Data Management Flashcards
What are some examples of data security technologies? (5)
- Disk encryption (encrypting data on a secure hard disk drive)
- Regular backups offsite
- Password protection
- Use of anti-virus software protection
- Firewalls
What is a firewall?
A network security device that monitors traffic to or from your network
What is copyright?
- A set of exclusive rights granted to the author or creator of any original work, including the right to copy
- Form of intellectual property
What is triangulation?
Triangulation is the process of verifying data from multiple sources to validate any data collected
What are the individual rights under UK GDPR? (8)
- Right to be informed
- Right to access
- Right to rectification
- Right to erasure
- Right to restrict processing
- Right to data portability
- Right to object
- Right to automated decision-making and profiling
What are the principles of the UK GDPR? (5)
Personal data must be:
- Processed lawfully, fairly, and in a transparent manner
- Collected for a specific and legitimate purpose
- Accurate and kept up to date
- Kept no longer than necessary
- Processed in a secure manner
What is the link between UK GDPR and the Data Protection Act 2018?
When the UK left the EU in 2016, it formed its own regulations, UK GDPR, which sits alongside the Data Protection Act 2018
What did the Data Protection Act 2018 replace?
Data Protection Act 1998
What is the aim of the UK GDPR/Data Protection Act 2018?
It aims to create a single data protection regime affecting businesses and empower individuals to take control of how their data is used by third parties
Who is the UK GDPR/Data Protection Act 2018 policed by?
Information Commissioner’s Office (ICO)
What can the fines be for data security breaches?
Up to 4% of global turnover of the company or £17.5 billion (whichever is greater)
What are some of the requirements of the UK GDPR/Data Protection Act 2018? (4)
- Obligation to conduct data protection impact assessments for high-risk holding of data
- Data controller decides how and why personal data is processed and is directly responsible for GDPR
- ‘Data Accountability’ ensures that organisations can prove to the ICO how they comply with the new regulations
- Data security breaches need to be reported to the ICO within 72 hours where there is a loss of personal data and a risk of harm to individuals
What is the Freedom of Information Act 2000? (2)
- Give individuals the right of access to information held by public bodies
- Public body is required to supply it within 20 working days
Are there any exemptions to the Freedom of Information Act 2000? (2)
- Contrary to GDPR requirements
- It would prejudice a criminal matter under investigation
What is a Non-Disclosure Agreement (NDA)
A legally enforceable contract between two parties relating to sensitive information