Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ICAEW Law 11: Employment, data protection and intellectual property law. > 11. Data protection. > Flashcards

11. Data protection. Flashcards

You may prefer our related Brainscape-certified flashcards:
Civil Procedure 1L flashcards MBE flashcards MPRE flashcards
1
Q

T/F: data protection legislation applies only to that collected or recorded in electronic form.

A

FALSE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The most recent primary legislation regarding data protection in the UK is the …

A

Data Protection Act (2018)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The Data Protection Act (2018) implements and supplements the EU’s ….

A

General Data Protection Regulation (GDPR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

GDPR: General Data Protection R*

A

regulation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

“…” means any information relating to an identified or identifiable living individual.

A

personal data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

“Personal data” means any information relating to an [I or I LI]*

A

identified or identifiable living individual

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

“processing” information can involve: C*, R, S, A, D, C, D

A

collection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

“processing” information can involve: C, R*, S, A, D, C, D

A

recording

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

“processing” information can involve: C, R, S*, A, D, C, D

A

storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

“processing” information can involve: C, R, S, A*, D, C, D

A

adaptation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

“processing” information can involve: C, R, S, A, D*, C, D

A

disclosure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

“processing” information can involve: C, R, S, A, D, C*, D

A

combination

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

“processing” information can involve: C, R, S, A, D, C, D*

A

destruction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Data protection (does / does not) require safeguards where automated decision making occurs on the basis of information provided by/collected on data subjects.

A

does

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

DC* determine the purpose and means of processing personal data.

A

data controllers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

DP* are responsible for processing personal data on behalf of a controller.

A

data processors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

DS* are identified or identifiable individuals (not companies) to whom personal data relates.

A

data subjects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A limited company (can / can not) be a ‘data subject’.

A

can not

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Data protection legislation applies to … organisations.

A

all

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Opinions, as distinguished from facts, (do / do not) fall within the scope of data protection legislation.

A

do

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

The person responsible for data regulation in the UK is the …

A

Information Commissioner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Data protection law in the UK uses a (prescriptive / risk based) approach.

A

risk based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Information which an individual has published about themselves, for example a professional profile, (is / is not) nevertheless covered by data protection legislation.

A

is

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Any data breach must be reported to the information commissioner within …

A

72 hours

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Individuals whose data is subject to a breach need only be informed directly if the case is …

A

high risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Data protection principles: LFAT* (G, C, OAH), PL (S, E, L), DM (A, R, NE), A (C), SL (RP), I (CAS)

A

lawfullness, fairness and transparency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Data protection principles: LFAT (G*, C, OAH), PL (S, E, L), DM (A, R, NE), A (C), SL (RP), I (CAS)

A

grounds for holding the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Data protection principles: LFAT (G, C*, OAH), PL (S, E, L), DM (A, R, NE), A (C), SL (RP), I (CAS)

A

clarity in how the data is used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Data protection principles: LFAT (G, C, OAH*), PL (S, E, L), DM (A, R, NE), A (C), SL (RP), I (CAS)

A

openness and honesty in how the data is used from the start

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Data protection principles: LFAT (G, C, OAH), PL* (S, E, L, CfNP), DM (A, R, NE), A (C), SL (RP), I (CAS)

A

purpose limitation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Data protection principles: LFAT (G, C, OAH), PL (S, E, L)*, DM (A, R, NE), A (C), SL (RP), I (CAS)

A

the purpose for recording the data must be specified, explicit and legitimate

32
Q

Data protection principles: LFAT (G, C, OAH), PL (S, E, L), DM* (A, R, NE), A (C), SL (RP), I (CAS)

A

data minimisation

33
Q

Data protection principles: LFAT (G, C, OAH), PL (S, E, L), DM (A*, R, NE), A (C), SL (RP), I (CAS)

A

adequate - sufficient to fulfil the purpose and no more

34
Q

Data protection principles: LFAT (G, C, OAH), PL (S, E, L), DM (A, R*, NE), A (C), SL (RP), I (CAS)

A

relevant - linked rationally to the purpose

35
Q

Data protection principles: LFAT (G, C, OAH), PL (S, E, L), DM (A, R, NE*), A (C), SL (RP), I (CAS)

A

not excessive - limited to what is necessary to fulfil the purpose

36
Q

Data protection principles: LFAT (G, C, OAH), PL (S, E, L), DM (A, R, NE), A* (C), SL (RP), I (CAS)

A

accuracy - reasonable steps must be taken to ensure the data is not incorrect or misleading

37
Q

Data protection principles: LFAT (G, C, OAH), PL (S, E, L), DM (A, R, NE), A (C*), SL (RP), I (CAS)

A

correction of data which is found to be inaccurate or misleading

38
Q

Data protection principles: LFAT (G, C, OAH), PL (S, E, L), DM (A, R, NE), A (C), SL* (RP), I (CAS)

A

storage limitation - data should not be kept for longer than is necessary for the purpose for which it was collected

39
Q

Data protection principles: LFAT (G, C, OAH), PL (S, E, L), DM (A, R, NE), A (C), SL (RP*), I (CAS)

A

retention policy - data which is no longer needed should be destroyed or anonymised

40
Q

Data protection principles: LFAT (G, C, OAH), PL (S, E, L), DM (A, R, NE), A (C), SL (RP), I* (CAS)

A

integrity - data processing must take appropriate security measures as regards risks that might arise

41
Q

Data protection principles: LFAT (G, C, OAH), PL (S, E, L), DM (A, R, NE), A (C), SL (RP), I (CAS*)

A

confidentiality and security

42
Q

Data protection principles: LFAT (G, C, OAH), PL (S, E, L, CfNP*), DM (A, R, NE), A (C), SL (RP), I (CAS)

A

consent - if the data is used for a new purpose

43
Q

A business must have a valid ‘…’ in order to process personal data.

A

lawful basis

44
Q

Most lawful bases require that processing is ‘…’ for a specific purpose. If you can reasonably achieve the same purpose without the processing, you won’t have a lawful basis.

A

necessary

45
Q

Most lawful bases require that processing is ‘necessary’ for a SP*. If you can reasonably achieve the same purpose without the processing, you won’t have a lawful basis.

A

specific purpose

46
Q

If a buisiness intends to process data, it must determine its … before it begins processing, and should document it.

A

lawful basis

47
Q

If a buisiness intends to process data, it must determine its lawful basis before it begins processing, and should …

A

document it

48
Q

Lawful bases for data processing: C* (E and for a SP), C, LO, VI (PoL), PT, LI

A

consent

49
Q

Lawful bases for data processing: C (E and for a SP)*, C, LO, VI (PoL), PT, LI

A

explicit and for a specific purpose

50
Q

Lawful bases for data processing: C (E and for a SP), C*, LO, VI (PoL), PT, LI

A

contract, including pre-contractual negotiations

51
Q

Lawful bases for data processing: C (E and for a SP), C, LO*, VI (PoL), PT, LI

A

legal obligation

52
Q

Lawful bases for data processing: C (E and for a SP), C, LO, VI* (PoL), PT, LI

A

vital interest

53
Q

Lawful bases for data processing: C (E and for a SP), C, LO, VI (PoL*), PT, LI

A

protection of life

54
Q

Lawful bases for data processing: C (E and for a SP), C, LO, VI (PoL), PT*, LI

A

public task

55
Q

Lawful bases for data processing: C (E and for a SP), C, LO, VI (PoL), PT, LI*

A

legitimate interest

56
Q

Rights under the GDPR: TBI*, A, R, E, RP, DP, O, ADM and P

A

to be informed

57
Q

Rights under the GDPR: TBI, A*, R, E, RP, DP, O, ADM and P

A

access

58
Q

Rights under the GDPR: TBI, A, R*, E, RP, DP, O, ADM and P

A

rectification

59
Q

Rights under the GDPR: TBI, A, R, E*, RP, DP, O, ADM and P

A

erasure

60
Q

Rights under the GDPR: TBI, A, R, E, RP*, DP, O, ADM and P

A

restrict processing

61
Q

Rights under the GDPR: TBI, A, R, E, RP, DP*, O, ADM and P

A

data portability

62
Q

Rights under the GDPR: TBI, A, R, E, RP, DP, O*, ADM and P

A

to object

63
Q

Rights under the GDPR: TBI, A, R, E, RP, DP, O, ADM and P*

A

automated decision making and profliing

64
Q

An individual excercising their right to access and receive a copy of their personal data and other supplementary information is commonly referred to as a … or ‘SAR’.

A

subject access request

65
Q

Exemptions from GDPR must be determined on a … basis.

A

case by case

66
Q

Exceptions from GDPR: DP*, LE, IS

A

domestic purposes

67
Q

Exceptions from GDPR: DP, LE*, IS

A

law enforcement

68
Q

Exceptions from GDPR: DP, LE, IS*

A

intelligence services

69
Q

Grounds for exemption from GDPR: C/L/PP*, R/P/J, J/R/A, H/SW/E/CA, F/M/N, R/E, IAOP, NS/D

A

Crime, law and public protection.

70
Q

Grounds for exemption from GDPR: C/L/PP, R/P/J*, J/R/A, H/SW/E/CA, F/M/N, R/E, IAOP, NS/D

A

Regulation, parliament and the judiciary.

71
Q

Grounds for exemption from GDPR: C/L/PP, R/P/J, J/R/A*, H/SW/E/CA, F/M/N, R/E, IAOP, NS/D

A

Journalism, research and archiving.

72
Q

Grounds for exemption from GDPR: C/L/PP, R/P/J, J/R/A, H/SW/E/CA*, F/M/N, R/E, IAOP, NS/D

A

Health, social work, education and child abuse.

73
Q

Grounds for exemption from GDPR: C/L/PP, R/P/J, J/R/A, H/SW/E/CA, F/M/N*, R/E, IAOP, NS/D

A

Finance, management and negotiations.

74
Q

Grounds for exemption from GDPR: C/L/PP, R/P/J, J/R/A, H/SW/E/CA, F/M/N, R/E*, IAOP, NS/D

A

References and exams.

75
Q

Grounds for exemption from GDPR: C/L/PP, R/P/J, J/R/A, H/SW/E/CA, F/M/N, R/E, IAOP*, NS/D

A

Information about other people.

76
Q

Grounds for exemption from GDPR: C/L/PP, R/P/J, J/R/A, H/SW/E/CA, F/M/N, R/E, IAOP, NS/D*

A

National security and defence.

ICAEW Law 11: Employment, data protection and intellectual property law. (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions