Data Management Flashcards
Can you tell me the three principles of GDPR?
GDPR - Lawfulness, fairness and transparency
Can you tell me the 7 principles of the Data Protection Act 2018?
Lawfulness, fairness and transparency. Purpose limitation. Data minimisation. Accuracy. Storage limitation. Integrity and confidentiality (security) Accountability
How do you comply with data protection in your role?
Data is stored on a secure property management system - which limits access to those who need to use it
I ensure that all data is stored here and not in common data folders, this is where personal data is stored and requires password access.
How do you process and handle confidential information?
Control access.
Use confidential waste bins and shredders.
Lockable document storage cabinets.
Secure delivery of confidential documents.
Email encryption
Employee training
What do the privacy and electronic communications regulations 2003 amended 2016 relate to?
Extra data protection rules for e-communications
What is copyright?
Author of original work has exclusive rights to control distribution
What is the freedom of information Act 2000?
- Right to information held by the public sector
- Request must be in writing
- Information must not be exempt
- 20 Days to respond
What legislation relates to the disposal of old files?
Limitation Act 1980
How long do old files need keeping?
At least 6 years, 12 if a deed
ideally 15 for PII
What is the difference between a deed and registered title?
A deed is absolute proof and title is good indication
What does encryption mean?
The process of converting information or data into a code, especially to prevent unauthorized access.
How can you protect electronic data from viruses
Educate your employees about ransomware and phishing attacks.
Firewall/antivirus software.
Review your password policy and update if necessary.
Back up your important business data.
Test your backup and its restore capabilities.
What is Blockchain?
A system of recording information in a way which makes it difficult or impossible to change or hack
What is a data controller?
Decides the purpose and manner that personal data is used
Name some ways you ensure data security?
- Firewalls
- Password management
- Don’t leave devices unattended
- Encryption
- Virus protection
- Caution on sharing social media
- Back up data
- Automatic updates
- Two step verification