Data Management Flashcards

1
Q

What are some examples of data security technologies? (5)

A
  • Disk encryption (encrypting data on a secure hard disk drive)
  • Regular backups offsite
  • Password protection
  • Use of anti-virus software protection
  • Firewalls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a firewall?

A

A network security device that monitors traffic to or from your network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is copyright?

A
  • A set of exclusive rights granted to the author or creator of any original work, including the right to copy
  • Form of intellectual property
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is triangulation?

A

Triangulation is the process of verifying data from multiple sources to validate any data collected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the individual rights under UK GDPR? (8)

A
  1. Right to be informed
  2. Right to access
  3. Right to rectification
  4. Right to erasure
  5. Right to restrict processing
  6. Right to data portability
  7. Right to object
  8. Right to automated decision-making and profiling
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the principles of the UK GDPR? (5)

A

Personal data must be:
- Processed lawfully, fairly, and in a transparent manner
- Collected for a specific and legitimate purpose
- Accurate and kept up to date
- Kept no longer than necessary
- Processed in a secure manner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the link between UK GDPR and the Data Protection Act 2018?

A

When the UK left the EU in 2016, it formed its own regulations, UK GDPR, which sits alongside the Data Protection Act 2018

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What did the Data Protection Act 2018 replace?

A

Data Protection Act 1998

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the aim of the UK GDPR/Data Protection Act 2018?

A

It aims to create a single data protection regime affecting businesses and empower individuals to take control of how their data is used by third parties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Who is the UK GDPR/Data Protection Act 2018 policed by?

A

Information Commissioner’s Office (ICO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What can the fines be for data security breaches?

A

Up to 4% of global turnover of the company or £17.5 billion (whichever is greater)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are some of the requirements of the UK GDPR/Data Protection Act 2018? (4)

A
  • Obligation to conduct data protection impact assessments for high-risk holding of data
  • Data controller decides how and why personal data is processed and is directly responsible for GDPR
  • ‘Data Accountability’ ensures that organisations can prove to the ICO how they comply with the new regulations
  • Data security breaches need to be reported to the ICO within 72 hours where there is a loss of personal data and a risk of harm to individuals
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the Freedom of Information Act 2000? (2)

A
  • Give individuals the right of access to information held by public bodies
  • Public body is required to supply it within 20 working days
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Are there any exemptions to the Freedom of Information Act 2000? (2)

A
  • Contrary to GDPR requirements
  • It would prejudice a criminal matter under investigation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a Non-Disclosure Agreement (NDA)

A

A legally enforceable contract between two parties relating to sensitive information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How does your office keep its data secure?

A
  • Regular backups of the site (daily)
  • Passwords change every 60 days
17
Q

What is included in an NDA? (5)

A
  • Parties
  • Definition of what is deemed confidential
  • Scope of confidentiality
  • Exclusions of confidentiality
  • Signatures
18
Q

Who is bound by an NDA? Just the signatory or the whole company?

A

Whole company

19
Q

What are the different types of data structures? (2+3+3)

A

Split into:
- Linear structures e.g. array, linked list, stack, and;
- Non-linear structures e.g. trees, graphs, and tries

20
Q

How can you keep a confidential folder safeguarded? (3)

A
  • Clean desk policy
  • Password and encrypted files
  • Label clearly what is confidential
21
Q

How do you ensure accuracy in your data records? (4)

A
  • Regular data audits
  • Training and Education
  • Data source verification
  • Restrict the number of users
22
Q

Can you give an example of any negatives you have experienced with more tech software methods of data management? (2)

A
  • Need for skilled personnel
  • Costs
23
Q

Where do you store your client data?

A
  • External hard drives
  • Password-protected filing system
24
Q

Does it make a difference whether a file/folder contains personal data or purely company data?

A
25
Q

What is typically included within an NDA? (4)

A
  • Definition of confidential information
  • The parties
  • The terms and durations
  • Consequences of a breach
26
Q

How does a virtual data room comply with GDPR rules?

A
  • Only certain people can have access
  • Confidentiality obligations on those who gain access to these rooms
27
Q

How do you shut down a data room securely?

A

I would contact my company’s service desk to ensure it is shut down in a secure manner

28
Q

How do you set up a data room? (5)

A
  • Choose the best data room software
  • Identify the structure
  • Add users and permissions
  • Create an NDA
  • Organise documents and files
29
Q

What is the timeline for reporting a data breach to the ICO?

A

72 hours