APICS Certified Supply Chain Professional (CSCP) — Question 165

In regards to the collection of personal data conducted by an organization, what must the data subject be allowed to do?

Answer options

• A. Evaluate the qualifications of a third-party processor before any data is transferred to that processor.
• B. Obtain a guarantee of prompt notification in instances involving unauthorized access of the data.
• C. Set a time-limit as to how long the personal data may be stored by the organization.
• D. Challenge the authenticity of the personal data and have it corrected if needed.

Correct answer: D

Explanation

The correct answer is D because individuals have the right to challenge the accuracy of their personal data and request corrections to ensure data integrity. The other options, while relevant to data privacy, do not specifically address the rights of the data subject in relation to their personal data's authenticity and correction.