Certified Information Privacy Professional – Asia (CIPP/A) — Question 2

In Hong Kong's revised Breach Guidance Note of 2015, what course of action did the Commissioner recommend that companies take immediately after experiencing a breach?

Answer options

• A. Proceed under the assumption that the breach is a threat to personal safety.
• B. Enlist the aid of law enforcement to determine the cause of the breach.
• C. Quickly issue a notification to the data subjects affected by the breach.
• D. Immediately gather essential information in relation to the breach.

Correct answer: B

Explanation

The correct answer is B because the Commissioner emphasized the importance of law enforcement's involvement in understanding the breach's cause. Options A, C, and D, while relevant, do not reflect the immediate action recommended by the Commissioner, which focuses on the collaboration with law enforcement.