Data Management Flashcards
- Explain the DPA 2018?
a. Aims to create a single data protection regime affecting businesses, and empower individuals to take control of how their data is used by third parties
b. UK GDPR is supplemented by the DPA 2018
c. Gives people the right to be informed about how their personal info is used
d. Policed by Information Commissioners Office (ICO)
- What are the principles of UK GDPR?
a. Users have the following
i. Right to be informed
ii. Right to access
iii. Right to rectification
iv. Right to erasure
v. Right to restrict processing
vi. Right to data portability
vii. Right to object
viii. Rights to automated decision making and profiling
- How do you store data securely?
a. Files saved within firm’s centralised database
b. Only store data and information for specific and legitimate reasons
c. Only users who need access, have access to relevant files
- What are the punishments for breaching DPA 2018?
a. Can be fined up to the greater of 4% of annual worldwide turnover or £17.5m
- Can personal data be kept indefinitely?
a. Yes if for the following reasons:
i. Archiving purposes in the public interest
ii. Scientific or historical research purposes
iii. Statistical purposes
- What is the Freedom of Information Act 2000?
a. Gives individuals the right of access to information held by public bodies
- How do you protect data you receive?
a. Encrypting data
b. Clear desk policy
c. Locking screens when not as desk
d. Regular password updates
e. Anti-virus software
f. Firewalls
g. Disaster recovery procedures
- What is copyright?
a. A set of exclusive rights granted to the creator of any original work, including the right to copy
b. These rights can be licensed, assigned or transferred
c. Crown copyright is material created by the government including laws, public records and OS mapping
- How can you improve security of data?
a. Firewalls
b. Encryption
c. Passwords
- What is a firewall?
a. Network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules
- What is encryption?
a. The method by which information is converted into secret code that hides the information’s true meaning
- How long should you keep records for?
a. The UK GDPR does not set specific time limits for different types of data. This is up to you, and will depend on how long you need the data for your specified purposes
- Are RICS due to release ant documentation on Data handling?
a. Proposed RICS Professional Statement on Data Handling and Prevention of Cybercrime
- How would you dispose of sensitive data?
a. If it was physical, I would dispose of it in the correct disposal bins that are placed around the office that are removed by specialist companies regularly and disposed of
What are the principles of the data protection act?
a. Lawfulness, fairness and transparency
b. Purpose limitation
c. Data minimisation
d. Accuracy
e. Storage limitation