DATA MANAGEMENT

Question 1

Define Personal data

Answer 1

Personal data is information relating to an identified or identifiable living

Question 2

What data management acts are there that you need to be aware of?

Answer 2

GDPR
DPA 2018

Question 3

What is Data Protection

Answer 3

How our personal and sensitive data is stored, collected and used

Question 4

What is GDPR

Answer 4

General Data Protection Regulations
A set of data protection rules created under EU Law and Regulation

Question 5

Who are key personnal under GDPR

Answer 5

a.Data Processor - The person who processes the data on behalf of the controller
b.Data Controller - The natural person who determines the purpose and means of processing personal data
c.Data Protection Officer - Leadership role employed

Question 6

What are the principles of GDPR/prinicples of data

Answer 6

Lawful, fair and transparent
Purpose Limitation
Minimisation
Accuracy
Stoarge Limitation
Security and Integrity
Accountability

Question 7

What are the individual rights under GDPR

Answer 7

There are 7 principles
a. The right to be informed.
b.The right of access.
c. The right of rectification.
d. The right to erasure.
e. The right to restrict processing.
f. The right to data portability.
g. The right to object.
h. Rights of automated decision making and profiling

Question 8

What is the DPA 2018

Answer 8

Data Protection Act 2018
It is the UK implementation of the GDPR
It manages how personal data is stored and managed by organisations

Question 9

What are the key principles of the DPA 2018

Answer 9

It ensures data is
a. Used fairly, transparently and lawfully
b. Used only for the purpose that it’s intended
c. Not retained longer than necessary
d. Processed securely

Question 10

What are individuals rights under the DPA 2018

Answer 10

People have the right to
a. Be informed about how their data is being used
b. Have access to their data
c. Have incorrect data updated
d. Have data erased
e. Object to their use of data

Question 11

How do companies ensure compliance with DPA 2018

Answer 11

They should only retain data they need
People need to be kept informed
Data should be held securely
Delete information that’s not necessary

Question 12

What is an NDA

Answer 12

Non-disclosure agreement
They prevent confidential information being shared, except by those who have signed the NDA

Question 13

What must be done if information is mishandled

Answer 13

It must be reported to the ICO (Information Commissioner’s Office) within 72 hours of discovery

Question 14

What is the penalty for not abiding by the GDPR?

Answer 14

Up to 20m Euros or 4% of the previous years turnover (whichever is higher)

Question 15

What is an NDA

Answer 15

Non-disclosure agreement
They prevent confidential information being shared, except by those who have signed the NDA

Question 16

What is the Freedom of Information Act 2000

Answer 16

The Freedom of Information Act 2000 provides public access to information held by public authorities.
It does this in two ways:
1. Public authorities are obliged to publish certain information about their activities;
2. Members of the public are entitled to request information from public authorities.