Data Management Flashcards
What are the GDPR regulations?
General Data Protection Regulations
How are the GDPR regulations implemented in the UK?
Implemented in the UK as the Data Protection Act 2018.
What are the responsibilities for those using personal data?
• Used fairly, lawfully and transparently.
• Used for specific, explicit purposes.
• Used in a way that is adequate, relevant and limited to only what is necessary.
• That the info is accurate and where required kept up to date.
• Not kept longer than is necessary.
• Must be handled securely.
What kinds of information have stronger legal protection?
Sensitive information such as race, ethnicity, political and religious beliefs, gender, health and sexuality.
What rights does an individual have under GDPR?
The right to:
• Be informed about how your data is used.
• Access personal data.
• Have incorrect information updated.
• Have data erased.
• Stop or restrict the processing of your data.
• Data portability.
• Object to how your data is processed in certain circumstances.
What process should be followed to find out what data is held about you?
- Write to Data Protection Officer (DPO) or company secretary if no DPO.
- 28 days to provided full copy of all data held.
- Can extend up to two months if request is complex. Must inform of this within one month of request and explain why there’s a delay.
When can data be withheld?
Data can be withheld if it relates to:
• prevention, detection or investigation of crime .
• national security or armed forces
• judicial or ministerial appointments
How much does a request for information cost?
It is usually free, however can incur a cost of request is large or will take a lot of time and effort to process.
