CH13 Data Protection Flashcards

- Identify the key requirements of the Data Protection Act 2018, on the use of personal information and how the Act can affect the manner in which information systems are used by businesses

1
Q

What is a data processor responsible for?

A

Processing personal data on behalf of the controller

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does a data controller do?

A

Determines the purpose and means of processing personal data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are personal subjects?

A

Identified or identifiable individuals (not companies) to whom personal data relates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the Information Commissioner’s job?

A

To enforce the Data Protection Act

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How many hours does an organisation have to inform the Information Commissioner of a data breach?

A

72 hours

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the results of non-compliance with the Data Protection Act?

A

Criminal conviction
Fine of up to £18 mil or 4% of global turnover

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the data protection principles?

A
  1. Lawfulness, fairness, transparency
  2. Purpose limitation
  3. Data minimisation
  4. Accuracy
  5. Storage limitation
  6. Integrity and confidentiality
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the rights of data subjects?

A
  1. To be informed
  2. Access
  3. Rectification
  4. Erasure
  5. Portability
  6. Objection
  7. Automated decision making and profiling
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is exempt from the Data Protection Act?

A
  1. Employers may process data in accordance with employment law, e.g. payroll
  2. Academic institutions if the data processed is for academic purposes
  3. Scientific and historical research organisations where the principles would impair their core activities
  4. Individual rights are limited where they can be abused to commit crimes, disrupt legal proceedings or otherwise disrupt public authorities or regulators
How well did you know this?
1
Not at all
2
3
4
5
Perfectly