Data Management Flashcards
Gives me some examples of the principles of data management
- Data policy, broad high level principles forming framework
- Data ownership. Clear identification of data owner
- Appropriate metadata. Data about data
- Data quality. Able to integrate data with other data sets
Why does the data protection act 2018 exist?
- Required to protect personal data and privacy of UK citizens. Covers all companies that deal with data of UK citizens.
- Safe guards information ie name, address, financial details, religion etc.
- Data must be collected and used fairly. Only be held and used for the reason given.
- Must be accurate and up to date, not kept for longer than necessary
What body is responsible for enforcing GDPR & Data Protection Act?
European commission & information commissioner
What does free of information Act enable?
Creates public right of access to information held by public authorities. Enforced by Information commissioners office
How do you ensure the data that you hold is kept secure and confidential?
Password protected files, never leave laptop unattended and unlocked. Only use data I need to not expose anything confidential.
How do you ensure only necessary people have access to data stored on shared drives?
I set up passwords to access files which are shared with relevant persons. I request IT give permission to only certain people
How long do you keep clients data and how do you ensure it is deleted when necessary?
I keep data only as long as needed. I delete anything I do not need. I set reminders at end of projects to review information and whether it can be deleted yet.
What was the main change to the GDPR regulations in 2018?
Restrictions on personal data
Where would you find out about GDPR updates etc?
Information Commissioners Office (ICO)
What is highly protected data under GDPR?
Race, health, sexual orientation, sex, religion, political opinion, genetic data
What are the 6 key principles of the DPA and GDPR?
- information used lawfully, fairly and transparently
- collected for legitimate purpose
- adequate and relevant
- accurate
- kept safe
- kept no longer than necessary
What are some individual rights under the GDRP and DPA?
- informed
- access
- erasure
- object
- restrict processing
Who enforces the Data Protection Act 2018?
Information Commissioners Office
What is the link between the DPA and GDPR?
GDPR is European directive, DPA is UK interpretation
How does the DPA apply to the way NHBC handle personal data?
7 key principles. We make sure data is secure and safe etc