04 Jan Practice Test Question-Data Privacy Laws
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Yolanda recently sent a request to a company asking them to delete all personal information collected about her, exercising her “right to be forgotten.” What law includes this provision?
A. General Data Protection Regulation (GDPR)
B. Family Educational Rights & Privacy Act (FERPA)
C. Health Insurance Portability & Accountability Act (HIPAA)
D. Gramm Leach Bliley Act (GLBA)
Correct Answer: A
The right to be forgotten is a provision of the European Union’s General Data Protection Regulation (GDPR). That’s just a fact that you need to remember about data privacy laws. The Family Educational Rights and Privacy Act, or FERPA, governs student educational records. The Health Insurance Portability and Accountability Act, HIPAA, governs medical records, and the Gramm Leach Bliley Act, GLBA, governs financial records. None of these other laws contain a right to be forgotten provision.