Confidential Information, Technology And Data Protection Flashcards
Gary would like to have a copy of all the records held on computer and paper by his insurer concerning his motor insurance policy and its associated claims. Under the General Data Protection Regulation, what are Gary’s rights, if any?
He only has the right to have a copy of any paper records held.
What is the main reason for which an employee must enter a password before using a company computer?
To preven open access
Which type of computer-held data is regulated under the General Data Protection Regulation?
Personal data
Characteristics of confidential information
Information can be classified as public data, corporate data and personal data. Confidential data falls into the corporate or personal categories
Principles of data protection
Legal requirements in the form of GDPR concern the holding and processing of information relating to individuals
Principles of data protection
All businesses handling such data have to abide by the data protection principles which have to do with the information being accurate, processed fairly and kept securely amongst other things
Personal data means
Any data relating to identifiable living individuals
Sensitive data relates to
Ethnicity, race, religion, politics, health and sexuality
The general data protection regulations gives individuals the right to
Erasure and the right to move their data.
Principles of data protection
It is compulsory to report any data breach and defines payable have been significantly increased
Principles of storage and disposal of documents
Documents and information should have restricted access, be backed up, protected from theft, be subject to copyright and should be stored and disposed of securely
Corporate data must be protected from
Malicious alteration, deliberate destruction and industrial espionage
Personal data must be protected from
Unauthorised disclosure or being used for blackmail
Security and current regulations
Under the terms of GDPR all data controllers must notify the office of the information commissioner details of data held and the purposes for which it is held
Security and current regulations
Restrictions apply to the transferences of data two countries outside the EEA
The computer misuse act provides
A deterrent against all forms of an authorised computer access and created three new criminal offences
Security and current regulations
The data protection act implements GDPR standards across all data processing. However, it differs from the GDPR in that it covers all other general data, law-enforcement data and national security data
What is an aggregator
Is a website portal or search utility which enables a client to gain several quotes via an electronic E quote form
The Internet of things involve… IOT
Communication between networked devices these are a source of real-time data on customers
Telematics consists of
A high frequency motion sensor which captures how and when a car is driven
Challenges facing the insurance industry
For insurers social media can provide an interactive relationship with the customer with opportunities to engage with individuals and communities in personalised dialogue
Challenges facing the insurance industry
The increasing volume of data from a variety of sources means the industry has to seek greater storage sophistication in order to manage and protect it
Challenges facing the insurance industry
Mobile devices are susceptible to theft and loss and security available it’s not as adequate as that for desktops
Challenges facing the insurance industry
Wow insurers are seeking to ensure adequate protection of their own data there is a growing demand for cyber insurance to be provided by the insurance industry
What are the data protection principles that all businesses handling data must comply with. All personal data should be
Processed lawfully, fairly and in a transparent manner.
Collected for specified, explicit and legitimate purposes and not further processed in a matter that is incompatible with those purposes. Adequate relevant and limited to what is necessary in relation to the purposes for which it is processed. Accurate and where necessary kept up-to-date. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data is processed. Processed in a manner that insures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures
Information is generally grouped as
Public data. Corporate data. Personal data
What are security procedures that can be used in the storage and disposal of documents
Restricted access. For saving and back up. Sauce documentation retention. Protected against theft. Copyright. Use of passwords or file disposal
What kind of data is covered by general data protection regulation
They are concerned with personal data held on automatic data processing equipment or recorded in a relevant filing system (manually)
Corporate data should be protected from
Malicious alteration. Deliberate destructive acts. Industrial espionage
Against whom does computer misuse act 1990 of protection
It offers protection against persons who gain unauthorised access to a computer system
What information is provided by telematics when used in cars
The time of day or night the car is driven. The speed at which it is driven on different sorts of road. How smoothly it is driven. Where the brakes are taken on long journeys. How many motorway miles are driven. Total mileage. Total number of journeys made
The purpose of general data protection regulations is to protect
Individuals whose data is held on computer systems
