All RE5 questions
POPIA Data Protection
Under POPIA, an FSP suffers a security compromise that exposes clients' personal information. What is a core obligation that follows?
RE5 practice question with a worked answer. This is one of hundreds of FSCA RE5 questions in the RegulatoryExams question bank.
- a) Notify the Information Regulator and the affected data subjects as soon as reasonably possible after becoming aware of the breach.Correct
- b) Keep the breach secret to protect the FSP’s reputation.
- c) Notify only the FAIS Ombud and no one else.
- d) Do nothing unless a client specifically complains.
Why this is the answer
POPIA requires a responsible party that suffers a breach of personal information to notify the Information Regulator and the affected data subjects as soon as reasonably possible, so they can take protective steps. Concealment breaches the Act.
Want to test yourself on 700+ more questions like this?
Start your free RE5 simulator today — timed mock exams, full answer explanations and cloud-synced progress tracking.
More POPIA questions
- In handling client personal information, an FSP acts as a 'responsible party' under POP…
- An FSP wants to use client contact details collected for policy administration to run a…
- Under POPIA, a data subject (the client) generally has which right regarding their pers…
- Under POPIA, what is the lawful basis most commonly relied on to send a client direct m…