Certified Data Privacy Solutions Engineer (CDPSE) — Question 126

Data collected by a third-party vendor and provided back to the organization may not be protected according to the organization’s privacy notice. Which of the following is the BEST way to address this concern?

Answer options

• A. Review the privacy policy.
• B. Obtain independent assurance of current practices.
• C. Re-assess the information security requirements.
• D. Validate contract compliance.

Correct answer: D

Explanation

The best approach to ensure that the third-party vendor is adhering to the organization's privacy standards is to validate contract compliance. This process ensures that the vendor is following the agreed-upon privacy terms. The other options, while important, do not directly confirm that the vendor's practices align with the organization's contractual obligations.