Full screen

Share

>
<
Start 
Data breach quiz

Want to create interactive content? It’s easy in Genially!

Get started free

Data breach quiz - FINAL

web.admin

Created on June 14, 2023

Start designing with a free template

Discover more than 1500 professional designs like these:

Festive Holiday Quiz

Stopwatch Quiz

Sex Education Quiz

Characters Quiz

Notebook Quiz

News Quiz

Retro Quiz

Explore all templates

Transcript

>

<

Start

Data breach quiz

True

False

Question 1 of 7

According to UK GDPR, the definition of a personal data breach is “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.”

Incorrect!

>

Correct!

>

96 hours

72 hours

48 hours

Question 2 of 7

Where a report to the ICO is required, how much time do you have to report a data breach to the ICO?

Incorrect!

>

Correct!

>

>

See Section II of Article 29 of the Working Party Guidelines for further information about when this time period starts. A personal data breach must be reported without undue delay, not later than 72 hours after having become aware of it. See Article 33 UK GDPR. Please note if you take longer than 72 hours to report a data breach, you must give reasons for the delay.

Insight

Sending personal data to an incorrect email address

Theft of computer devices containing personal data

All of the above

Leaving a HR file in a café

Question 3 of 7

Which of the following is an example of a personal data breach?

Incorrect!

>

False

True

Question 4 of 7

You need to notify the ICO of all data breaches.

Correct!

>

Incorrect!

>

Correct!

>

>

You only need to notify the ICO if the risk to people’s rights and freedoms is likely. If the risk to people’s rights and freedoms is unlikely, you do not have to report the breach to the ICO. If you decide to not report the breach, you should keep a record of why you decided not to report this breach in case you are asked to justify your decision.

Insight

False

True

Question 5 of 7

The fine for failing to notify the ICO of all notifiable breaches is up to £8.7million or 2% of your global turnover.

Incorrect!

>

Correct!

>

False

True

Question 6 of 7

You only need to inform the individual whose data has been breached if the breach is likely to result in a high risk to the rights and freedoms of that individual.

Correct!

>

Incorrect!

>

>

According to the ICO guidance, a ‘high risk’ means that the impact of the data breach is more than severe – there is a high likelihood that consequences will flow from the breach. You will need to look at both the potential and actual impact of the breach.

Insight

C) A member of staff at a University sends incorrect student records to another student. The document was password protected. The student informs the member of staff, deletes the email and provides proof of this.

B) A medical professional accidentally publishes patient records online.

A) An employee deletes a client’s information from the system. This information is quickly recreated from a backup.

Question 7 of 7

In which scenario would you need to inform the individual about the data breach?

Incorrect!

>

Correct!

>

>

Scenario (a) and (c) are unlikely to result in a high risk to the rights and freedoms of the individual.

Insight

Free downloadable report: Does your business have a plan for how to respond quickly to a cyber security threat?Download the report now.

Thank you for completing the quiz.

Retake quiz

>

<

Completed