Data management (1)

Question 1

What are the key pieces of legislations and regulators?

Answer 1

-UK GDPR (introduced in January 2021
- Data Protection Act 2018
- ICO (Information Commissioner’s Office)

Question 2

What are the 7 principles of data protection law?

Answer 2

1. lawfulness, fairness and transparency
2. Purpose limitation
3. Data minimisation
4. Accuracy
5. Storage limitation
6. Integrity and confidentiality (security
7. Accountability

Question 3

What is purpose limitation about?

Answer 3

If data (for example customer’s personal info) is collected for one purpose, it should not be used for anything else.

Question 4

Who is accountable of the protection of data in SW?

Answer 4

As a public body, SW have to appoint a DPO (Data Protection officer)

Question 5

What is the punishment for non-compliance?

Answer 5

ICO can fine up to 17.4 mil or 4 % of annual turnover.

Question 6

What rights do individuals have under the data protection legistlation?

Answer 6

1. right to be informed about the intended use of my personal data
2. right to access my personal data + any other info hold by an organisation
3. right to have personal date rectified if incorrect
4. right to request the removal of personal date aka right to be forgotten
5. right to block the processing of my date
6. right to data portability = reuse/ copy the data for my own purposes
   7.right to object against the way the data is processed
   (includes profiling by automated process which could have legal or other consequences)