How should the processor act on this situation and what should the controller do, if anything?
A processor is instructed to report on customers who bought a product both last month and at least once in the three months before that. Unfortunately, the processor makes a mistake and uses personal data collected by another controller for a different purpose. The mistake is found before the report is created, and nobody has access to personal date he or she should not have had access to.
How should the processor act on this situation and what should the controller do, if anything?
A . The processor must notify the controller and the controller must notify the Data Protection Authority of a data breach.
B . The processor must notify the controller of a data breach. The controller must assess the possible risk to the data subjects.
C . The processor must notify the Data Protection Authority of a data breach. The controller must execute a PIA to assess the risk to data subjects.
D . The processor must restart processing using the right data. There is no need for the controller to act.
Answer: B
Latest PDPF Dumps Valid Version with 149 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund