Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CIPP/US > GDPR > Flashcards

GDPR Flashcards

1
Q

Covered entities?

A
  1. Processing of personal data when a controller or processor is established in the EU, regardless of whether or
    not the actual processing takes place in the EU
  2. Processing of personal data of EU subjects relating to offering goods or services or monitoring behaviour,
    regardless of whether or not the controller or processor is established in the EU
  3. Processing of personal data by a controller not established in the EU but in a place where member state law
    applies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Rights to individuals?

A 
Access
Erasure
Rectification
Restriction of processing
Data Portability
Object to processing 
No profiling
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Who is covered by this law?

A

EU Data Subjects. Doesn’t matter if the data is processed in the EU or not

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Provisions of the EU’s General Data Protection Regulation (GDPR) include

A 
Accountability obligations
Rules for international data transfers
Requirements for processors (contractors who act on behalf of data controllers)
Designation of data protection officers
Notification of security breaches
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Fines

A

Sanctions of up to €20 million or four percent of total annual, worldwide revenues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Exclusions

A
  • Activities outside the scope of EU law (e.g., national security activities)
  • Law enforcement and public security
  • Purely personal or household activities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

US Safe Harbor

A

Overturned in 2015 due to US government surveillance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A multinational company can transfer data between countries after certification of their practices by an EU privacy supervisory agency

A

Binding Corporate Rules (BCR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A company adopts EU-approved contractual provisions requiring compliance with EU law and submission to the supervision of an EU privacy supervisory agency

A

Standard Contractual Clauses (SCC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Other approved transfer mechanisms

A

Codes of conduct and certification mechanisms

Ad hoc contractual clauses authorized by supervisory authorities (i.e., non-standardized contractual clauses)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

EDPB

A

European Data Protection Board

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Privacy by design accountability

A

Controllers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Privacy by default accountability

A

Controllers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

DPIAs accountability

A

Controllers (Where required) and processors (to assist)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Data Protection Officers accountability

A

Controllers and Processors where required

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Record keeping accountability

A

Controllers and processors

17
Q

Security accountability

A

Controllers and processors

18
Q

Data Breach Reporting accountability

A

Controllers (to regulators) and processors (to controllers)

CIPP/US (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions