Question
True False Markors Use 1. General Data Protection Regulation is law in the UK square square square 2. General Data Protection Regulation is not law in the UK square square square 3. GDPR is designed to protect businesses only square square 4. Individuals have rights under GDPR square square 5. Individuals have no rights under GDPR square square 6. Organisations need to protect individual's data they hold square square 7. Organisations do not need to protect individual's data they hold square square 8. Data Protection breaches can result in significant fines square 9. Data Protection breaches can result in just insignificant fines square 10. A data subject is the individual the personal data relates to square square
Answer
4.2
(241 Votes)
Ernest
Professional · Tutor for 6 years
Answer
1.True 2.False 3.False 4.True 5.False 6.True 7.False 8.True 9.False 10.True.
Explanation
This series of statements is about GDPR (The General Data Protection Regulation) and its implications. 1-2. General Data Protection Regulation is in reality law in many European countries, including the United Kingdom. It is a regulation in EU law on data protection and privacy in the European Union. 3. GDPR is also designed to protect not just businesses, but also the individual's personal data and restores the control of their own personal data. 4-5. Individuals indeed have a lot of rights under GDPR including the right to access, deletion, rectification, data minimisation etc. So they certainly do not have no rights under the regulation.6-7. The premise of the GDPR regulation is centered around data protection of individuals - so organisations have a legal obligation under the GDPR to protect the confidentiality, integrity and availability of data they hold for individuals.8-9. Data breaches under the GDPR can indeed result in significant fines for organisations e.g., up to €10 million, or 2% - 4% of the firm’s worldwide annual revenue from the preceding financial, whichever is higher.10. The term 'data subject' in data protection legislation refers to the individual whom the data is about. i.e., 'personal data' must relate to an individual person and that person must be identifiable from it.