What is GDPR in Security+?
D1 ยท General ยท CompTIA Security+ SY0-701GDPR (General Data Protection Regulation) is a European Union regulation that governs how organizations collect, store, process, and transfer personal data of EU residents.
Key requirements: lawful basis for processing, data minimization, right to erasure ("right to be forgotten"), breach notification within 72 hours, data protection by design and by default.
Penalties: up to โฌ20 million or 4% of global annual revenue (whichever is higher).
Key requirements: lawful basis for processing, data minimization, right to erasure ("right to be forgotten"), breach notification within 72 hours, data protection by design and by default.
Penalties: up to โฌ20 million or 4% of global annual revenue (whichever is higher).
GDPR applies to any organization that handles EU residents' data โ regardless of where the organization is based. Key exam concepts: data subject rights, breach notification timelines (72 hours), and the role of the DPO (Data Protection Officer).