Microsoft Certified: Azure Fundamentals (AZ-900) 2025 – 400 Free Practice Questions to Pass the Exam

The correct answer is GDPR, which stands for the General Data Protection Regulation. This regulation is a comprehensive data protection law in the European Union that came into effect in May 2018. It aims to safeguard the personal data and privacy of EU citizens by setting strict guidelines for the collection, storage, and processing of personal information. GDPR gives individuals greater control over their personal data and imposes significant penalties on organizations that fail to comply with its provisions.

The other choices refer to different regulations and standards. ISO (International Organization for Standardization) establishes various international standards that may involve data management but does not specifically legislate personal data protection. NIST (National Institute of Standards and Technology) provides a framework and guidelines for information security but is primarily focused on U.S. federal information systems rather than specifically addressing the privacy of EU citizens. HIPAA (Health Insurance Portability and Accountability Act) is a U.S. law focused on the protection of medical information and does not cover the broader scope of personal data protection as outlined in GDPR.