Comprehensive and Detailed In-Depth Explanation:
Data privacy laws, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), emphasize restricting access to personally identifiable information (PII) to only those who require it for business purposes.
Option B (Data backup within 24 hours) is an IT best practice but is not a core requirement of privacy laws.
Option C (Approval for system updates) is a change management policy, unrelated to data privacy.
Option D (Insider trading restrictions) falls under corporate governance and securities regulations, not data privacy laws.
Thus, Option A is correct, as it aligns with legal requirements for protecting sensitive personal data.
[Reference: IIA Data Privacy Compliance – GDPR & CCPA Standards, , , , ]
Submit