Ch 19: Data Flashcards
What is personal data?
Information which would allow an individual to be identified, either on its own or when combined with other information.
What is sensitive personal data?
It is similar to personal data but is more private to the individual and is subject to much stricter regulation than other personal data.
Discuss the limitations when dealing with personal data.
Organisations have ethical and legislative responsibilities when dealing with personal data.
Many countries have data protection laws to protect individuals in terms of how individuals may process ad maintain personal data.
There may also be competition legislation that limits the uses to which data can be put.
List data items that could be considered to be personal data.
Personal data can include a combination of the following:
> name
> address
> personal email address
> occupation
> date of birth
> health status
> race or ethnicity
> criminal record
List items that could be considered to be sensitive personal data.
Sensitive personal data include items related to:
> racial or ethnic origin
> political opinions
> religion
> membership of trade unions
> physical or mental health conditions
> sexual life
> convictions and criminal acts
Define the concept big data.
Big data comprises very large datasets, often brought together from different sources.
What method can one use to avoid big data to being classified as personal?
Anonymisation
Define the concept data governance.
It is the overall management of the availability, usability, integrity and security of data.
Name the consequences of failing to to have a robust data governance policy in place.
Failure to have a data governance policy in place can lead to the following risks:
> legal risks
> operational risks
> reputational risks
> expense risks
Name the key risks relating to data. (6)
The key risks relating to data are:
> the data is inaccurate or incomplete
> the data are not credible due to being of insufficient volume
> the data are not sufficiently relevant for the intended purpose
> past data may not reflect what will happen in the future
> chosen data groups may not be optimal
> the data are not available in an appropriate form for the intended purpose
Discuss the responsibilities that organisations have when dealing with personal data.
Organisations have regulatory requirements which must be met:
> Most countries have data protection laws which protects individuals by regulating the way in which data is processed and maintained.
>Competition legislation also exists which limits the use to which personal data can be put.
> Seperate more strict legislation may exist when dealing with sensitive personal information.
> Failing to comply with these regulatory requirements may result in severe consequences e.g. fines or a professional liscense may be revoked.
Additionally, organisations have to comply with ethical codes. Failing to comply may lead to bad publicity and a bad reputation which eventually may lead to a failed business.
What does actuaries use data for?
Data is used for:
> setting premiums/contributions
> calculating provisions
> doing experience analyses
