Data Management Flashcards
How can you comply with UK GDPR when dealing with mailing lists?
What sort of information can a firm retain in order to comply with other laws?
What training have you undertaken on GDPR?
What systems does you firm have in place to ensure data security?
When collecting data how might you verify the authenticity of the data?
Through triangulation, by seeking the data out through another source. Or in terms of gathering from sites such a Rightmove, or Molior, I would verify the information by speaking directly to the agents involved.
What data security technologies are there?
Disk encryption - on a hard drive
Regular back ups off site
Password Protection
Use of Anti-virus software protection
Firewalls and disaster recovery procedures
What is Copyright?
A set of exclusive rights granted to the author or creator of any original work, including the right to copy.
They can be licensed, assigned or transferred
What regulations does the UK have for Data Protection?
the UK General Data Protection Regulation (GDPR) & the Data protection Act 2018
What does UK GDPR seek to achieve?
A single data protection regime affecting businesses and empowering individuals to take control of how their data is used.
It gives people rights to be informed about how their personal info is used.
What are the key requirements of UK GDPR?
XXXXXX Page 42
What must you/ your frim do if there is a data breach where there is a loss of personal data and a risk of harm to individuals? And what are the fines?
Data breaches like this, must be reported to the Information Commissioner’s Office (ICO) within 72 hours.
The fines are up to 4% of global turnover of the company or £17.5 million (whichever is greater).
What are the principles of the UK GDPR relating to personal data?
Article 5 (1) states personal data must be:
- Processed lawfully, fairly and in a transparent manner
- collected for specified, explicit and legitimate purposes, and not used for anything incompatible with this purpose
-Adequate, relevant and limited to what is necessary for the purposes
- Accurate and kept up to date
- kept in a way that enable identification for no longer than is necessary
- processed in a way that ensure adequate security
what are the 8 Individual Rights under UK GDPR
1) Right to be informed
2) Right of Access
3) Right of rectification
4) Right to erasure
5) Right to restrict processing
6) Right to data portability (Use for their own purposes)
7) Right to object
8) Rights to automated decision making and profiling
When was the Freedom of Information Act?
2000
What dies the Freedom of Information Act do?
Gives individuals the right of access to information held by public bodies