MIDTERM EXAM

Question 1

Formally known as the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data.

Answer 1

Convention 108

Question 2

The entities that must comply with the GDPR are
organizations, entities, and individuals that process personal data and are located within the EU or process personal data of individuals within the EU.
TRUE OR FALSE

Answer 2

TRUE

Question 3

Convention 108 Key Principles

Answer 3

• PROTECTION OF PRIVACY
• SUPERVISORY AUTHORITIES

Question 4

Requires that any information addressed to the public or to the data subject be concise, easily accessible and easy to understand, and that clear and plain language and, additionally, where appropriate, visualization be used.

Answer 4

TRANSPARENCY PRINCIPLE

Question 5

The TRANSPARENCY PRINCIPLE requires that any information addressed to the public or to the data subject be concise, easily accessible and easy to understand, and that clear and plain language and, additionally, where appropriate, visualization be used. TRUE OR FALSE

Answer 5

TRUE

Question 6

Personal data should only be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

Answer 6

PURPOSE LIMITATION PRINCIPLE

Question 7

Collecting only necessary data for intended purposes

Answer 7

DATA MINIMIZATION PRINCIPLE

Question 8

Personal Data is accurate and suitable for the purpose for which it is processed.

Answer 8

Integrity

Question 9

requires you to take responsibility for what you do with personal data and how you comply with the other principles

Answer 9

Accountability Principle

Question 10

refers to the legal and organizational measures designed to safeguard personal data against unauthorized access, use, alteration, or destruction.

Answer 10

DATA PROTECTION

Question 11

A law in the European Union (EU) that came into effect on ____. It aims to protect the personal data of EU citizens and residents.

Answer 11

May 25, 2018

Question 12

A law created to strengthen and unify data protection for individuals within the EU. It aims to protect the personal data of EU citizens and residents.

Answer 12

GDPR

Question 13

GDPR Data Protection Principles

Answer 13

• Lawfulness, fairness, and transparency
• Purpose limitation
• Data minimization
• Accuracy
• Storage limitation
• Integrity and confidentiality (security)
• Accountability

Question 14

Rights of Data Subjects

Answer 14

• Right to be informed
• Right of access
• Right to rectification
• Right to erasure (right to be forgotten)
• Right to restrict processing

Question 15

It involves the transmission of personal or sensitive data from one country to another.

Answer 15

CROSS-BORDER DATA TRANSFERS

Question 16

What are the key risks and challenges associated with cross-border data transfers?

Answer 16

• Data sovereignty
• Cybersecurity threats
• Legal Conflicts
• Trust Issues

Question 17

Practical Solutions for Ensuring Compliance

Answer 17

• Data Mapping
• Encryption
• Monitoring and Auditing
• Data Minimization
• Localizing Data