Data Management Flashcards
What did you learn in your Data Privacy Awareness Training?
Awareness of phishing
Inappropriate posts on social media
Data security including being conscious of who can hear verbal discussions and leaving/opening documents in a public place
Rights that individuals have over their data
What are some advantages and disadvantages of Sharepoint?
Pros:
Integration with Microsoft Office - can work on documents at the same time as colleagues so good for collaboration
Customisable and can be used for a variety of purposes
Can manage document security and permissions
Easy to use
Cons:
Requires ongoing maintenance
Poor search capabilities
What are considerations for ensuring physical security of data
No tailgating
Locking filing cabienets
Confidential waste pins
Printing password
Being aware of who can see your computer screen/ locking it
What are considerations for ensuring security of electronic data?
Password protection
Encryption
Regular off site backups
Anti virus software
Two stage sign in to network
Being aware of phishing attempts and reporting suspicious emails
What is copyright?
A set of exclusive rights granted to the author or creator of any original work. These rights can be licensed, assigned or transferred. It is a form of intellectual property
How does the GDPR and Data Protection Act 2018 relate
GDPR is EU legislation brought in 2016 and the DPA brought that into UK law
What are the key requirements under the DPA 2018
Data protection impact assessment for high risk processing
New rights for individuals
Data controller who is directly responsible
Breaches to be reported to ICO within 72 hours where there is a risk of harm to individuals
What are the fines under DPA 2018
Standard - 2% global turnover or £8.7 max
Higher - 4% of global turnover or £17.5m whichever is greater max
What are the key principles of UK GDPR/DPA
Personal data must be:
Processed lawfully, fairly and transparently
Collected for a specified and legitimate purpose
Adequate, relevant and limited to what is necessary for the purpose for which it is processed
Accurate and where necessary kept up to date
Kept secure
What are the 8 individual rights?
Informed
Access
Rectification
Erasure
Restrict processing
Data portability
Object
In relation to automated decision making and profiling
What rights does the Freedom of Information Act 2000 and what is the process around it?
Gives individuals rights to access information held by public bodies
The public body must tell the individual whether it holds the information and supply it within 20 working days
Exemptions are allowed including if it would prejudice a criminal matter or a commercial interest
Encryption
Process of converting information or data into code to prevent unauthorised access (JLL use Oracle)
NDA
Legal contact outlining confidential
information and party/parties agreeing not to disclose it
Key steps to ensure accuracy of data
Appropriate method of collection and recording the source
Verifying against another source if possible
Process in place to update / person responsible
Be clear about what is opinion/assumption and what is fact
Have a process for rectification/deletion is a mistake is identified
How did you ensure the accuracy of the data in the Sharepoint site?
Access was restricted to members within the relevant teams. All members could edit the data to ensure efficient sharing of market knowledge. Myself and a colleague were responsible for managing the site and making sure the format was consistent and the quality/accuracy of the info for example verifying against another source and making sure more details were added after a sale completed. This was done through a diary reminder to check and monthly catch up. Version control allows you to see who has made edits so you can follow up with them if information is incomplete
