Which of the following was NOT a change made when GDPR replaced the DPA?

The answer regarding mandatory employee meetings is correct because the General Data Protection Regulation (GDPR) did not explicitly require organizations to hold mandatory meetings with employees as part of its regulations. The focus of GDPR is mainly on the rights of individuals concerning their data, the obligations of organizations to protect that data, and ensuring transparency with regulators and individuals affected by data processing.

In contrast, GDPR introduced several significant changes aimed at enhancing data protection. It established new rights for individuals, such as the right to access their personal data and the right to be forgotten, which give people more control over their information. Transparency obligations to regulators were also strengthened; organizations must now clearly communicate their data practices and ensure they comply with established guidelines. Additionally, GDPR introduced the possibility of massive fines for non-compliance, making organizations more accountable for how they handle personal data. Thus, the correction regarding the lack of a requirement for mandatory employee meetings stands out as the distinguishing factor.