Unlimited storage; lack of integrity and confidentiality; unaccountability

Unlawfulness, unfairness, and opacity

Unlimited purpose; maximum data; inaccuracy

Lawfulness, fairness, and transparency; purpose limitation; data minimization; accuracy; storage limitation; integrity and confidentiality; accountability

Adherence to security standards for companies handling credit card information

Storing credit card information in an unsecured database

Regularly sharing credit card information on social media

Allowing unauthorized access to credit card information

Laws that allow organizations to keep data breaches secret to avoid damaging their reputation. They are important to maintain public trust.

Laws that require organizations to notify individuals and authorities if their personal information is compromised in a data breach. They are important to protect organizations from legal liabilities.

Laws that require organizations to notify individuals and authorities if their personal information is compromised in a data breach. They are important to protect individuals' privacy and enable them to take necessary precautions to prevent identity theft or fraud.

Laws that only apply to government agencies and not private organizations. They are important to ensure fair treatment of all entities.

No right to object to processing

No right to access personal data

Access, rectify, erase, restrict processing, data portability, object to processing, and not be subject to automated decision-making

Unlimited data sharing

By allowing unrestricted access to cardholder data

By ignoring security measures for organizations

By sharing cardholder data with unauthorized parties

By implementing security standards and requirements for organizations

Data breaches have no impact on organizations or individuals

Data breaches have a positive impact on organizations and individuals

Data breaches can have significant negative impacts on both organizations and individuals, including financial losses, legal consequences, and emotional distress.

Data breaches only impact organizations, not individuals

Not protecting cardholder data

Ignoring vulnerability management program

Installing unsecure network

Building and maintaining a secure network, protecting cardholder data, maintaining a vulnerability management program, implementing strong access control measures, regularly monitoring and testing networks, and maintaining an information security policy.