Certified Information Privacy Professional – Europe (CIPP/E) — Question 200

When does the European Data Protection Board (EDPB) recommend reevaluating whether a transfer tool is effectively providing a level of personal data protection that is in compliance with the European Union (EU) level?

Answer options

• A. After a personal data breach.
• B. Every three (3) years.
• C. On an ongoing basis.
• D. Every year.

Correct answer: C

Explanation

The correct answer is C, as the EDPB advises that organizations should continuously evaluate the effectiveness of their transfer tools to ensure compliance with EU standards. Options A, B, and D suggest specific time frames or events, which do not align with the ongoing nature of the recommended assessment.