OneTrust Certified Privacy Professional Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the OneTrust Certified Privacy Professional Exam with detailed questions and explanations. Utilize flashcards and comprehensive MCQs to ensure you're ready to excel in your certification journey.

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Is it true or false that data controllers must notify the supervisory authority of a personal data breach within 72 hours?

  1. True

  2. False

  3. Only for data involving children

  4. Only if the breach is severe

The correct answer is: True

The statement that data controllers must notify the supervisory authority of a personal data breach within 72 hours is true. According to the General Data Protection Regulation (GDPR), data controllers are required to report a personal data breach to the relevant supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of it. This obligation underscores the importance of timely reporting to ensure that appropriate measures can be taken to mitigate potential risks associated with the breach. The rationale behind this time frame is to uphold the principles of accountability and transparency in data processing. Rapid notification allows authorities to provide guidance on managing risks and can also assist in protecting affected individuals from further harm, such as identity theft or other adverse outcomes. Thus, the requirement applies universally, irrespective of the severity of the breach or whether it involves specific groups like children. The focus is on the protection of personal data in general, thereby necessitating prompt action whenever a breach occurs.

More Questions Like This