Data Protection and Compliance Quiz

To ensure companies protect their intellectual property

To establish minimum legal standards for data security and privacy

To help businesses increase profits through data sales

To allow companies to avoid liability in case of breaches

Data compliance is optional, while data security is legally required

Data compliance focuses on meeting laws and regulations, while data security includes all measures to protect data

Data security only applies to large organisations, while data compliance applies to everyone

There is no difference; both mean protecting sensitive information

EU GDPR

DPA 2018/UK GDPR

Data Protection Directive 1995

ISO 27001

Email address

Date of birth

Trade union membership

Home address

To process data on behalf of another organisation

To decide how and why personal data is processed

To protect intellectual property and copyrights

To investigate data breaches

To make decisions about data collection and storage

To enforce data protection laws

To act on behalf of a data controller to process data

To decide how long data should be stored

Data must be processed lawfully, fairly, and transparently

Data must be collected only for specified, legitimate purposes

Data must be sold to third parties for commercial gain

Data must be kept secure and protected from unauthorised access

Immediately

Within 24 hours

Within 72 hours

Only if customers complain

£500,000

£1 million

€20 million or 4% of annual global turnover (whichever is greater)

€100 million

To evaluate the potential risks of data processing

To provide training to employees on cybersecurity

To report data breaches to the ICO

To determine how much customer data can be sold legally