OneTrust Certified Privacy Professional Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the OneTrust Certified Privacy Professional Exam with detailed questions and explanations. Utilize flashcards and comprehensive MCQs to ensure you're ready to excel in your certification journey.

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Per the LGPD, communication to the national authority and the data subject regarding the occurrence of a security incident that may create risk or relevant damage to the data subject shall be done:

  1. Immediately

  2. Within 24 hours

  3. In a reasonable time period as defined by the national authority

  4. Within 72 hours

  5. Following a formal investigation

  6. After obtaining legal counsel

The correct answer is: In a reasonable time period as defined by the national authority

Per the LGPD (Lei Geral de Proteção de Dados) in Brazil, the communication to the national authority and the data subject regarding a security incident that may create risk or relevant damage to the data subject should be done in a reasonable time period as defined by the national authority. This is in alignment with the requirements of the LGPD, which does not specify a specific timeframe such as immediately, within 24 hours, within 72 hours, following a formal investigation, or after obtaining legal counsel. The communication timeline is meant to be flexible and determined based on the severity of the incident and the guidelines set by the national authority to ensure that data subjects and the relevant authorities are informed promptly and adequately.

More Questions Like This