers
  • Consult with regulators before processing personal data
  • Keep records and demonstrate compliance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What Regulators May Do?

A
  • Ask for records of compliance i.e., DPIAs, Risk Analysis, DPA
  • Impose temporary data processing bans, require breach notification, and order erasure of PII
  • Suspend international data flows
  • Enforce penalties of up to $20mil or 4% of annual revenue for non-compliance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CIPM MAY 2023 (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions