Under GDPR Art. 4(12), which of the following constitutes a personal data breach?
2.
GDPR Art. 33 requires notification of a data breach to the supervisory authority within how many hours?
3.
Under GDPR Art. 34, when must organisations directly notify the individuals affected by a breach?
4.
California's SB-1386, enacted in 2003, was significant for US data privacy law because it was:
5.
Describe the six-step incident response workflow covered in this lesson. For each step, give one concrete action an organisation should take.
6.
An organisation discovers a breach on Monday morning. It notifies the DPA on Thursday evening — 84 hours after discovery. What dös GDPR require the organisation to provide?