When offboarding a vendor who handled sensitive personal data, what is the compliance officer's primary obligation?
-
A
Ensure the vendor provides a positive reference for future business
-
B
Verify that the vendor has returned or securely destroyed all personal data per contractual and regulatory requirements
-
C
Transfer the vendor's employees to the organization's payroll
-
D
Notify the vendor's competitors that they may now solicit the business