Data management Flashcards
Give me some examples of the principles of good data management.
Data Policy and Audit
ISO9001 accreditation sets out the requirements and our QMS system manages the data, use f data and deletion of date.
Why do the General Data Protection Regulations 2018 exist?
Brought in to cover modern data and technology
Following implimentation of the EU GDPR on May 2018
the GPDR was updated to incorporate new legislation
Both came into force May 2018
Which body is responsible for enforcing the GDPR?
The Information Commissioner’s Office
What does the Freedom of Information Act enable?
Act of parliament that creaes a public “right of access”
to information held by public authorities
There are exceptions
How do you ensure the data that you hold on your clients is kept secure and confidential?
Limit access to sensitive data
use smart passwords to resident details
Firewalls and antivirus protection
dedicated server
stay on top of security updates
How do you ensure only the necessary people can access the data you store on your “shared drives”?
I allow access for ‘only a person specified’
I NEVER enable the ‘anyone with the link’ option
How long do you keep client’s data and how do you ensure it is deleted when necessary?
12 years fo our PII and then it is deleted by our auditor
What current challenges is Covid and/or Brexit bringing to Data Management?
More reliance on technology, share drives, electronic communication and electronic meetings
Results in more risk of breach
What are 7 principles of the Data Protection Act?
Lawfulness, fairness and transparency
Purpose Limitation
Data minimisation
Accuracy
Storage limitation
Integrity and confidentiality
Accountability
Who enforces the Data Protection Act?
The Information Commissioner’s Office
How does your business stay compliant?/How does it effect the company?
Make all employees aware of the requirements, audit all personal data, update company privacy notices, review company procedures and identify the legal basis for processing data.
Why do you keep company data for 12 years?
It is a requirement of our PII insurance that all contracts under deed are kept for a minimum of 12 years and under hand for 6 years. I am aware of the limitation to claims which can be brought about up to 15 years after the act of negligence.
What is project extranet?
A computer network that allows controlled access from the outside for specific project purposes. Essentially is a system that allows individuals outside the company to view project files on a secure platform.
What is the benefit/disadvantages of project extranet?
Pros: Improves communication, 24 hour access, efficient, secure and reduces errors.
Cons: It is very expensive, requires maintenance, sometimes a communication delay and not particularly user friendly.
What are ISO standards and how does it apply to Data Management?
International Organisation for Standardisation. An international standard setting body of representatives from varying national standards.
ISO 8000 – Data Quality
ISO 9000 – Quality Management Systems
