Data management Flashcards
Data sources
When assessing data it’s essential to consider the reliability of the source and the associated risks where possible you should verify the data against an alternative source
Data storage and security
It is essential the data is kept safe from corruption and the access to it is suitably controlled to ensure privacy and protection
Data security technology’s include
- Disk encryption
- Regular pack ups
- Password protection
- Antivirus software
- Fire Walls
Copyright
It is essential that you acknowledge any copyright information duplicated in your work.
What is the legislation surrounding data protection? 
UK general data protection regulation and the data protection act 2018.
The EU’s GDPR no longer applies in the UK but was almost entirely copied
UK GDPR is supplemented by the data protection act 2018
What does UK GDPR do? 
Is aims to create a single data protection regime affecting businesses and empower individuals to take control of how the data is used by third-Parties. 
Key requirements of GDPR
- An obligation to conduct data protection impact assessment for high-risk holding of data
- New rights for individuals to have access to information on what personal data is held and to have it erased
- A data controller decide how and why personal data is processed
- Data security breaches need to be reported to ICO within 72 hours where there is a loss of personal data and the risk of harm to individuals
- Fines of up to 4% of global turnover or 17.5 million (Which ever is the greater)
- Policed by the ICO (Information Commissioner’s Office)
Article 5 (1) Principles of UK GDPR
Article 5 (1) Principles relating to the storage of personal data states the data must be.
-Process lawfully fairly in a transparent manner
-Collected for specified explicit and legitimate purposes
-Adequate relevant and limited to what is necessary for the purposes for which they are processed
-Accurate and where necessary kept up-to-date inaccurate data should be erased
-  Processed in a manner that insures appropriate security of personal data including protection against unauthorised or unlawful processing and against accidental loss destruction or damage using appropriate technical or organisational measures.
Article 5 (2) Requires that the controller shall be responsible for and be able to demonstrate compliance with the principles

Eight individual rights under UK GDPR
- Right to be informed
- Right of access
- Rights for it to be rectified 
- Right to erasure
- Right to restrict processing
- Right to Data portability
- Right to object 
- Write to automated decision-making in profiling
Freedom of information act 2000
Gives individuals The rights of access to information held by public bodies.
The public body must tell any individual requesting sight of information whether it holds it
The public body can charge for the provision of information
There are various exemptions such as its country to GDPR requirements 
Special category data
Personal and special category data is personal data that needs more protection because it is sensitive may cause harm
Do not collect or process special category data without group legal consent
