Data privacy laws, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), emphasize restricting access to personally identifiable information (PII) to only those who require it for business purposes.
Option B (Data backup within 24 hours) is an IT best practice but is not a core requirement of privacy laws.
Option C (Approval for system updates) is a change management policy, unrelated to data privacy.
Option D (Insider trading restrictions) falls under corporate governance and securities regulations, not data privacy laws.
Thus, Option A is correct, as it aligns with legal requirements for protecting sensitive personal data.
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit