8E + Flashcards
On what basis can insurers treat the disabled less favorably
Only if justified on the basis of actuarial or statistical information
What happens if an insurer can’t prove why they’ve treated someone unfairly?
Compensate for financial loss/inconveniece
Which type of schemes does the Test Achats not apply to?
Group schemes
4 key elements of DPA 2018
- sensitive data kept confiedential
- Restricting access rights
- Parental consent age
- Enhanced ICO powers
ICO powers
- Most serious – up to £17.5m or 4%
- Criminal proceedings if records altered
What happens to controllers where a processor is involved?
They are not relieved of their obligations
Can an online identifier be personal data?
Yes, e.g., an IP address
6 data protection principles
- Lawfulness
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Confidentiality
How to make processing lawful?
Firms need to identify a lawful basis
Six lawful bases for processing data
- Consent
- Contract
- Legal obligation
- Vital interests
- Public task
- Legitimate interests
8 GDPR rights
1, Be informed
2. Access
3. Rectify
4. Erase
5. Restrict processing
6. Data portability
7. Objection
8. Automated decision making an dprofile
SAR abbreviation
Subject access request
How long do companies have to respond to SARs?
Within one month (can take 2)
How can an individual request rectifiaction?
Verbally on in writing
Is the right to erasure absolute?
No
Is the right to restrict processing absolute?
No
Examples of good practice tools
Privacy impact assessments and privacy by design
What rights to individuals have of access?
Only structured information, not unstrucuted files
How much does access to health records cost?
Generally free of charge
Max cost of right of access if computerised?
£10
Max cost of right of access for copies?
£50
Exemption of right of access
If more likely to cause serious harm
What happens if the amount of data requested is disproportionate?
This may be illegal
How much does it cost for a a patient to request a copy of their corrected medical record?
Free
Where are ABI confidentiality guidelines?
In its Code of Practice
Who is responsible for ensuring the confidentiality of medical information?
CEO and CMO
Which members of staff do ABI confidentiality guidelines apply to?
All staff, including self-temployed
Who should medical reports be addressed to?
CMO
Who can open medical reports?
CMO
On what basis does the Mental Capacity Act assess capacity?
Decision and time specific
Who can authorise treatment or make a claim on someone’s behalf (under mental capacity act)?
Attorney, IMCA or public Guardian
What is the purpose of Consumer Insurance (Disclosure and Representations Act 2012)
Deals with questions of utmost good faith and disclosure
Honest and reasonable misrepresentation remedy
Insurer must pay the claim
Careless misrepresentation remedy
Based on what insurer would’ve done had the question been answered accurately
What happens if the insurer would’ve charged a higher premium for something that was not disclosed?
They will pay a proportion of the claims
Deliberate or reckless misrepresentation remedy
Treat the policy as though it never existed and decline all claims – may retain all premiums
Which act outlines utmost good faith rules?
Disclosure and Representations Act 2012
