Data Management Flashcards
What do you think of emails?
Emails are great, however I need to take great care when sending e-mails. It is easy to release sensitive information to incorrect parties. Always take care to double check recipients prior to issue, even though emails appear less formal than written letters they can still have the ability to create contracts and form written instructions.
How does your firm store data in a safe and appropriate manner?
All stored on a central DMS, Rapleys have a data protection policy which works in line with GDPR and the Data Protection Act 2018. This includes the DMS to be reguarly backed up offline. We are unable to use USB sticks and have a clean desk policy to maintain. Documents no longer in use must be shredded and computers lock automatically after short periods of time. Authentication is required when logging in from outside the office or for external apps.
What are the 8 individual rights under GDPR?
the rights to be:
Informed
Access
Rectification
Erasure
Restrict Processing
Data Portability
Object
Automated decision making
What is the freedom of information Act 2000
Gives individuals the right of access to information held by public bodies.
Normally public bodies are required to supply information within 20 working days of a formal request.
It can charge for the provision of the information.
Who do you report data breaches to?
The ICO (Information Comisssioner’s Office) within 72 hours if personal data and a risk of harm to individuals
What possible fines are there?
4% of global turnover or (e)20 million euroes whichever is greatest.
What is the Data Protection Act 2018?
It is the UK’s implementation of GDPR. The Act is a complete data protection system so as well as governing personal data covered by GDPR, it covers all other general data as previously covered by the 1998 Act.
When did the Data Protection Act 2018 come into force?
May 2018 and it replaced the Data Protection Act 1998.
Does GDPR apply post Brexit ?
Yes, many aspects of GDPR will be converted into UK Law on 1st Jan 2021 under the titles UK GDPR. in turn companies will still need to comply
What will the changes include (GDPR post Brexit)?
What will the changes include (GDPR post Brexit)?
What are the 7 GDPR principles? - LADSPAS
Lawfulness, fairness and transparency – leave the individual fully informed
* Accuracy – where necessary kept up to date, erase inaccurate personal data without dela
* Data minimisation – collect the minimum data you need
* Storage limitation – Retain the data for a necessary limited period and then eras
* Purpose limitation – must inform your clients about the purpose of the data collection
* Accountability – Record and prove compliance
* Security - Integrity and confidentiality – Keep it secure, locked filing cabinet or fire wall
What does GDPR stand for ?
General Data Protection Regulation
Why do you keep company data for 12 years?
It is a requirement of our PII insurance that all contracts under deed are kept for a minimum of 12 years and under hand for 6 years. I am aware of the limitation act to claims which can be brought about up to 15 years after the act of negligence.
What are ISO Standards ?
International Organisation for Standardisation. An international standard setting body of representatives from varying national standards.
* ISO 9000 – Quality Management Systems
* ISO 8000 – Data Quality
* ISO 14001 – Environmental Management Systems
* ISO 45001 – Health and safety
What is the limitations act ?
The Limitation Act 1980 is an Act of the Parliament of the United Kingdom applicable only to England and Wales. It is a statute of limitations which provides timescales within which action may be taken for breaches of the law.