🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional52 / 124
Question 52 of 124

A European healthcare company processes patient PII in a SaaS platform hosted in the EU. The vendor announces that it will begin replicating backup data to a data center in a country that the European Commission has NOT recognized as providing adequate data protection. The company's DPO must ensure the transfer remains lawful under GDPR. Which action is the MOST appropriate to enable this cross-border transfer to proceed?

Reviewed for accuracy · Report an issueNext question