Data Management Flashcards

1
Q

Explain the result of a breach in GDPR?

A

Substantial fines of up to £17.5 million or 4% of global turnover - whichever is greater.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the key data protection principles of GDPR?

A
Lawful, fair, transparent
Accuracy
Data minimisation
Data sensitivity
Purpose limitation
Accountability
Storage limitation
Integrity and confidentiality 

LADSPAS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the Data Protection Act 2018?

A

▪ The act replaces previous 1998 legislation and manages how personal data is processed by organisations and the government.
▪ It is the UK legislation for the implementation of the EU General Data Protection Regulations (GDPR).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the key Principles of the Data Protection Act 2018?

A

▪ The act ensures that data is:-
• Used fairly, lawfully and transparently.
• Used in a way that is adequate, relevant and limited to only the purpose
it is intended.
• Is retained for no longer than is necessary.
• Processed securely including the protection against unlawful use, loss or destruction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Who are the key persons outlined within GDPR?

A

▪ Controller
• The controller is the natural person or legal entity that determines the purposes and means of the processing of personal data for example when processing an employee’s personal data, the employer is considered to be the controller.
▪ Processor
• A natural person or legal entity that processes personal data on behalf of the controller for example a call centre acting on behalf of its client is considered to be a processor.
▪ Data Protection Officer (DPO)
• The Data Protection Officer is a leadership role required by EU GDPR. This role exists within companies that process the personal data of EU citizens. A DPO is responsible for overseeing the data protection approach, strategy, and its implementation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are a person’s rights under the Data Protection Act?

A

People have the right to:-
• To be informed about how their data is being used.
• The right to access their data.
• The right to have incorrect information updated.
• To have their data erased.
• To stop or restrict the processing of their data.
• The right of portability.
• To object to the use of their data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How do you comply with GDPR within your role?

A

Data security - online data and security measures. (passwords, two way authentication, secure desktop).
Data minimisation - only collecting data which is necessary for the instruction.
Purpose limitation - only using the data for the relevant instruction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How do you collect and store data within your organisation?

A

I collect data from published sources or directly from client contacts. Data is stored in the folder for the specific job, on a secure desktop and kept for a period of 6 years.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What would you class as personal data?

A

Any information that could be used to identify an individual.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Do you have to report every breach of personal data?

A

No, there are examples on the ICO website.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Data risk from using a drone?

A

Taking photos of general public without consent. To prevent, a company may letter drop, announce the use of the drone, erect signage. Evidence that you followed guidelines and pre planned flight to minimise data capture. Review immediately and delete data, delete date as soon as it has been used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the time limit to report a breach of data?

A

72 hours

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How long would you keep records of due diligence checks of clients? (PS - Countering Bribery, Corruption, Money Laundering and Terrorist Financing 2018)

A

5 years

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the penalties for breaching NDA?

A

Sued for damages or subject to an injunction? Contractual agreement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How do you disclose information to insurers and RICS?

A

Seek consent in ToE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How can we check that data is accurate?

A

Cross checks/references

Check quality of data. - contact agents