34. Data Management Flashcards

1
Q

What is the Data Protection Act 2018?

A
  • The act replaces previous 1998 legislation and manages how personal data is processed by organisations and the government.
  • It is the UK legislation for the implementation of the EU General Data Protection Regulations (GDPR).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the key Principles of the Data Protection Act 2018?

A
  • The act ensures that data is:-
    o Used fairly, lawfully and transparently.
    o Used in a way that is adequate, relevant and limited to only the purpose it is intended.
    o Is retained for no longer than is necessary.
    o Processed securely including the protection against unlawful use, loss or destruction.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are a person’s rights under the Data Protection Act?

A
  • People have the right to:-
    o To be informed about how their data is being used.
    o The right to access their data.
    o The right to have incorrect information updated.

    o To have their data erased.
    o To stop or restrict the processing of their data.
    o The right of portability.
    o To object to the use of their data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the meaning of a non-disclosure agreement?

A
  • Non-disclosure agreements are used to protect against the disclosure or sharing of any confidential data.
  • Prior to the confidential data being share with a recipient, clients will typically request that the recipient signs up to an NDA.
  • They are often used when confidential, sensitive, innovative or intellectual property information is being shared to prevent this information being used by competitors.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

If two separate departments within your firm were working for two rival companies how would you ensure client sensitive data was managed?

A
  • I would make the client aware of the risks involved and check their understanding of the conflict of interest.
  • I would ensure a letter of instruction to continue was obtained from the client.
  • Exclusivity of staff would be arranged.
  • The use of non-disclosure agreements would be considered.
  • Separate working locations from each of the teams would need to be put in place.
  • Secure document and data storage would be arranged to be used exclusively for the separate teams.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the 8 individual rights under GDPR?

A

* The right to be informed.
* The right of access.
* The right of rectification.
* The right to erasure.
* The right to restrict processing.
* The right to data portability.
* The right to object.
* Rights of automated decision making and profiling

ROADIER

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the consequence of breaking Data information act

A

The UK GDPR and DPA 2018 set a maximum fine of £17.5 million or 4% of annual global turnover

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Given your training in GDPR, describe how you handle personal and sensitive project data to ensure compliance with the Data Protection Act 2018.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the principles of GDPR?

A

Lawfulness, fairness and transparency
Purpose limitation
Data Minimisation
Accuracy

Storage limitation
Integrity and confidentiality
Accountability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly